refactor: improvements on registry auth. Removed auth cache

Leonardo Chaia · Leonardo Chaia · commit 61fa02919218 · 2018-09-28T10:55:51.000-03:00
diff --git a/package.json b/package.json
@@ -60,8 +60,8 @@
     "@commitlint/config-conventional": "^7.0.1",
     "@types/dockerode": "^2.5.5",
     "@types/electron-settings": "^3.1.1",
-    "@types/node": "^10.10.1",
     "@types/filesize": "^3.6.0",
+    "@types/node": "^10.10.1",
     "@types/uuid": "^3.4.4",
     "angular-pipes": "^8.1.1",
     "angular2-hotkeys": "^2.1.3",
@@ -75,8 +75,8 @@
     "electron-builder": "^20.28.4",
     "electron-reload": "^1.2.5",
     "fast-text-encoding": "^1.0.0",
-    "git-rev-sync": "^1.12.0",
     "filesize": "^3.6.1",
+    "git-rev-sync": "^1.12.0",
     "hammerjs": "^2.0.8",
     "husky": "^0.14.3",
     "npm-run-all": "^4.1.3",
@@ -89,6 +89,7 @@
     "uuid": "^3.3.2",
     "wait-on": "3.0.1",
     "webdriver-manager": "^12.1.0",
+    "www-authenticate": "^0.6.2",
     "xterm": "^3.7.0",
     "zone.js": "0.8.26"
   }
diff --git a/src/app/registry/registry-auth.service.ts b/src/app/registry/registry-auth.service.ts
@@ -1,39 +1,19 @@
 import { Injectable } from '@angular/core';
 import { HttpClient } from '@angular/common/http';
 import { map, } from 'rxjs/operators';
-import { of } from 'rxjs';
+import parsers from 'www-authenticate/lib/parsers';
 
 @Injectable({
   providedIn: 'root'
 })
 export class RegistryAuthService {
 
-  private tokenCache: { [key: string]: string } = {};
-
   constructor(private httpClient: HttpClient) { }
 
   public getAccesstokenFromHeader(header: string, registryUrl: string, username: string, password: string) {
-    const parsed = this.parseWwwAuthenticateHeader(header);
-    const clientId = 'ui-test';
-
-    const cacheKey = this.getCacheKey(registryUrl, parsed.service, parsed.scope, clientId, username, password);
-    if (this.isCached(cacheKey)) {
-      return of(this.tokenCache[cacheKey]);
-    }
-
-    return this.getAccesstoken(parsed.realm, parsed.service, parsed.scope, clientId, username, password)
-      .pipe(map(token => {
-        return this.tokenCache[cacheKey] = token;
-      }));
-  }
-
-  public getAccessTokenForUrl(registryUrl: string) {
-    const key = Object.keys(this.tokenCache).filter(k => k.includes(registryUrl))[0];
-    if (key) {
-      return this.tokenCache[key];
-    } else {
-      return null;
-    }
+    const parsed = new parsers.WWW_Authenticate(header).parms;
+    const clientId = 'Timoneer';
+    return this.getAccesstoken(parsed.realm, parsed.service, parsed.scope, clientId, username, password);
   }
 
   protected getAccesstoken(
@@ -57,34 +37,4 @@ export class RegistryAuthService {
       return r.token;
     }));
   }
-
-  protected parseWwwAuthenticateHeader(header: string) {
-    const parts = header.split(',');
-    const realm = parts.filter(p => p.indexOf('Bearer realm=') >= 0)[0];
-    const service = parts.filter(p => p.indexOf('service=') >= 0)[0];
-    const scope = parts.filter(p => p.indexOf('scope=') >= 0)[0];
-    return {
-      realm: realm.replace('Bearer realm="', '').replace('"', ''),
-      service: service.replace('service="', '').replace('"', ''),
-      scope: scope.replace('scope="', '').replace('"', ''),
-    };
-  }
-
-  protected getFromCache(key: string) {
-    return this.tokenCache[key];
-  }
-
-  protected isCached(key) {
-    return !!this.tokenCache[key];
-  }
-
-  protected getCacheKey(url: string,
-    service: string,
-    scope: string,
-    clientId: string,
-    username: string,
-    password: string) {
-
-    return `${url}-${btoa(service + scope + clientId + username + password)}`;
-  }
 }
diff --git a/src/app/registry/registry.service.ts b/src/app/registry/registry.service.ts
@@ -46,17 +46,14 @@ export class RegistryService {
   }
 
   protected get<T>(registryUrl: string, path: string, params?: { [param: string]: string | string[]; }): Observable<T> {
-    let attempts = 0;
-    const recursion = (headers?: any) => {
-      attempts++;
-      if (attempts > 2) {
-        console.error('stop');
-        return;
-      }
-      return this.httpClient.get<T>(this.ensureEndingSlash(registryUrl) + path, {
-        headers: headers,
-        params: params
-      }).pipe(catchError(e => {
+
+    const doHttpCall = (headers?: any) => this.httpClient.get<T>(this.ensureEndingSlash(registryUrl) + path, {
+      headers: headers,
+      params: params
+    });
+
+    return doHttpCall()
+      .pipe(catchError(e => {
         if (e.status === 401) {
           const header = e.headers.get('www-authenticate');
 
@@ -74,7 +71,7 @@ export class RegistryService {
                 return this.authService.getAccesstokenFromHeader(header, registrySettings.url,
                   registrySettings.username, registrySettings.password)
                   .pipe(
-                    switchMap(token => recursion({
+                    switchMap(token => doHttpCall({
                       Authorization: `Bearer ${token}`
                     }))
                   );
@@ -85,10 +82,6 @@ export class RegistryService {
           return throwError(e);
         }
       }));
-    };
-
-    const possibleToken = this.authService.getAccessTokenForUrl(registryUrl);
-    return recursion(possibleToken ? { Authorization: `Bearer ${possibleToken}` } : null);
   }
 
   private ensureEndingSlash(str: string) {
diff --git a/yarn.lock b/yarn.lock
@@ -8207,6 +8207,10 @@ write-file-atomic@~2.1.0:
     imurmurhash "^0.1.4"
     slide "^1.1.5"
 
+www-authenticate@^0.6.2:
+  version "0.6.2"
+  resolved "https://registry.yarnpkg.com/www-authenticate/-/www-authenticate-0.6.2.tgz#b7a7d487bdc5a8b423a4d8fd5f9c661adde50ebf"
+
 xdg-basedir@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-3.0.0.tgz#496b2cc109eca8dbacfe2dc72b603c17c5870ad4"
