eplace/src/utils/auth.js

import * as redirect from "./redirect";

async function sendRequest(endpoint, body) {
    const formData = new FormData();

    for (var key in body) {
        formData.append(key, body[key]);
    }

    const request = {
        method: "POST",
        // headers: {
        //     "Content-Type": "application/x-www-form-urlencoded",
        // },

        body: formData,
    };

    let response;

    try {
        response = await fetch(endpoint, request);
        if (!response.ok) {
            throw new Error(response.statusText);
        }
    } catch (err) {
        console.error(err);
        return null;
    }

    return await response.json();
}

/**
 * @param {string} code the authorization code received from the OIDC
 * provider
 * @returns {Promise<boolean>} true if the token was fetched, false otherwise
 */
async function getToken(code) {
    const auth_url = import.meta.env.VITE_URL;
    const endpoint = `${auth_url}/auth-api/token`;
    const formData = {
        grant_type: "authorization_code",
        code: code,
        redirect_uri: `${auth_url}/complete/epita/`,
        client_id: import.meta.env.VITE_CLIENT_ID,
    };
    const response = await sendRequest(endpoint, formData);

    if (response === null) {
        console.error("Failed to retrieve OIDC token");
        alert("Failed to retrieve OIDC token");

        localStorage.clear();
        redirect.redirectToLoginPage();
        return false;
    }

    localStorage.setItem("token", response.id_token);
    localStorage.setItem("refresh_token", response.refresh_token);
    console.debug("Saved token and refresh tokens");

    return true;
}

/**
 * @param {string} refreshToken the refresh token (optional)
 * @returns {Promise<boolean>} whether the token has been refreshed or not
 */
async function refreshToken(refreshToken) {
    refreshToken = refreshToken || localStorage.getItem("refresh_token");
    if (!refreshToken) {
        console.error("Unable to retrieve refresh token");
        return false;
    }

    const auth_url = import.meta.env.VITE_URL;
    const endpoint = `${auth_url}/auth-api/token`;
    const formData = {
        client_id: import.meta.env.VITE_CLIENT_ID,
        // client_secret: "",
        grant_type: "authorization_code",
        refresh_token: refreshToken,
        scope: "epita profile picture",
    };
    const response = await sendRequest(endpoint, formData);

    if (response === null) {
        console.error("Failed to retrieve OIDC token");
        alert("Failed to retrieve OIDC token");

        localStorage.clear();
        redirect.redirectToLoginPage();
        return false;
    }

    localStorage.setItem("token", response.id_token);
    localStorage.setItem("refresh_token", response.refresh_token);
    console.debug("Saved token and refresh tokens");

    return true;
}

/**
 * @returns {Promise<boolean>} true if the user is authenticated, false otherwise
 */
async function authenticate() {
    const token = localStorage.getItem("token");

    if (token !== null) {
        return true;
    }

    const refresh_token = localStorage.getItem("refresh_token");

    if (refresh_token !== null) {
        return await refreshToken(refresh_token);
    }

    localStorage.clear();
    redirect.redirectToLoginPage();
    return false;
}

/**
 * @param {string} endpoint
 * @param {object} options this object should at least contain the method.
 * @returns {Promise<Response>} the response or null
 * We want a {Promise<Response>} so we can read the headers as well as the
 * body, rather than just the body
 */
async function authedAPIRequest(endpoint, options) {
    if (!(await authenticate())) {
        return null;
    }

    // if (!options.method) {
    //     console.error("Invalid parameter: options (missing method)");
    //     return null;
    // }

    // Deep copy req
    const request = JSON.parse(JSON.stringify(options));

    if (!request.headers) {
        request.headers = {};
    }

    // Pcq ce PUTAIN de js est pas foutu de faire ce qu'on lui demande
    request.headers.Authorization = "Bearer " + localStorage.getItem("token");

    const full_endpoint = import.meta.env.VITE_URL + "/api" + endpoint;

    const response = await fetch(full_endpoint, request);

    if (response.status === 401) {
        const response_err = await response.text();

        if (response_err.includes("Token expired")) {
            if (await refreshToken(null)) {
                return await authedAPIRequest(endpoint, options);
            }
        }

        localStorage.clear();
        alert("Redirecting to logging page");
        redirect.redirectToLoginPage();
        return null;
    }

    return response;
}

export { getToken, refreshToken, authenticate, authedAPIRequest };
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`import * as redirect from "./redirect";`

soupirehn 2026-05-15 17:27:27 +02:00			`async function sendRequest(endpoint, body) {`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`const formData = new FormData();`

			`for (var key in body) {`
			`formData.append(key, body[key]);`
			`}`

			`const request = {`
			`method: "POST",`
beuaah 2026-05-15 19:00:11 +02:00			`// headers: {`
			`// "Content-Type": "application/x-www-form-urlencoded",`
			`// },`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
			`body: formData,`
			`};`

			`let response;`

			`try {`
			`response = await fetch(endpoint, request);`
			`if (!response.ok) {`
			`throw new Error(response.statusText);`
			`}`
			`} catch (err) {`
			`console.error(err);`
			`return null;`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`}`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
			`return await response.json();`
soupirehn 2026-05-15 17:27:27 +02:00			`}`

			`/**`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`* @param {string} code the authorization code received from the OIDC`
			`* provider`
			`* @returns {Promise<boolean>} true if the token was fetched, false otherwise`
			`*/`
soupirehn 2026-05-15 17:27:27 +02:00			`async function getToken(code) {`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`const auth_url = import.meta.env.VITE_URL;`
			const endpoint = `${auth_url}/auth-api/token`;
			`const formData = {`
			`grant_type: "authorization_code",`
			`code: code,`
			redirect_uri: `${auth_url}/complete/epita/`,
			`client_id: import.meta.env.VITE_CLIENT_ID,`
			`};`
			`const response = await sendRequest(endpoint, formData);`

			`if (response === null) {`
			`console.error("Failed to retrieve OIDC token");`
			`alert("Failed to retrieve OIDC token");`

			`localStorage.clear();`
			`redirect.redirectToLoginPage();`
			`return false;`
			`}`
soupirehn 2026-05-15 17:27:27 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`localStorage.setItem("token", response.id_token);`
			`localStorage.setItem("refresh_token", response.refresh_token);`
			`console.debug("Saved token and refresh tokens");`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`return true;`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`}`

			`/**`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`* @param {string} refreshToken the refresh token (optional)`
			`* @returns {Promise<boolean>} whether the token has been refreshed or not`
			`*/`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`async function refreshToken(refreshToken) {`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`refreshToken = refreshToken \|\| localStorage.getItem("refresh_token");`
			`if (!refreshToken) {`
			`console.error("Unable to retrieve refresh token");`
			`return false;`
			`}`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`const auth_url = import.meta.env.VITE_URL;`
			const endpoint = `${auth_url}/auth-api/token`;
			`const formData = {`
			`client_id: import.meta.env.VITE_CLIENT_ID,`
			`// client_secret: "",`
			`grant_type: "authorization_code",`
			`refresh_token: refreshToken,`
			`scope: "epita profile picture",`
			`};`
			`const response = await sendRequest(endpoint, formData);`

			`if (response === null) {`
			`console.error("Failed to retrieve OIDC token");`
			`alert("Failed to retrieve OIDC token");`

			`localStorage.clear();`
			`redirect.redirectToLoginPage();`
			`return false;`
			`}`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`localStorage.setItem("token", response.id_token);`
			`localStorage.setItem("refresh_token", response.refresh_token);`
			`console.debug("Saved token and refresh tokens");`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`return true;`
invalid client id gmgngngngngng ntm 2026-05-15 16:43:17 +02:00			`}`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
			`/**`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`* @returns {Promise<boolean>} true if the user is authenticated, false otherwise`
			`*/`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`async function authenticate() {`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`const token = localStorage.getItem("token");`

			`if (token !== null) {`
			`return true;`
			`}`

			`const refresh_token = localStorage.getItem("refresh_token");`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`if (refresh_token !== null) {`
hhhhhnnn mimimimimimimimi 2026-05-15 22:33:21 +02:00			`return await refreshToken(refresh_token);`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`}`

			`localStorage.clear();`
			`redirect.redirectToLoginPage();`
			`return false;`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`}`

step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`/**`
			`* @param {string} endpoint`
			`* @param {object} options this object should at least contain the method.`
			`* @returns {Promise<Response>} the response or null`
			`* We want a {Promise<Response>} so we can read the headers as well as the`
			`* body, rather than just the body`
			`*/`
			`async function authedAPIRequest(endpoint, options) {`
hhhhhnnn mimimimimimimimi 2026-05-15 22:33:21 +02:00			`if (!(await authenticate())) {`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`return null;`
			`}`

no moulinette ? 2026-05-16 11:14:39 +02:00			`// if (!options.method) {`
			`// console.error("Invalid parameter: options (missing method)");`
			`// return null;`
			`// }`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
join the channel of the room you want to subscribe on the server you just initialized a socket on 2026-05-16 12:18:35 +02:00			`// Deep copy req`
			`const request = JSON.parse(JSON.stringify(options));`

			`if (!request.headers) {`
			`request.headers = {};`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`}`

join the channel of the room you want to subscribe on the server you just initialized a socket on 2026-05-16 12:18:35 +02:00			`// Pcq ce PUTAIN de js est pas foutu de faire ce qu'on lui demande`
			`request.headers.Authorization = "Bearer " + localStorage.getItem("token");`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
beuaah 2026-05-15 20:13:34 +02:00			`const full_endpoint = import.meta.env.VITE_URL + "/api" + endpoint;`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
join the channel of the room you want to subscribe on the server you just initialized a socket on 2026-05-16 12:18:35 +02:00			`const response = await fetch(full_endpoint, request);`
no moulinette ? 2026-05-16 11:14:39 +02:00
kkk 2026-05-15 22:59:15 +02:00			`if (response.status === 401) {`
			`const response_err = await response.text();`
auth and redirect utilities 2026-05-15 14:08:38 +02:00
kkk 2026-05-15 22:59:15 +02:00			`if (response_err.includes("Token expired")) {`
			`if (await refreshToken(null)) {`
			`return await authedAPIRequest(endpoint, options);`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`}`
			`}`

kkk 2026-05-15 22:59:15 +02:00			`localStorage.clear();`
			`alert("Redirecting to logging page");`
			`redirect.redirectToLoginPage();`
			`return null;`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00			`}`

			`return response;`
auth and redirect utilities 2026-05-15 14:08:38 +02:00			`}`
step 1 ? nn en vrai j'y crois pas 2026-05-15 18:31:16 +02:00
			`export { getToken, refreshToken, authenticate, authedAPIRequest };`