From 242b72ca452d896ea8b5bd53a2647322bb5fcc58 Mon Sep 17 00:00:00 2001
From: csimonis <c.simonis@neusta.de>
Date: Thu, 13 Mar 2025 12:28:52 +0100
Subject: [PATCH] idek man

---
 .../CustomJwtAuthenticationConverter.java     |  3 ---
 .../szut/casino/security/SecurityConfig.java  |  1 -
 frontend/src/app/app.config.ts                | 24 ++++++++++++++++++-
 .../login-success/login-success.component.ts  |  1 -
 frontend/src/app/service/auth.service.ts      | 21 +++++++++++-----
 frontend/src/app/service/user.service.ts      | 17 ++++---------
 .../shared/interceptor/http.interceptor.ts    | 14 +++++++++--
 7 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/backend/src/main/java/de/szut/casino/security/CustomJwtAuthenticationConverter.java b/backend/src/main/java/de/szut/casino/security/CustomJwtAuthenticationConverter.java
index df79e08..9f5304e 100644
--- a/backend/src/main/java/de/szut/casino/security/CustomJwtAuthenticationConverter.java
+++ b/backend/src/main/java/de/szut/casino/security/CustomJwtAuthenticationConverter.java
@@ -11,9 +11,6 @@ public class CustomJwtAuthenticationConverter implements Converter<Jwt, Abstract
     @Override
     public AbstractAuthenticationToken convert(Jwt source) {
         JwtGrantedAuthoritiesConverter authoritiesConverter = new JwtGrantedAuthoritiesConverter();
-        authoritiesConverter.setAuthorityPrefix("ROLE_");  // Ensure roles have the prefix
-        authoritiesConverter.setAuthoritiesClaimName("roles"); // Use Authentik's claim for roles
-
         JwtAuthenticationConverter converter = new JwtAuthenticationConverter();
         converter.setJwtGrantedAuthoritiesConverter(authoritiesConverter);
 
diff --git a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
index 408affb..e0252bf 100644
--- a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
+++ b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
@@ -4,7 +4,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
diff --git a/frontend/src/app/app.config.ts b/frontend/src/app/app.config.ts
index d786629..2bb5e26 100644
--- a/frontend/src/app/app.config.ts
+++ b/frontend/src/app/app.config.ts
@@ -5,9 +5,27 @@ import { FontAwesomeModule } from '@fortawesome/angular-fontawesome';
 import { routes } from './app.routes';
 import { provideHttpClient, withInterceptors } from '@angular/common/http';
 import { provideAnimationsAsync } from '@angular/platform-browser/animations/async';
-import { provideOAuthClient } from 'angular-oauth2-oidc';
+import { OAuthStorage, provideOAuthClient } from 'angular-oauth2-oidc';
 import { httpInterceptor } from './shared/interceptor/http.interceptor';
 
+function storageFactory() {
+  return new class implements OAuthStorage {
+    private data: { [key: string]: string } = {};
+
+    getItem(key: string): string | null {
+      return this.data[key];
+    }
+
+    removeItem(key: string): void {
+      delete this.data[key]
+    }
+
+    setItem(key: string, data: string): void {
+      this.data[key] = data;
+    }
+  }
+}
+
 export const appConfig: ApplicationConfig = {
   providers: [
     provideRouter(routes),
@@ -16,5 +34,9 @@ export const appConfig: ApplicationConfig = {
     provideExperimentalZonelessChangeDetection(),
     provideAnimationsAsync(),
     provideOAuthClient(),
+    {
+      provide: OAuthStorage,
+      useFactory: () => storageFactory(),
+    }
   ],
 };
diff --git a/frontend/src/app/feature/login-success/login-success.component.ts b/frontend/src/app/feature/login-success/login-success.component.ts
index 1becd87..e425e7a 100644
--- a/frontend/src/app/feature/login-success/login-success.component.ts
+++ b/frontend/src/app/feature/login-success/login-success.component.ts
@@ -15,6 +15,5 @@ export default class LoginSuccessComponent implements OnInit {
   private router: Router = inject(Router);
   private authService: AuthService = inject(AuthService);
   async ngOnInit() {
-    console.log(this.authService.getAccessToken());
   }
 }
diff --git a/frontend/src/app/service/auth.service.ts b/frontend/src/app/service/auth.service.ts
index 053add2..11509d6 100644
--- a/frontend/src/app/service/auth.service.ts
+++ b/frontend/src/app/service/auth.service.ts
@@ -1,16 +1,15 @@
 import { inject, Injectable } from '@angular/core';
 import { Subject } from 'rxjs';
-import { AuthConfig, OAuthService } from 'angular-oauth2-oidc';
+import { AuthConfig, OAuthService, OAuthStorage } from 'angular-oauth2-oidc';
 import { UserService } from './user.service';
 import { User } from '../model/User';
+import { Router } from '@angular/router';
 
 
 @Injectable({
   providedIn: 'root',
 })
 export class AuthService {
-  private userService: UserService = inject(UserService);
-
   private readonly authConfig: AuthConfig = {
     issuer: 'https://oauth.simonis.lol/application/o/casino-dev/',
     clientId: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm',
@@ -21,24 +20,34 @@ export class AuthService {
     oidc: true,
     requestAccessToken: true,
     strictDiscoveryDocumentValidation: false,
-    showDebugInformation: true,
     skipIssuerCheck: true,
     disableAtHashCheck: true,
   };
 
+  private userService: UserService = inject(UserService);
+  private oauthService: OAuthService = inject(OAuthService);
+  private oauthStorage: OAuthStorage = inject(OAuthStorage);
+  private router: Router = inject(Router);
+
   private isAuthenticated = new Subject<boolean>();
   private user: User | null = null;
-  private oauthService: OAuthService = inject(OAuthService);
 
   constructor() {
+    console.log(1);
     this.oauthService.setStorage(localStorage);
     this.oauthService.configure(this.authConfig);
     this.oauthService.events.subscribe((event) => {
+      console.log(2, event.type);
       if (event.type === 'token_received') {
-        localStorage.setItem('jwt', this.getAccessToken());
+        console.log(3);
+        this.oauthStorage.setItem('jwt', this.getAccessToken());
         this.oauthService.loadUserProfile().then((profile) => {
+          console.log(4);
           this.fromUserProfile(profile).subscribe((user) => {
+            console.log(5);
             this.user = user;
+            console.log(user);
+            this.router.navigate(['home']);
           });
         });
       }
diff --git a/frontend/src/app/service/user.service.ts b/frontend/src/app/service/user.service.ts
index e574fa4..e0c19d1 100644
--- a/frontend/src/app/service/user.service.ts
+++ b/frontend/src/app/service/user.service.ts
@@ -25,19 +25,12 @@ export class UserService {
   }
 
   public getOrCreateUser(profile: any): Observable<User> {
-    console.log(profile);
     const id = profile.info.sub;
     const username = profile.info.preferred_username;
-
-    return this.getUser(id).pipe(
-      switchMap((user) => {
-        if (user) {
-          return of(user);
-        } else {
-          return this.createUser(id, username);
-        }
-      }),
-      catchError(() => EMPTY)
-    );
+    try {
+      return this.getUser(id) as Observable<User>;
+    } catch (error) {
+      return this.createUser(id, username);
+    }
   }
 }
diff --git a/frontend/src/app/shared/interceptor/http.interceptor.ts b/frontend/src/app/shared/interceptor/http.interceptor.ts
index e1b2658..5ecb0a9 100644
--- a/frontend/src/app/shared/interceptor/http.interceptor.ts
+++ b/frontend/src/app/shared/interceptor/http.interceptor.ts
@@ -1,8 +1,18 @@
 import { HttpInterceptorFn } from '@angular/common/http';
+import { inject } from '@angular/core';
+import { OAuthStorage } from 'angular-oauth2-oidc';
 
 export const httpInterceptor: HttpInterceptorFn = (req, next) => {
-  if (localStorage.getItem('jwt')) {
-    return next(req.clone({ setHeaders: { 'Authorization': 'Bearer ' + localStorage.getItem('jwt') } }));
+  const oauthStorage = inject(OAuthStorage);
+
+  if (oauthStorage.getItem('jwt')) {
+    return next(req.clone({
+      setHeaders: {
+        'Authorization': 'Bearer ' + oauthStorage.getItem('jwt'),
+        'Access-Control-Allow-Origin': '*',
+        'Referrer-Policy': 'no-referrer',
+      }
+    }));
   } else {
     return next(req);
   }