var module = angular.module('photoz-uma', ['ngRoute', 'ngResource']);
var Identity = {};
angular.element(document).ready(function ($http) {
var keycloakAuth = new Keycloak('keycloak.json');
Identity.loggedIn = false;
keycloakAuth.init({onLoad: 'login-required'}).success(function () {
Identity.loggedIn = true;
Identity.authz = keycloakAuth;
Identity.logout = function () {
Identity.loggedIn = false;
Identity.claim = {};
Identity.authc = null;
window.location = this.authz.authServerUrl + "/realms/photoz-uma/protocol/openid-connect/logout?redirect_uri=http://localhost:8080/photoz-uma-html5-client/index.html";
Identity.authz = null;
};
Identity.claim = {};
Identity.claim.name = Identity.authz.idTokenParsed.name;
Identity.hasRole = function (name) {
if (Identity.authz && Identity.authz.hasRealmRole(name)) {
return true;
}
return false;
};
Identity.isAdmin = function () {
return this.hasRole("admin");
};
Identity.authc = {};
Identity.authc.token = Identity.authz.token;
module.factory('Identity', function () {
return Identity;
});
angular.bootstrap(document, ["photoz-uma"]);
}).error(function () {
window.location.reload();
});
});
module.controller('GlobalCtrl', function ($scope, $http, $route, $location, Album, Identity) {
Album.query(function (albums) {
$scope.albums = albums;
});
$scope.Identity = Identity;
$scope.deleteAlbum = function (album) {
new Album(album).$delete({id: album.id}, function () {
$route.reload();
});
}
});
module.controller('TokenCtrl', function ($scope, Identity) {
$scope.showRpt = function () {
document.getElementById("output").innerHTML = JSON.stringify(jwt_decode(Identity.uma.rpt.rpt), null, ' ');
}
$scope.showAccessToken = function () {
document.getElementById("output").innerHTML = JSON.stringify(jwt_decode(Identity.authc.token), null, ' ');
}
$scope.requestEntitlements = function () {
var request = new XMLHttpRequest();
request.open("GET", "http://localhost:8080/auth/realms/photoz-uma/authz/entitlement/photoz-uma-restful-api", true);
request.setRequestHeader("Authorization", "Bearer " + Identity.authc.token);
request.onreadystatechange = function () {
if (request.readyState == 4 && request.status == 200) {
Identity.uma.rpt = JSON.parse(request.responseText);
}
}
request.send(null);
}
});
module.controller('AlbumCtrl', function ($scope, $http, $routeParams, $location, Album) {
$scope.album = {};
if ($routeParams.id) {
$scope.album = Album.get({id: $routeParams.id});
}
$scope.create = function () {
var newAlbum = new Album($scope.album);
newAlbum.$save({}, function (data) {
$location.path('/');
});
};
});
module.controller('ProfileCtrl', function ($scope, $http, $routeParams, $location, Profile) {
$scope.profile = Profile.get();
});
module.controller('AdminAlbumCtrl', function ($scope, $http, $route, AdminAlbum, Album) {
$scope.albums = {};
$http.get('/photoz-uma-restful-api/admin/album').success(function (data) {
$scope.albums = data;
});
$scope.deleteAlbum = function (album) {
var newAlbum = new Album(album);
newAlbum.$delete({id: album.id}, function () {
$route.reload();
});
}
});
module.factory('Album', ['$resource', function ($resource) {
return $resource('http://localhost:8080/photoz-uma-restful-api/album/:id');
}]);
module.factory('Profile', ['$resource', function ($resource) {
return $resource('http://localhost:8080/photoz-uma-restful-api/profile');
}]);
module.factory('AdminAlbum', ['$resource', function ($resource) {
return $resource('http://localhost:8080/photoz-uma-restful-api/admin/album/:id');
}]);
module.factory('authInterceptor', function ($q, $injector, $timeout, Identity) {
return {
request: function (request) {
document.getElementById("output").innerHTML = '';
if (Identity.uma && Identity.uma.rpt && request.url.indexOf('/authorize') == -1) {
retries = 0;
request.headers.Authorization = 'Bearer ' + Identity.uma.rpt.rpt;
} else {
request.headers.Authorization = 'Bearer ' + Identity.authc.token;
}
return request;
},
responseError: function (rejection) {
if (rejection.status == 403 || rejection.status == 401) {
var retry = (!rejection.config.retry || rejection.config.retry < 1);
if (!retry) {
document.getElementById("output").innerHTML = 'You can not access or perform the requested operation on this resource.';
return $q.reject(rejection);
}
if (rejection.config.url.indexOf('/authorize') == -1 && retry) {
if (rejection.status == 401) {
console.log("Here");
var authenticateHeader = rejection.headers('WWW-Authenticate');
if (authenticateHeader.startsWith('UMA')) {
var params = authenticateHeader.split(',');
for (i = 0; i < params.length; i++) {
var param = params[i].split('=');
if (param[0] == 'ticket') {
var ticket = param[1].substring(1, param[1].length - 1).trim();
var data = JSON.stringify({
ticket: ticket,
rpt: Identity.uma ? Identity.uma.rpt.rpt : ""
});
var $http = $injector.get("$http");
var deferred = $q.defer();
$http.post('http://localhost:8080/auth/realms/photoz-uma/authz/authorize', data, {headers: {"Authorization": "Bearer " + Identity.authc.token}})
.then(function (authzResponse) {
if (authzResponse.data) {
Identity.uma = {};
Identity.uma.rpt = authzResponse.data;
}
deferred.resolve(rejection);
}, function (authzResponse) {
document.getElementById("output").innerHTML = 'You can not access or perform the requested operation on this resource.';
});
var promise = deferred.promise;
return promise.then(function (res) {
if (!res.config.retry) {
res.config.retry = 1;
} else {
res.config.retry++;
}
return $http(res.config).then(function (response) {
return response;
});
});
}
}
}
}
}
}
return $q.reject(rejection);
}
};
});
module.config(function ($httpProvider, $routeProvider) {
$httpProvider.interceptors.push('authInterceptor');
$routeProvider.when('/', {
templateUrl: 'partials/home.html',
controller: 'GlobalCtrl'
}).when('/album/create', {
templateUrl: 'partials/album/create.html',
controller: 'AlbumCtrl',
}).when('/album/:id', {
templateUrl: 'partials/album/detail.html',
controller: 'AlbumCtrl',
}).when('/admin/album', {
templateUrl: 'partials/admin/albums.html',
controller: 'AdminAlbumCtrl',
}).when('/profile', {
templateUrl: 'partials/profile.html',
controller: 'ProfileCtrl',
});
});