Merge pull request #31 from SamhammerAG/ASMO-6562-firefox-auth-fix

Asmo-6562: firefox auth fix

Author: LeonSnajdr

sources/src/AuthLogger.ts

@@ -0,0 +1,21 @@
+class AuthLogger {
+    private prefix = "[SAGAUTH]";
+
+    public debug(...messages: unknown[]) {
+        console.debug(this.prefix, ...messages);
+    }
+
+    public log(...messages: unknown[]) {
+        console.log(this.prefix, ...messages);
+    }
+
+    public warn(...messages: unknown[]) {
+        console.warn(this.prefix, ...messages);
+    }
+
+    public error(...messages: unknown[]) {
+        console.error(this.prefix, ...messages);
+    }
+}
+
+export default new AuthLogger();

sources/src/AuthPlugin.ts

@@ -5,6 +5,7 @@ import { v4 as uuidv4 } from "uuid";
 import type { AuthOptions } from "./AuthOptions";
 import { AuthEvents, AuthEventNames } from "./AuthEvents";
 import StoreProvider from "./StoreProvider";
+import AuthLogger from "./AuthLogger";
 
 export class AuthPlugin {
     private authOptions: AuthOptions | undefined;
@@ -130,11 +131,14 @@ class KeycloakPlugin {
                 idTokenKey: `${authOptions.appClientId}-idToken`
             };
 
-            return this.initKeycloak();
+            AuthLogger.log("Init keycloak");
+            return await this.initKeycloak();
         } catch (error) {
-            console.error("auth init failed", error);
+            AuthLogger.warn("Init keycloak failed", error);
             await this.clearStorage();
-            return false;
+
+            AuthLogger.log("Retry init keycloak without tokens");
+            return await this.initKeycloak();
         }
     }
 
@@ -158,9 +162,7 @@ class KeycloakPlugin {
             ...this.pluginState.authOptions.keycloakInitOptions
         });
 
-        if (authenticated) {
-            console.debug("authenticated keycloak");
-        }
+        AuthLogger.debug(authenticated ? "Authenticated keycloak" : "Not authenticated keycloak");
 
         return authenticated;
     }
@@ -171,28 +173,28 @@ class KeycloakPlugin {
     }
 
     public async login(redirectUri: string, idp: string): Promise<void> {
-        console.debug("login navigating to keycloak with returnUrl", redirectUri);
+        AuthLogger.debug("Login navigating to keycloak with returnUrl", redirectUri);
 
         if (!this.pluginState || !this.pluginState?.keycloak) throw new Error("Init has to be called first");
         await this.pluginState.keycloak.login({ redirectUri, idpHint: idp });
     }
 
     public createLoginUrl(redirectUri: string, idp: string): string {
-        console.debug("create loginUrl to keycloak with returnUrl", redirectUri);
+        AuthLogger.debug("Create loginUrl to keycloak with returnUrl", redirectUri);
 
         if (!this.pluginState || !this.pluginState.keycloak) throw new Error("Init has to be called first");
         return this.pluginState.keycloak.createLoginUrl({ redirectUri, idpHint: idp });
     }
 
     public createLogoutUrl(redirectUri: string): string {
-        console.debug("create logoutUrl to keycloak with returnUrl", redirectUri);
+        AuthLogger.debug("Create logoutUrl to keycloak with returnUrl", redirectUri);
 
         if (!this.pluginState || !this.pluginState.keycloak) throw new Error("Init has to be called first");
         return this.pluginState.keycloak.createLogoutUrl({ redirectUri });
     }
 
     public async logout(redirectUri: string): Promise<void> {
-        console.debug("logout navigating to keycloak with returnUrl", redirectUri);
+        AuthLogger.debug("Logout navigating to keycloak with returnUrl", redirectUri);
 
         await this.clearStorage();
 
@@ -223,10 +225,10 @@ class KeycloakPlugin {
             const successful: boolean = await this.pluginState.keycloak.updateToken(minValidity);
 
             if (successful) {
-                console.debug("token refreshed");
+                AuthLogger.debug("Token refreshed");
             }
         } catch (error) {
-            console.error("token refresh failed", error || "token may be empty");
+            AuthLogger.error("Token refresh failed", error || "token may be empty");
         }
     }
 
@@ -277,7 +279,9 @@ class GuestPlugin {
 
         if (guestId) {
             guestRoles = authOptions.guestRoles || ["User"];
-            console.debug("authenticated guest");
+            AuthLogger.debug("Authenticated guest");
+        } else {
+            AuthLogger.debug("Not authenticated guest");
         }
 
         this.pluginState = {
@@ -290,7 +294,7 @@ class GuestPlugin {
     }
 
     public async login(authOptions: AuthOptions): Promise<void> {
-        console.debug("login guest");
+        AuthLogger.debug("Login guest");
 
         if (!this.pluginState) throw new Error("Init has to be called first");
 
@@ -301,7 +305,7 @@ class GuestPlugin {
     }
 
     public async logout(): Promise<void> {
-        console.debug("logout guest");
+        AuthLogger.debug("Logout guest");
 
         if (!this.pluginState) return;
 

sources/src/AxiosAuthInterceptor.ts

@@ -1,6 +1,7 @@
 import type { AxiosError, AxiosInstance } from "axios";
 import { AuthEvents, AuthEventNames } from "./AuthEvents";
 import Auth from "./index";
+import AuthLogger from "./AuthLogger";
 
 export class AxiosAuthInterceptor {
     public static addAuthTokenInterceptor(axiosInstance: AxiosInstance): number {
@@ -22,10 +23,10 @@ export class AxiosAuthInterceptor {
     public static addAuthErrorInterceptor(axiosInstance: AxiosInstance): number {
         return axiosInstance.interceptors.response.use(null, (error: AxiosError) => {
             if (error.response?.status === 401) {
-                console.warn("axios api request requires authentication", error.config?.url, error.message);
+                AuthLogger.warn("Axios api request requires authentication", error.config?.url, error.message);
                 AuthEvents.emit(AuthEventNames.loginRequired);
             } else if (error.response?.status === 403) {
-                console.warn("axios api request requires permission", error.config?.url, error.message);
+                AuthLogger.warn("Axios api request requires permission", error.config?.url, error.message);
                 AuthEvents.emit(AuthEventNames.permissionDenied);
             }