[CST-10704][CST-14902] Adds ORCID login flow with private email

DSpace · Sep 13, 2024 · 590fe70 · 590fe70
1 parent 11fad8d
commit 590fe70
Show file tree

Hide file tree

Showing 88 changed files with 3,372 additions and 61 deletions.
diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts
@@ -1,5 +1,5 @@
 import { NgModule } from '@angular/core';
-import { RouterModule, NoPreloading } from '@angular/router';
+import { NoPreloading, RouterModule } from '@angular/router';
 import { AuthBlockingGuard } from './core/auth/auth-blocking.guard';
 
 import { AuthenticatedGuard } from './core/auth/authenticated.guard';
@@ -161,6 +161,21 @@ import { ThemedPageErrorComponent } from './page-error/themed-page-error.compone
             loadChildren: () => import('./login-page/login-page.module')
               .then((m) => m.LoginPageModule)
           },
+          {
+            path: 'external-login/:token',
+            loadChildren: () => import('./external-login-page/external-login-page.module')
+              .then((m) => m.ExternalLoginPageModule)
+          },
+          {
+            path: 'review-account/:token',
+            loadChildren: () => import('./external-login-review-account-info-page/external-login-review-account-info-page.module')
+              .then((m) => m.ExternalLoginReviewAccountInfoModule)
+          },
+          {
+            path: 'email-confirmation',
+            loadChildren: () => import('./external-login-email-confirmation-page/external-login-email-confirmation-page.module')
+              .then((m) => m.ExternalLoginEmailConfirmationPageModule)
+          },
           {
             path: 'logout',
             loadChildren: () => import('./logout-page/logout-page.module')

diff --git a/src/app/core/auth/auth-request.service.ts b/src/app/core/auth/auth-request.service.ts
@@ -1,9 +1,9 @@
 import { Observable } from 'rxjs';
-import { distinctUntilChanged, filter, map, switchMap, tap, take } from 'rxjs/operators';
+import { distinctUntilChanged, filter, map, switchMap, take, tap } from 'rxjs/operators';
 import { HALEndpointService } from '../shared/hal-endpoint.service';
 import { RequestService } from '../data/request.service';
-import { isNotEmpty } from '../../shared/empty.util';
-import { GetRequest, PostRequest, } from '../data/request.models';
+import { isNotEmpty, isNotEmptyOperator } from '../../shared/empty.util';
+import { DeleteRequest, GetRequest, PostRequest } from '../data/request.models';
 import { HttpOptions } from '../dspace-rest/dspace-rest.service';
 import { getFirstCompletedRemoteData } from '../shared/operators';
 import { RemoteDataBuildService } from '../cache/builders/remote-data-build.service';
@@ -13,13 +13,17 @@ import { ShortLivedToken } from './models/short-lived-token.model';
 import { URLCombiner } from '../url-combiner/url-combiner';
 import { RestRequest } from '../data/rest-request.model';
 import { FollowLinkConfig } from '../../shared/utils/follow-link-config.model';
+import { MachineToken } from './models/machine-token.model';
+import { NoContent } from '../shared/NoContent.model';
+import { sendRequest } from '../shared/request.operators';
 
 /**
  * Abstract service to send authentication requests
  */
 export abstract class AuthRequestService {
   protected linkName = 'authn';
   protected shortlivedtokensEndpoint = 'shortlivedtokens';
+  protected machinetokenEndpoint = 'machinetokens';
 
   constructor(protected halService: HALEndpointService,
               protected requestService: RequestService,
@@ -128,4 +132,32 @@ export abstract class AuthRequestService {
       })
     );
   }
+
+  /**
+   * Send a post request to create a machine token
+   */
+  public postToMachineTokenEndpoint(): Observable<RemoteData<MachineToken>> {
+    return this.halService.getEndpoint(this.linkName).pipe(
+      isNotEmptyOperator(),
+      distinctUntilChanged(),
+      map((href: string) => new URLCombiner(href, this.machinetokenEndpoint).toString()),
+      map((endpointURL: string) => new PostRequest(this.requestService.generateRequestId(), endpointURL)),
+      tap((request: RestRequest) => this.requestService.send(request)),
+      switchMap((request: RestRequest) => this.rdbService.buildFromRequestUUID<MachineToken>(request.uuid))
+    );
+  }
+
+  /**
+   * Send a delete request to destroy a machine token
+   */
+  public deleteToMachineTokenEndpoint(): Observable<RemoteData<NoContent>> {
+    return this.halService.getEndpoint(this.linkName).pipe(
+      isNotEmptyOperator(),
+      distinctUntilChanged(),
+      map((href: string) => new URLCombiner(href, this.machinetokenEndpoint).toString()),
+      map((endpointURL: string) => new DeleteRequest(this.requestService.generateRequestId(), endpointURL)),
+      sendRequest(this.requestService),
+      switchMap((request: RestRequest) => this.rdbService.buildFromRequestUUID<MachineToken>(request.uuid)),
+    );
+  }
 }
diff --git a/src/app/core/auth/auth.service.ts b/src/app/core/auth/auth.service.ts
@@ -25,7 +25,8 @@ import {
 import { CookieService } from '../services/cookie.service';
 import {
   getAuthenticatedUserId,
-  getAuthenticationToken, getExternalAuthCookieStatus,
+  getAuthenticationToken,
+  getExternalAuthCookieStatus,
   getRedirectUrl,
   isAuthenticated,
   isAuthenticatedLoaded,
@@ -36,7 +37,8 @@ import { AppState } from '../../app.reducer';
 import {
   CheckAuthenticationTokenAction,
   RefreshTokenAction,
-  ResetAuthenticationMessagesAction, SetAuthCookieStatus,
+  ResetAuthenticationMessagesAction,
+  SetAuthCookieStatus,
   SetRedirectUrlAction,
   SetUserAsIdleAction,
   UnsetUserAsIdleAction
@@ -56,6 +58,9 @@ import { Group } from '../eperson/models/group.model';
 import { createSuccessfulRemoteDataObject$ } from '../../shared/remote-data.utils';
 import { PageInfo } from '../shared/page-info.model';
 import { followLink } from '../../shared/utils/follow-link-config.model';
+import { NoContent } from '../shared/NoContent.model';
+import { URLCombiner } from '../url-combiner/url-combiner';
+import { MachineToken } from './models/machine-token.model';
 
 export const LOGIN_ROUTE = '/login';
 export const LOGOUT_ROUTE = '/logout';
@@ -548,6 +553,31 @@ export class AuthService {
       });
   }
 
+  /**
+   * Returns the external server redirect URL.
+   * @param origin - The origin route.
+   * @param redirectRoute - The redirect route.
+   * @param location - The location.
+   * @returns The external server redirect URL.
+   */
+  getExternalServerRedirectUrl(origin: string, redirectRoute: string, location: string): string  {
+    const correctRedirectUrl = new URLCombiner(origin, redirectRoute).toString();
+
+    let externalServerUrl = location;
+    const myRegexp = /\?redirectUrl=(.*)/g;
+    const match = myRegexp.exec(location);
+    const redirectUrlFromServer = (match && match[1]) ? match[1] : null;
+
+    // Check whether the current page is different from the redirect url received from rest
+    if (isNotNull(redirectUrlFromServer) && redirectUrlFromServer !== correctRedirectUrl) {
+      // change the redirect url with the current page url
+      const newRedirectUrl = `?redirectUrl=${correctRedirectUrl}`;
+      externalServerUrl = location.replace(/\?redirectUrl=(.*)/g, newRedirectUrl);
+    }
+
+    return externalServerUrl;
+  }
+
   /**
    * Clear redirect url
    */
@@ -633,4 +663,18 @@ export class AuthService {
     }
   }
 
+  /**
+   * Create a new machine token for the current user
+   */
+  public createMachineToken(): Observable<RemoteData<MachineToken>> {
+    return this.authRequestService.postToMachineTokenEndpoint();
+  }
+
+  /**
+   * Delete the machine token for the current user
+   */
+  public deleteMachineToken(): Observable<RemoteData<NoContent>> {
+    return this.authRequestService.deleteToMachineTokenEndpoint();
+  }
+
 }
diff --git a/src/app/core/auth/models/auth.method-type.ts b/src/app/core/auth/models/auth.method-type.ts
@@ -5,5 +5,5 @@ export enum AuthMethodType {
   Ip = 'ip',
   X509 = 'x509',
   Oidc = 'oidc',
-  Orcid = 'orcid'
+  Orcid = 'orcid',
 }
diff --git a/src/app/core/auth/models/auth.registration-type.ts b/src/app/core/auth/models/auth.registration-type.ts
@@ -0,0 +1,4 @@
+export enum AuthRegistrationType {
+  Orcid = 'ORCID',
+  Validation = 'VALIDATION_',
+}
diff --git a/src/app/core/auth/models/machine-token.model.ts b/src/app/core/auth/models/machine-token.model.ts
@@ -0,0 +1,36 @@
+import { autoserialize, autoserializeAs, deserialize } from 'cerialize';
+
+import { typedObject } from '../../cache/builders/build-decorators';
+import { CacheableObject } from '../../cache/cacheable-object.model';
+import { excludeFromEquals } from '../../utilities/equals.decorators';
+import { ResourceType } from '../../shared/resource-type';
+import { HALLink } from '../../shared/hal-link.model';
+import { MACHINE_TOKEN } from './machine-token.resource-type';
+
+/**
+ * A machine token that can be used to authenticate a rest request
+ */
+@typedObject
+export class MachineToken implements CacheableObject {
+  static type = MACHINE_TOKEN;
+  /**
+   * The type for this MachineToken
+   */
+  @excludeFromEquals
+  @autoserialize
+  type: ResourceType;
+
+  /**
+   * The value for this MachineToken
+   */
+  @autoserializeAs('token')
+  value: string;
+
+  /**
+   * The {@link HALLink}s for this MachineToken
+   */
+  @deserialize
+  _links: {
+    self: HALLink;
+  };
+}
diff --git a/src/app/core/auth/models/machine-token.resource-type.ts b/src/app/core/auth/models/machine-token.resource-type.ts
@@ -0,0 +1,9 @@
+import { ResourceType } from '../../shared/resource-type';
+
+/**
+ * The resource type for MachineToken
+ *
+ * Needs to be in a separate file to prevent circular
+ * dependencies in webpack.
+ */
+export const MACHINE_TOKEN = new ResourceType('machinetoken');
diff --git a/src/app/core/data/eperson-registration.service.spec.ts b/src/app/core/data/eperson-registration.service.spec.ts
@@ -104,7 +104,7 @@ describe('EpersonRegistrationService', () => {
 
   describe('searchByToken', () => {
     it('should return a registration corresponding to the provided token', () => {
-      const expected = service.searchByToken('test-token');
+      const expected = service.searchByTokenAndUpdateData('test-token');
 
       expect(expected).toBeObservable(cold('(a|)', {
         a: jasmine.objectContaining({
@@ -122,7 +122,7 @@ describe('EpersonRegistrationService', () => {
       testScheduler.run(({ cold, expectObservable }) => {
         rdbService.buildSingle.and.returnValue(cold('a', { a: rd }));
 
-        service.searchByToken('test-token');
+        service.searchByTokenAndUpdateData('test-token');
 
         expect(requestService.send).toHaveBeenCalledWith(
           jasmine.objectContaining({

diff --git a/src/app/core/data/eperson-registration.service.ts b/src/app/core/data/eperson-registration.service.ts
@@ -1,7 +1,7 @@
 import { Injectable } from '@angular/core';
 import { RequestService } from './request.service';
 import { HALEndpointService } from '../shared/hal-endpoint.service';
-import { GetRequest, PostRequest } from './request.models';
+import { GetRequest, PatchRequest, PostRequest } from './request.models';
 import { Observable } from 'rxjs';
 import { filter, find, map } from 'rxjs/operators';
 import { hasValue, isNotEmpty } from '../../shared/empty.util';
@@ -13,8 +13,9 @@ import { RegistrationResponseParsingService } from './registration-response-pars
 import { RemoteData } from './remote-data';
 import { RemoteDataBuildService } from '../cache/builders/remote-data-build.service';
 import { HttpOptions } from '../dspace-rest/dspace-rest.service';
-import { HttpHeaders } from '@angular/common/http';
-import { HttpParams } from '@angular/common/http';
+import { HttpHeaders, HttpParams } from '@angular/common/http';
+import { Operation } from 'fast-json-patch';
+import { NoContent } from '../shared/NoContent.model';
 
 @Injectable({
   providedIn: 'root',
@@ -32,7 +33,6 @@ export class EpersonRegistrationService {
     protected rdbService: RemoteDataBuildService,
     protected halService: HALEndpointService,
   ) {
-
   }
 
   /**
@@ -90,10 +90,11 @@ export class EpersonRegistrationService {
   }
 
   /**
-   * Search a registration based on the provided token
-   * @param token
+   * Searches for a registration based on the provided token.
+   * @param token The token to search for.
+   * @returns An observable of remote data containing the registration.
    */
-  searchByToken(token: string): Observable<RemoteData<Registration>> {
+  searchByTokenAndUpdateData(token: string): Observable<RemoteData<Registration>> {
     const requestId = this.requestService.generateRequestId();
 
     const href$ = this.getTokenSearchEndpoint(token).pipe(
@@ -113,12 +114,81 @@ export class EpersonRegistrationService {
     return this.rdbService.buildSingle<Registration>(href$).pipe(
       map((rd) => {
         if (rd.hasSucceeded && hasValue(rd.payload)) {
-          return Object.assign(rd, { payload: Object.assign(rd.payload, { token }) });
+          return Object.assign(rd, { payload: Object.assign(new Registration(), {
+              email: rd.payload.email,
+              token: token,
+              user: rd.payload.user,
+            }) });
         } else {
           return rd;
         }
       })
     );
   }
 
+  /**
+   * Searches for a registration by token and handles any errors that may occur.
+   * @param token The token to search for.
+   * @returns An observable of remote data containing the registration.
+   */
+  searchByTokenAndHandleError(token: string): Observable<RemoteData<Registration>> {
+    const requestId = this.requestService.generateRequestId();
+
+    const href$ = this.getTokenSearchEndpoint(token).pipe(
+      find((href: string) => hasValue(href)),
+    );
+
+    href$.subscribe((href: string) => {
+      const request = new GetRequest(requestId, href);
+      Object.assign(request, {
+        getResponseParser(): GenericConstructor<ResponseParsingService> {
+          return RegistrationResponseParsingService;
+        }
+      });
+      this.requestService.send(request, true);
+    });
+    return this.rdbService.buildSingle<Registration>(href$);
+  }
+
+  /**
+   * Patch the registration object to update the email address
+   * @param value provided by the user during the registration confirmation process
+   * @param registrationId The id of the registration object
+   * @param token The token of the registration object
+   * @param updateValue Flag to indicate if the email should be updated or added
+   * @returns Remote Data state of the patch request
+   */
+  patchUpdateRegistration(values: string[], field: string, registrationId: string, token: string, operator: 'add' | 'replace'): Observable<RemoteData<NoContent>> {
+    const requestId = this.requestService.generateRequestId();
+
+    const href$ = this.getRegistrationEndpoint().pipe(
+      find((href: string) => hasValue(href)),
+      map((href: string) => `${href}/${registrationId}?token=${token}`),
+    );
+
+    href$.subscribe((href: string) => {
+      const operations = this.generateOperations(values, field, operator);
+      const patchRequest = new PatchRequest(requestId, href, operations);
+      this.requestService.send(patchRequest);
+    });
+
+    return this.rdbService.buildFromRequestUUID(requestId);
+  }
+
+  /**
+   * Custom method to generate the operations to be performed on the registration object
+   * @param value provided by the user during the registration confirmation process
+   * @param updateValue Flag to indicate if the email should be updated or added
+   * @returns Operations to be performed on the registration object
+   */
+  private generateOperations(values: string[], field: string, operator: 'add' | 'replace'): Operation[] {
+    let operations = [];
+    if (values.length > 0 && hasValue(field) ) {
+      operations = [{
+        op: operator, path: `/${field}`, value: values
+      }];
+    }
+
+    return operations;
+  }
 }