import { Config, Configuration, CoreApi, CurrentTenant, Middleware, ResponseContext, RootApi } from "@goauthentik/api"; import { getCookie } from "../utils"; import { APIMiddleware } from "../elements/notifications/APIDrawer"; import { MessageMiddleware } from "../elements/messages/Middleware"; import { VERSION } from "../constants"; import { getMetaContent } from "@sentry/tracing/dist/browser/browsertracing"; export class LoggingMiddleware implements Middleware { post(context: ResponseContext): Promise { tenant().then(tenant => { let msg = `authentik/api[${tenant.matchedDomain}]: `; msg += `${context.response.status} ${context.init.method} ${context.url}`; console.debug(msg); }); return Promise.resolve(context.response); } } let globalConfigPromise: Promise; export function config(): Promise { if (!globalConfigPromise) { globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve(); } return globalConfigPromise; } let globalTenantPromise: Promise; export function tenant(): Promise { if (!globalTenantPromise) { globalTenantPromise = new CoreApi(DEFAULT_CONFIG).coreTenantsCurrentRetrieve().then(tenant => { /** * * */ const rels = ["icon", "shortcut icon"]; rels.forEach(rel => { let relIcon = document.head.querySelector(`link[rel='${rel}']`); if (!relIcon) { relIcon = document.createElement('link'); relIcon.rel = rel; document.getElementsByTagName('head')[0].appendChild(relIcon); } relIcon.href = tenant.brandingFavicon; }) return tenant; }); } return globalTenantPromise; } let csrfToken = getCookie("authentik_csrf"); export class CSRFUpdaterMiddleware implements Middleware { post?(context: ResponseContext): Promise { const newCsrf = getCookie("authentik_csrf"); if (newCsrf !== csrfToken) { console.log("authentik/api: rotated CSRF token"); csrfToken = newCsrf; } return Promise.resolve(context.response); } } export const DEFAULT_CONFIG = new Configuration({ basePath: process.env.AK_API_BASE_PATH + "/api/v3", headers: { "X-CSRFToken": csrfToken, "sentry-trace": getMetaContent("sentry-trace") || "", }, middleware: [ new CSRFUpdaterMiddleware(), new APIMiddleware(), new MessageMiddleware(), new LoggingMiddleware(), ], }); // This is just a function so eslint doesn't complain about // missing-whitespace-between-attributes or // unexpected-character-in-attribute-name export function AndNext(url: string): string { return `?next=${encodeURIComponent(url)}`; } console.debug(`authentik(early): version ${VERSION}, apiBase ${DEFAULT_CONFIG.basePath}`);