Remove old auth from front

2025-05-24 02:02:36 -04:00 · 2022-04-23 23:41:43 +02:00 · 2022-04-23 23:41:43 +02:00 · aa673e1acc
commit aa673e1acc
parent 9468346617
12 changed files with 2410 additions and 2368 deletions
--- a/.env.example
+++ b/.env.example
@ -1,2 +1,3 @@
 TVDB__APIKEY=
 THEMOVIEDB__APIKEY=
+AUTHENTICATION_SECRET=
--- a/.gitignore
+++ b/.gitignore
@ -356,3 +356,4 @@ healthchecksdb
 /Kyoo/TheTVDB-Credentials.json

 .vscode
+.netcoredbg_hist
--- a/front/package.json
+++ b/front/package.json
@ -26,7 +26,6 @@
 		"@angular/platform-browser": "^13.0.2",
 		"@angular/platform-browser-dynamic": "^13.0.2",
 		"@angular/router": "^13.0.2",
-		"angular-auth-oidc-client": "^13.0.0",
 		"bootstrap": "^4.6.0",
 		"detect-browser": "^5.2.1",
 		"hls.js": "^1.1.1",
--- a/front/projects/host/src/app/auth/auth.module.ts
+++ b/front/projects/host/src/app/auth/auth.module.ts
@ -16,7 +16,6 @@ import { MatSliderModule } from "@angular/material/slider";
 import { MatTabsModule } from "@angular/material/tabs";
 import { MatTooltipModule } from "@angular/material/tooltip";
 import { RouterModule } from "@angular/router";
-import { AuthModule as OidcModule, LogLevel } from "angular-auth-oidc-client";
 import { tap } from "rxjs/operators";
 import { AccountComponent } from "./account/account.component";
 import { LogoutComponent } from "./logout/logout.component";
@ -48,25 +47,6 @@ import { UnauthorizedComponent } from "./unauthorized/unauthorized.component";
 		FormsModule,
 		MatTabsModule,
 		MatCheckboxModule,
-		OidcModule.forRoot({
-			config: {
-				authority: window.location.origin,
-				redirectUrl: `${window.location.origin}/`,
-				postLogoutRedirectUri: `${window.location.origin}/logout`,
-				clientId: "kyoo.webapp",
-				responseType: "code",
-				triggerAuthorizationResultEvent: false,
-				scope: "openid profile offline_access kyoo.read kyoo.write kyoo.play kyoo.admin",
-				silentRenew: true,
-				silentRenewUrl: `${window.location.origin}/silent.html`,
-				useRefreshToken: true,
-				startCheckSession: true,
-
-				forbiddenRoute: `${window.location.origin}/forbidden`,
-				unauthorizedRoute: `${window.location.origin}/unauthorized`,
-				logLevel: LogLevel.Warn
-			}
-		}),
 		RouterModule
 	],
 	entryComponents: [
--- a/front/projects/host/src/app/auth/auth.service.ts
+++ b/front/projects/host/src/app/auth/auth.service.ts
@ -1,7 +1,5 @@
 import { Injectable } from "@angular/core";
-import { LoginResponse, OidcSecurityService } from "angular-auth-oidc-client";
 import { Account } from "../models/account";
-import { HttpClient } from "@angular/common/http";

@Injectable({
 	providedIn: "root"
@ -11,37 +9,15 @@ export class AuthService
 	isAuthenticated: boolean = false;
 	account: Account = null;

-	constructor(private oidcSecurityService: OidcSecurityService, private http: HttpClient)
+	constructor()
 	{
-		this.oidcSecurityService.checkAuth()
-			.subscribe((auth: LoginResponse) => this.isAuthenticated = auth.isAuthenticated);
-		this.oidcSecurityService.userData$.subscribe(x =>
-		{
-			if (x?.userData == null)
-			{
-				this.account = null;
-				this.isAuthenticated = false;
-				return;
-			}
-			this.account = {
-				email: x.userData.email,
-				username: x.userData.username,
-				picture: x.userData.picture,
-				permissions: x.userData.permissions?.split(",") ?? []
-			};
-		});
 	}

 	login(): void
 	{
-		this.oidcSecurityService.authorize();
 	}

 	logout(): void
 	{
-		this.http.get("api/account/logout").subscribe(() =>
-		{
-			this.oidcSecurityService.logoff();
-		});
 	}
 }
--- a/front/projects/host/src/app/auth/misc/auth.pipe.ts
+++ b/front/projects/host/src/app/auth/misc/auth.pipe.ts
@ -1,21 +1,16 @@
 import { Injector, Pipe, PipeTransform } from "@angular/core";
 import { HttpClient, HttpHeaders } from "@angular/common/http";
-import { OidcSecurityService } from "angular-auth-oidc-client";

@Pipe({
 	name: "auth"
 })
 export class AuthPipe implements PipeTransform
 {
-	private oidcSecurity: OidcSecurityService;
-
 	constructor(private injector: Injector, private http: HttpClient) {}

 	async transform(uri: string): Promise<string>
 	{
-		if (this.oidcSecurity === undefined)
-			this.oidcSecurity = this.injector.get(OidcSecurityService);
-		const token: string = this.oidcSecurity.getAccessToken();
+		const token: string = null;
 		if (!token)
 			return uri;
 		const headers: HttpHeaders = new HttpHeaders({Authorization: "Bearer " + token});
--- a/front/projects/host/src/app/auth/misc/authorizer-interceptor.service.ts
+++ b/front/projects/host/src/app/auth/misc/authorizer-interceptor.service.ts
@ -6,23 +6,17 @@ import {
 	HttpInterceptor
 } from "@angular/common/http";
 import { Observable } from "rxjs";
-import { OidcSecurityService } from "angular-auth-oidc-client";

@Injectable()
 export class AuthorizerInterceptor implements HttpInterceptor
 {
-	private oidcSecurity: OidcSecurityService;
-
-
 	constructor(private injector: Injector) {}

 	intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>>
 	{
 		if (request.url.startsWith("http"))
 			return next.handle(request);
-		if (this.oidcSecurity === undefined)
-			this.oidcSecurity = this.injector.get(OidcSecurityService);
-		const token: string = this.oidcSecurity.getAccessToken();
+		const token: string = null;
 		if (token)
 			request = request.clone({setHeaders: {Authorization: "Bearer " + token}});
 		return next.handle(request);
--- a/front/projects/host/src/app/pages/player/player.component.ts
+++ b/front/projects/host/src/app/pages/player/player.component.ts
@ -13,7 +13,6 @@ import {
 import { MatSnackBar } from "@angular/material/snack-bar";
 import { DomSanitizer, Title } from "@angular/platform-browser";
 import { ActivatedRoute, Event, NavigationCancel, NavigationEnd, NavigationStart, Router } from "@angular/router";
-import { OidcSecurityService } from "angular-auth-oidc-client";
 import Hls from "hls.js";
 import { EpisodeService, ShowService } from "../../services/api.service";
 import { StartupService } from "../../services/startup.service";
@ -160,7 +159,6 @@ export class PlayerComponent implements OnInit, OnDestroy, AfterViewInit

 	private subtitlesManager: SubtitlesOctopus;
 	private hlsPlayer: Hls = new Hls();
-	private oidcSecurity: OidcSecurityService;
 	constructor(private route: ActivatedRoute,
 	            private snackBar: MatSnackBar,
 	            private title: Title,
@ -242,11 +240,9 @@ export class PlayerComponent implements OnInit, OnDestroy, AfterViewInit

 	ngAfterViewInit(): void
 	{
-		if (this.oidcSecurity === undefined)
-			this.oidcSecurity = this.injector.get(OidcSecurityService);
 		this.hlsPlayer.config.xhrSetup = xhr =>
 		{
-			const token: string = this.oidcSecurity.getAccessToken();
+			const token: string = null;
 			if (token)
 				xhr.setRequestHeader("Authorization", "Bearer " + token);
 		};
--- a/front/yarn.lock
+++ b/front/yarn.lock
--- a/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
+++ b/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
@ -16,30 +16,31 @@
 // You should have received a copy of the GNU General Public License
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.

-namespace Kyoo.Authentication.Models;
-
-/// <summary>
-/// The main authentication options.
-/// </summary>
-public class AuthenticationOption
+namespace Kyoo.Authentication.Models
 {
 	/// <summary>
-	/// The path to get this option from the root configuration.
+	/// The main authentication options.
 	/// </summary>
-	public const string Path = "authentication";
+	public class AuthenticationOption
+	{
+		/// <summary>
+		/// The path to get this option from the root configuration.
+		/// </summary>
+		public const string Path = "authentication";

-	/// <summary>
-	/// The secret used to encrypt the jwt.
-	/// </summary>
-	public string Secret { get; set; }
+		/// <summary>
+		/// The secret used to encrypt the jwt.
+		/// </summary>
+		public string Secret { get; set; }

-	/// <summary>
-	/// Options for permissions
-	/// </summary>
-	public PermissionOption Permissions { get; set; }
+		/// <summary>
+		/// Options for permissions
+		/// </summary>
+		public PermissionOption Permissions { get; set; }

-	/// <summary>
-	/// Root path of user's profile pictures.
-	/// </summary>
-	public string ProfilePicturePath { get; set; }
+		/// <summary>
+		/// Root path of user's profile pictures.
+		/// </summary>
+		public string ProfilePicturePath { get; set; }
+	}
 }
--- a/src/Kyoo.Authentication/Views/AuthApi.cs
+++ b/src/Kyoo.Authentication/Views/AuthApi.cs
@ -17,7 +17,6 @@
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.

 using System;
-using System.Collections.Generic;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Kyoo.Abstractions.Controllers;
@ -26,11 +25,9 @@ using Kyoo.Abstractions.Models.Attributes;
 using Kyoo.Abstractions.Models.Exceptions;
 using Kyoo.Abstractions.Models.Utils;
 using Kyoo.Authentication.Models.DTO;
-using Kyoo.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
 using static Kyoo.Abstractions.Models.Utils.Constants;
 using BCryptNet = BCrypt.Net.BCrypt;
--- a/src/Kyoo.Host.Generic/settings.json
+++ b/src/Kyoo.Host.Generic/settings.json
@ -65,6 +65,7 @@
      "newUser": ["overall.read", "overall.write", "overall.create", "overall.delete", "admin.read", "admin.write"]
    },
    "profilePicturePath": "users/",
+	"secret": "jwt-secret"
  },

  "tvdb": {