scm-ui/ui-components/src/apiclient.ts

import { contextPath } from "./urls";
import { createBackendError, ForbiddenError, isBackendError, UnauthorizedError } from "./errors";
import { BackendErrorContent } from "./errors";

const extractXsrfTokenFromJwt = (jwt: string) => {
  const parts = jwt.split(".");
  if (parts.length === 3) {
    return JSON.parse(atob(parts[1])).xsrf;
  }
};

// @VisibleForTesting
export const extractXsrfTokenFromCookie = (cookieString?: string) => {
  if (cookieString) {
    const cookies = cookieString.split(";");
    for (const c of cookies) {
      const parts = c.trim().split("=");
      if (parts[0] === "X-Bearer-Token") {
        return extractXsrfTokenFromJwt(parts[1]);
      }
    }
  }
};

const extractXsrfToken = () => {
  return extractXsrfTokenFromCookie(document.cookie);
};

const applyFetchOptions: (p: RequestInit) => RequestInit = o => {
  const headers: { [key: string]: string } = {
    Cache: "no-cache",
    // identify the request as ajax request
    "X-Requested-With": "XMLHttpRequest",
    // identify the web interface
    "X-SCM-Client": "WUI"
  };

  const xsrf = extractXsrfToken();
  if (xsrf) {
    headers["X-XSRF-Token"] = xsrf;
  }

  o.credentials = "same-origin";
  o.headers = headers;
  return o;
};

function handleFailure(response: Response) {
  if (!response.ok) {
    if (isBackendError(response)) {
      return response.json().then((content: BackendErrorContent) => {
        throw createBackendError(content, response.status);
      });
    } else {
      if (response.status === 401) {
        throw new UnauthorizedError("Unauthorized", 401);
      } else if (response.status === 403) {
        throw new ForbiddenError("Forbidden", 403);
      }

      throw new Error("server returned status code " + response.status);
    }
  }
  return response;
}

export function createUrl(url: string) {
  if (url.includes("://")) {
    return url;
  }
  let urlWithStartingSlash = url;
  if (url.indexOf("/") !== 0) {
    urlWithStartingSlash = "/" + urlWithStartingSlash;
  }
  return `${contextPath}/api/v2${urlWithStartingSlash}`;
}

class ApiClient {
  get(url: string): Promise<Response> {
    return fetch(createUrl(url), applyFetchOptions({})).then(handleFailure);
  }

  post(url: string, payload?: any, contentType = "application/json") {
    return this.httpRequestWithJSONBody("POST", url, contentType, payload);
  }

  postBinary(url: string, fileAppender: (p: FormData) => void) {
    const formData = new FormData();
    fileAppender(formData);

    const options: RequestInit = {
      method: "POST",
      body: formData
    };
    return this.httpRequestWithBinaryBody(options, url);
  }

  put(url: string, payload: any, contentType = "application/json") {
    return this.httpRequestWithJSONBody("PUT", url, contentType, payload);
  }

  head(url: string) {
    let options: RequestInit = {
      method: "HEAD"
    };
    options = applyFetchOptions(options);
    return fetch(createUrl(url), options).then(handleFailure);
  }

  delete(url: string): Promise<Response> {
    let options: RequestInit = {
      method: "DELETE"
    };
    options = applyFetchOptions(options);
    return fetch(createUrl(url), options).then(handleFailure);
  }

  httpRequestWithJSONBody(method: string, url: string, contentType: string, payload?: any): Promise<Response> {
    const options: RequestInit = {
      method: method
    };
    if (payload) {
      options.body = JSON.stringify(payload);
    }
    return this.httpRequestWithBinaryBody(options, url, contentType);
  }

  httpRequestWithBinaryBody(options: RequestInit, url: string, contentType?: string) {
    options = applyFetchOptions(options);
    if (contentType) {
      if (!options.headers) {
        options.headers = new Headers();
      }
      // @ts-ignore
      options.headers["Content-Type"] = contentType;
    }

    return fetch(createUrl(url), options).then(handleFailure);
  }
}

export const apiClient = new ApiClient();
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`import { contextPath } from "./urls";`
apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`import { createBackendError, ForbiddenError, isBackendError, UnauthorizedError } from "./errors";`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`import { BackendErrorContent } from "./errors";`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00
implement client side xsrf protection 2019-11-18 11:45:48 +01:00			`const extractXsrfTokenFromJwt = (jwt: string) => {`
			`const parts = jwt.split(".");`
			`if (parts.length === 3) {`
			`return JSON.parse(atob(parts[1])).xsrf;`
			`}`
			`};`

			`// @VisibleForTesting`
			`export const extractXsrfTokenFromCookie = (cookieString?: string) => {`
			`if (cookieString) {`
			`const cookies = cookieString.split(";");`
			`for (const c of cookies) {`
			`const parts = c.trim().split("=");`
			`if (parts[0] === "X-Bearer-Token") {`
			`return extractXsrfTokenFromJwt(parts[1]);`
			`}`
			`}`
			`}`
			`};`

			`const extractXsrfToken = () => {`
			`return extractXsrfTokenFromCookie(document.cookie);`
			`};`

migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`const applyFetchOptions: (p: RequestInit) => RequestInit = o => {`
implement client side xsrf protection 2019-11-18 11:45:48 +01:00			`const headers: { [key: string]: string } = {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`Cache: "no-cache",`
identify ui requests as ajax requests 2019-03-12 13:55:34 +01:00			`// identify the request as ajax request`
Don't use anonymous access after access token expires 2019-11-12 13:49:37 +01:00			`"X-Requested-With": "XMLHttpRequest",`
implement client side xsrf protection 2019-11-18 11:45:48 +01:00			`// identify the web interface`
Don't use anonymous access after access token expires 2019-11-12 13:49:37 +01:00			`"X-SCM-Client": "WUI"`
Fix content type of requests Without this fix, a content type would be stored in the headers array of the constant fetchOptions once they are set. This way they will be used whenever no explicit content type is set, which is (and mus be) the case for multipart form data. 2019-09-04 14:47:13 +02:00			`};`
implement client side xsrf protection 2019-11-18 11:45:48 +01:00
			`const xsrf = extractXsrfToken();`
			`if (xsrf) {`
			`headers["X-XSRF-Token"] = xsrf;`
			`}`

			`o.credentials = "same-origin";`
			`o.headers = headers;`
Fix content type of requests Without this fix, a content type would be stored in the headers array of the constant fetchOptions once they are set. This way they will be used whenever no explicit content type is set, which is (and mus be) the case for multipart form data. 2019-09-04 14:47:13 +02:00			`return o;`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`};`

improve error handling in the ui 2018-11-15 21:39:08 +01:00			`function handleFailure(response: Response) {`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`if (!response.ok) {`
improve error handling in the ui 2018-11-15 21:39:08 +01:00			`if (isBackendError(response)) {`
use reflow to migrate from flow to typescript 2019-10-19 16:38:07 +02:00			`return response.json().then((content: BackendErrorContent) => {`
			`throw createBackendError(content, response.status);`
			`});`
improve error handling in the ui 2018-11-15 21:39:08 +01:00			`} else {`
Fixed 401 message on login 2019-02-25 17:40:53 +01:00			`if (response.status === 401) {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`throw new UnauthorizedError("Unauthorized", 401);`
Added ui error handling for 403 errors 2019-03-04 11:49:12 +01:00			`} else if (response.status === 403) {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`throw new ForbiddenError("Forbidden", 403);`
Fixed 401 message on login 2019-02-25 17:40:53 +01:00			`}`
Added ui error handling for 403 errors 2019-03-04 11:49:12 +01:00
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`throw new Error("server returned status code " + response.status);`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`
			`}`
			`return response;`
			`}`

fix bug in createUrl of apiclient and added tests 2018-07-12 08:22:27 +02:00			`export function createUrl(url: string) {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`if (url.includes("://")) {`
Improved flow coverage, fixed bugs and enabled deleting users 2018-07-11 12:02:53 +02:00			`return url;`
			`}`
fix bug in createUrl of apiclient and added tests 2018-07-12 08:22:27 +02:00			`let urlWithStartingSlash = url;`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`if (url.indexOf("/") !== 0) {`
			`urlWithStartingSlash = "/" + urlWithStartingSlash;`
improve module unit tests 2018-07-11 22:01:36 +02:00			`}`
remove the rest/ path from endpoints 2018-10-01 17:22:03 +02:00			return `${contextPath}/api/v2${urlWithStartingSlash}`;
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`

			`class ApiClient {`
Improved flow coverage, fixed bugs and enabled deleting users 2018-07-11 12:02:53 +02:00			`get(url: string): Promise<Response> {`
do not use function as fetch argument, use the resulting object This should fix the login problem "Error: e._links.me is undefined" on older firefox browsers such as 56.0.2 2019-09-26 15:42:21 +02:00			`return fetch(createUrl(url), applyFetchOptions({})).then(handleFailure);`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`

Make payload parameter optional 2019-11-05 16:10:41 +01:00			`post(url: string, payload?: any, contentType = "application/json") {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`return this.httpRequestWithJSONBody("POST", url, contentType, payload);`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`

use reflow to migrate from flow to typescript 2019-10-19 16:38:07 +02:00			`postBinary(url: string, fileAppender: (p: FormData) => void) {`
apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`const formData = new FormData();`
Add upload api for files 2019-08-30 09:11:14 +02:00			`fileAppender(formData);`
Add method to upload files to api client 2019-08-29 16:37:57 +02:00
apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`const options: RequestInit = {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`method: "POST",`
			`body: formData`
Add method to upload files to api client 2019-08-29 16:37:57 +02:00			`};`
Add upload api for files 2019-08-30 09:11:14 +02:00			`return this.httpRequestWithBinaryBody(options, url);`
Add method to upload files to api client 2019-08-29 16:37:57 +02:00			`}`

apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`put(url: string, payload: any, contentType = "application/json") {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`return this.httpRequestWithJSONBody("PUT", url, contentType, payload);`
Added user add functionality 2018-07-11 17:02:38 +02:00			`}`

get contextType 2018-10-25 13:45:52 +02:00			`head(url: string) {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`let options: RequestInit = {`
			`method: "HEAD"`
get contextType 2018-10-25 13:45:52 +02:00			`};`
Fix content type of requests Without this fix, a content type would be stored in the headers array of the constant fetchOptions once they are set. This way they will be used whenever no explicit content type is set, which is (and mus be) the case for multipart form data. 2019-09-04 14:47:13 +02:00			`options = applyFetchOptions(options);`
improve error handling in the ui 2018-11-15 21:39:08 +01:00			`return fetch(createUrl(url), options).then(handleFailure);`
add head request 2018-10-15 16:45:44 +02:00			`}`

Improved flow coverage, fixed bugs and enabled deleting users 2018-07-11 12:02:53 +02:00			`delete(url: string): Promise<Response> {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`let options: RequestInit = {`
			`method: "DELETE"`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`};`
Fix content type of requests Without this fix, a content type would be stored in the headers array of the constant fetchOptions once they are set. This way they will be used whenever no explicit content type is set, which is (and mus be) the case for multipart form data. 2019-09-04 14:47:13 +02:00			`options = applyFetchOptions(options);`
improve error handling in the ui 2018-11-15 21:39:08 +01:00			`return fetch(createUrl(url), options).then(handleFailure);`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`

Make payload parameter optional 2019-11-05 16:10:41 +01:00			`httpRequestWithJSONBody(method: string, url: string, contentType: string, payload?: any): Promise<Response> {`
apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`const options: RequestInit = {`
Make payload parameter optional 2019-11-05 16:10:41 +01:00			`method: method`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`};`
Make payload parameter optional 2019-11-05 16:10:41 +01:00			`if (payload) {`
			`options.body = JSON.stringify(payload);`
			`}`
Add upload api for files 2019-08-30 09:11:14 +02:00			`return this.httpRequestWithBinaryBody(options, url, contentType);`
Add method to upload files to api client 2019-08-29 16:37:57 +02:00			`}`

apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`httpRequestWithBinaryBody(options: RequestInit, url: string, contentType?: string) {`
Fix content type of requests Without this fix, a content type would be stored in the headers array of the constant fetchOptions once they are set. This way they will be used whenever no explicit content type is set, which is (and mus be) the case for multipart form data. 2019-09-04 14:47:13 +02:00			`options = applyFetchOptions(options);`
Add upload api for files 2019-08-30 09:11:14 +02:00			`if (contentType) {`
migrate ui-components from flow to typescript 2019-10-20 16:59:02 +02:00			`if (!options.headers) {`
			`options.headers = new Headers();`
			`}`
			`// @ts-ignore`
			`options.headers["Content-Type"] = contentType;`
Add upload api for files 2019-08-30 09:11:14 +02:00			`}`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00
improve error handling in the ui 2018-11-15 21:39:08 +01:00			`return fetch(createUrl(url), options).then(handleFailure);`
add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00			`}`
			`}`

apply eslint and prettier rules 2019-10-21 10:57:56 +02:00			`export const apiClient = new ApiClient();`