eplace/src/utils/auth.js

import * as redirect from "./redirect";

async function sendRequest(endpoint, body) {
  const request = {
    method: "POST",
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
    },

    body: new URLSearchParams(body)
  };
  console.debug(request)

  let response;
  try {
    response = await fetch(endpoint, request)
    if (!response.ok) {
      throw new Error(response.statusText)
    }
  }
  catch (err) {
    console.error(err)
    return null
  }
  
  return await response.json()
}

/**
* @param {string} code the authorization code received from the OIDC
* provider
* @returns {boolean} true if the token was fetched, false otherwise
*/
async function getToken(code) {

  const auth_url = import.meta.env.VITE_URL;
  const endpoint = `${auth_url}/auth-api/token`;
  const formData = {
    "grant_type": "authorization_code",
    "code": code,
    "redirect_uri": `${auth_url}/complete/epita/`,
    "client_id": import.meta.env.VITE_CLIENT_ID
  }
  const response = await sendRequest(endpoint, formData)
  if (response === null) {
    console.error("Failed to retrieve OIDC token")
    alert("Failed to retrieve OIDC token")

    localStorage.clear();
    redirect.redirectToLoginPage()
    return false;
  }

  localStorage.setItem("token", response.id_token);
  localStorage.setItem("refresh_token", response.refresh_token);
  console.debug("Saved token and refresh tokens")

  return true
}


/**
* @param {string} refreshToken the refresh token (optional)
* @returns {boolean} whether the token has been refreshed or not
*/
async function refreshToken(refreshToken) {

    refreshToken= refreshToken || localStorage.getItem("refresh_token");
  if (!refreshToken) {
    console.error("Unable to retrieve refresh token")
    return false
  }
  
  const auth_url = import.meta.env.VITE_URL;
  const endpoint = `${auth_url}/auth-api/token`;
  const formData = {
    "client_id": import.meta.env.VITE_CLIENT_ID,
    // client_secret: "",
    "grant_type": "authorization_code",
    refresh_token: refreshToken,
    scope: "epita profile picture"
  }
  const response = await sendRequest(endpoint, formData)
  if (response === null) {
    console.error("Failed to retrieve OIDC token")
    alert("Failed to retrieve OIDC token")

    localStorage.clear();
    redirect.redirectToLoginPage()
    return false;
  }

  localStorage.setItem("token", response.id_token);
  localStorage.setItem("refresh_token", response.refresh_token);
  console.debug("Saved token and refresh tokens")

  return true
}

/**
* @returns {boolean} true if the user is authenticated, false otherwise
*/
async function authenticate() {
  const token = localStorage.getItem("token");
  if (token !== null)
    return true;
  const refresh_token = localStorage.getItem("refresh_token");
  if (refresh_token !== null)
    return true;

  redirect.redirectToLoginPage();
  return false;
}

// FIXME
// missing functions:
// - authedAPIRequest (makes an authenticated request to the API)

export {
  getToken,
  refreshToken,
  authenticate
}
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`import * as redirect from "./redirect";`

soupirehn 2026-05-15 17:27:27 +02:00			`async function sendRequest(endpoint, body) {`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`const request = {`
			`method: "POST",`
			`headers: {`
			`"Content-Type": "application/x-www-form-urlencoded",`
			`},`

soupirehn 2026-05-15 17:27:27 +02:00			`body: new URLSearchParams(body)`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`};`
soupirehn 2026-05-15 17:27:27 +02:00			`console.debug(request)`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
soupirehn 2026-05-15 17:27:27 +02:00			`let response;`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`try {`
soupirehn 2026-05-15 17:27:27 +02:00			`response = await fetch(endpoint, request)`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`if (!response.ok) {`
			`throw new Error(response.statusText)`
			`}`
			`}`
			`catch (err) {`
soupirehn 2026-05-15 17:27:27 +02:00			`console.error(err)`
			`return null`
			`}`

			`return await response.json()`
			`}`

			`/**`
			`* @param {string} code the authorization code received from the OIDC`
			`* provider`
			`* @returns {boolean} true if the token was fetched, false otherwise`
			`*/`
			`async function getToken(code) {`

			`const auth_url = import.meta.env.VITE_URL;`
			const endpoint = `${auth_url}/auth-api/token`;
			`const formData = {`
			`"grant_type": "authorization_code",`
			`"code": code,`
			"redirect_uri": `${auth_url}/complete/epita/`,
			`"client_id": import.meta.env.VITE_CLIENT_ID`
			`}`
			`const response = await sendRequest(endpoint, formData)`
			`if (response === null) {`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`console.error("Failed to retrieve OIDC token")`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`alert("Failed to retrieve OIDC token")`

auth and redirect utilities 2026-05-15 14:08:38 +02:00			`localStorage.clear();`
			`redirect.redirectToLoginPage()`
soupirehn 2026-05-15 17:27:27 +02:00			`return false;`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`}`

soupirehn 2026-05-15 17:27:27 +02:00			`localStorage.setItem("token", response.id_token);`
			`localStorage.setItem("refresh_token", response.refresh_token);`
			`console.debug("Saved token and refresh tokens")`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`return true`
			`}`


			`/**`
			`* @param {string} refreshToken the refresh token (optional)`
			`* @returns {boolean} whether the token has been refreshed or not`
			`*/`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`async function refreshToken(refreshToken) {`

soupirehn 2026-05-15 17:27:27 +02:00			`refreshToken= refreshToken \|\| localStorage.getItem("refresh_token");`
			`if (!refreshToken) {`
			`console.error("Unable to retrieve refresh token")`
			`return false`
			`}`

invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`const auth_url = import.meta.env.VITE_URL;`
			const endpoint = `${auth_url}/auth-api/token`;
			`const formData = {`
soupirehn 2026-05-15 17:27:27 +02:00			`"client_id": import.meta.env.VITE_CLIENT_ID,`
			`// client_secret: "",`
			`"grant_type": "authorization_code",`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`refresh_token: refreshToken,`
soupirehn 2026-05-15 17:27:27 +02:00			`scope: "epita profile picture"`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`}`
soupirehn 2026-05-15 17:27:27 +02:00			`const response = await sendRequest(endpoint, formData)`
			`if (response === null) {`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`console.error("Failed to retrieve OIDC token")`
soupirehn 2026-05-15 17:27:27 +02:00			`alert("Failed to retrieve OIDC token")`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
			`localStorage.clear();`
			`redirect.redirectToLoginPage()`
soupirehn 2026-05-15 17:27:27 +02:00			`return false;`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`}`

soupirehn 2026-05-15 17:27:27 +02:00			`localStorage.setItem("token", response.id_token);`
			`localStorage.setItem("refresh_token", response.refresh_token);`
			`console.debug("Saved token and refresh tokens")`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
			`return true`
			`}`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
			`/**`
			`* @returns {boolean} true if the user is authenticated, false otherwise`
			`*/`
			`async function authenticate() {`
			`const token = localStorage.getItem("token");`
			`if (token !== null)`
			`return true;`
			`const refresh_token = localStorage.getItem("refresh_token");`
			`if (refresh_token !== null)`
			`return true;`

			`redirect.redirectToLoginPage();`
			`return false;`
			`}`

			`// FIXME`
			`// missing functions:`
given files 2026-05-15 11:08:23 +02:00			`// - authedAPIRequest (makes an authenticated request to the API)`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`export {`
			`getToken,`
soupirehn 2026-05-15 17:27:27 +02:00			`refreshToken,`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`authenticate`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`}`