{ "version": 3, "sources": ["apps/business-center-client/src/app/auth.service.ts"], "sourcesContent": ["import { HttpClient, HttpHeaders } from '@angular/common/http';\nimport { Injectable, computed, inject } from '@angular/core';\nimport { toSignal } from '@angular/core/rxjs-interop';\nimport { Capacitor } from '@capacitor/core';\nimport { SessionService } from '@galaxy/core';\nimport { BasePersona, IAMService as IAMV1Service, PersonaType } from '@vendasta/iam';\nimport { IAMService as IAMV2Service, UserIdentifier } from '@vendasta/iamv2';\nimport jwtDecode from 'jwt-decode';\nimport { Observable, catchError, filter, firstValueFrom, map, of, shareReplay, switchMap } from 'rxjs';\nimport { environment, partnerId } from '../globals';\nexport { User } from '@vendasta/iamv2';\n\nexport interface JWT {\n iss: string;\n exp?: number;\n sub?: string;\n temporary_subject?: {\n type: string;\n namespace?: string;\n };\n impersonatee?: string;\n user_id?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class AuthService {\n private readonly httpClient = inject(HttpClient);\n\n readonly sessionId = toSignal(this.sessionService.getSessionId());\n readonly sessionData = computed(() => this.decodeJWT(this.sessionId()));\n readonly isAuthed = computed(() => this.tokenIsValid(this.sessionData()));\n readonly isInPreviewMode = computed(() => !!this.sessionData()?.temporary_subject);\n readonly impersonatee = computed(() => this.sessionData()?.impersonatee);\n readonly isImpersonating = computed(() => !!this.impersonatee());\n readonly userId = computed(() => this.sessionData()?.user_id);\n readonly effectiveUserId = computed(() => (this.isImpersonating() ? this.impersonatee() : this.userId()));\n\n // Note - the temporary subject represents a user that HAS NOT logged-in. The user represented by the temporary\n // subject is real, but the user's identity HAS NOT been confirmed, so the temporary session SHOULD NOT be trusted and\n // SHOULD be used cautiously.\n private temporarySubject$ = this.getLoggedInSubject(PersonaType.account_group).pipe(\n catchError(() => of(null)),\n shareReplay({ refCount: true, bufferSize: 1 }),\n );\n temporarySubjectEmail$: Observable = this.temporarySubject$.pipe(\n map((subject) => (subject ? subject?.email : null)),\n );\n temporarySubjectUserId$: Observable = this.temporarySubject$.pipe(\n map((subject) => (subject ? subject?.userId : null)),\n );\n\n smbSubjectId$ = this.getLoggedInSubject(PersonaType.smb).pipe(\n catchError(() => of(null)),\n map((subject) => subject?.subjectId),\n shareReplay({ refCount: true, bufferSize: 1 }),\n );\n\n readonly currentUser$ = this.sessionService.getSessionId().pipe(\n filter((sessionId) => !!sessionId),\n switchMap((token) => this.iamV2.getUser(new UserIdentifier({ token }))),\n shareReplay(1),\n );\n readonly currentUser = toSignal(this.currentUser$);\n readonly email = computed(() => this.currentUser()?.email);\n\n constructor(private iamV1: IAMV1Service, private iamV2: IAMV2Service, private sessionService: SessionService) {}\n\n async login(email: string, password: string) {\n const iamSession = await firstValueFrom(this.iamV1.login(email, password, null, partnerId));\n this.sessionService.setSessionId(iamSession);\n if (!Capacitor.isNativePlatform()) {\n await firstValueFrom(this.createVBCSession(iamSession, partnerId));\n }\n }\n\n private decodeJWT(jwt: string): JWT | null {\n if (!jwt) {\n return null;\n }\n try {\n return jwtDecode(jwt);\n } catch (err) {\n console.error('Error decoding JWT', err);\n }\n return null;\n }\n\n private tokenIsValid(token: JWT): boolean {\n return (\n !!token && token.iss === `https://iam-${environment}.apigateway.co` && new Date() < new Date(token.exp * 1000)\n );\n }\n\n private getLoggedInSubject(personaType: PersonaType, partnerId?: string): Observable {\n return this.sessionService\n .getSessionId()\n .pipe(switchMap((sessionId: string | null) => this.iamV1.getSubjectBySession(sessionId, personaType, partnerId)));\n }\n\n public createVBCSession(iamSession: string, partnerId = 'VUNI') {\n const headers = new HttpHeaders({\n 'content-type': 'application/x-www-form-urlencoded; charset=UTF-8',\n });\n return this.httpClient.post('/ajax/v1/create-session/', `sessionId=${iamSession}&partnerId=${partnerId}`, {\n headers: headers,\n });\n }\n}\n"], "mappings": "siBAAA,IAyBaA,GAzBbC,EAAAC,EAAA,KAAAC,IACAC,IACAC,IACAC,IAEAC,IACAC,IACAC,IACAC,IACAC,oBAgBaX,IAAW,IAAA,CAAlB,IAAOA,EAAP,MAAOA,CAAW,CAwCtBY,YAAoBC,EAA6BC,EAA6BC,EAA8B,CAAxF,KAAAF,MAAAA,EAA6B,KAAAC,MAAAA,EAA6B,KAAAC,eAAAA,EAvC7D,KAAAC,WAAaC,EAAOC,CAAU,EAEtC,KAAAC,UAAYC,EAAS,KAAKL,eAAeM,aAAY,CAAE,EACvD,KAAAC,YAAcC,EAAS,IAAM,KAAKC,UAAU,KAAKL,UAAS,CAAE,CAAC,EAC7D,KAAAM,SAAWF,EAAS,IAAM,KAAKG,aAAa,KAAKJ,YAAW,CAAE,CAAC,EAC/D,KAAAK,gBAAkBJ,EAAS,IAAM,CAAC,CAAC,KAAKD,YAAW,GAAIM,iBAAiB,EACxE,KAAAC,aAAeN,EAAS,IAAM,KAAKD,YAAW,GAAIO,YAAY,EAC9D,KAAAC,gBAAkBP,EAAS,IAAM,CAAC,CAAC,KAAKM,aAAY,CAAE,EACtD,KAAAE,OAASR,EAAS,IAAM,KAAKD,YAAW,GAAIU,OAAO,EACnD,KAAAC,gBAAkBV,EAAS,IAAO,KAAKO,gBAAe,EAAK,KAAKD,aAAY,EAAK,KAAKE,OAAM,CAAG,EAKhG,KAAAG,kBAAoB,KAAKC,mBAAmBC,EAAYC,aAAa,EAAEC,KAC7EC,EAAW,IAAMC,EAAG,IAAI,CAAC,EACzBC,EAAY,CAAEC,SAAU,GAAMC,WAAY,CAAC,CAAE,CAAC,EAEhD,KAAAC,uBAA6C,KAAKV,kBAAkBI,KAClEO,EAAKC,GAAaA,EAAUA,GAASC,MAAQ,IAAK,CAAC,EAErD,KAAAC,wBAA8C,KAAKd,kBAAkBI,KACnEO,EAAKC,GAAaA,EAAUA,GAASf,OAAS,IAAK,CAAC,EAGtD,KAAAkB,cAAgB,KAAKd,mBAAmBC,EAAYc,GAAG,EAAEZ,KACvDC,EAAW,IAAMC,EAAG,IAAI,CAAC,EACzBK,EAAKC,GAAYA,GAASK,SAAS,EACnCV,EAAY,CAAEC,SAAU,GAAMC,WAAY,CAAC,CAAE,CAAC,EAGvC,KAAAS,aAAe,KAAKrC,eAAeM,aAAY,EAAGiB,KACzDe,EAAQlC,GAAc,CAAC,CAACA,CAAS,EACjCmC,EAAWC,GAAU,KAAKzC,MAAM0C,QAAQ,IAAIC,EAAe,CAAEF,MAAAA,CAAK,CAAE,CAAC,CAAC,EACtEd,EAAY,CAAC,CAAC,EAEP,KAAAiB,YAActC,EAAS,KAAKgC,YAAY,EACxC,KAAAL,MAAQxB,EAAS,IAAM,KAAKmC,YAAW,GAAIX,KAAK,CAEsD,CAEzGY,MAAMZ,EAAea,EAAgB,QAAAC,EAAA,sBACzC,IAAMC,EAAa,MAAMC,EAAe,KAAKlD,MAAM8C,MAAMZ,EAAOa,EAAU,KAAMI,CAAS,CAAC,EAC1F,KAAKjD,eAAekD,aAAaH,CAAU,EACtCI,EAAUC,iBAAgB,IAC7B,MAAMJ,EAAe,KAAKK,iBAAiBN,EAAYE,CAAS,CAAC,EAErE,GAEQxC,UAAU6C,EAAW,CAC3B,GAAI,CAACA,EACH,OAAO,KAET,GAAI,CACF,OAAOC,EAAUD,CAAG,CACtB,OAASE,EAAK,CACZC,QAAQC,MAAM,qBAAsBF,CAAG,CACzC,CACA,OAAO,IACT,CAEQ7C,aAAa6B,EAAU,CAC7B,MACE,CAAC,CAACA,GAASA,EAAMmB,MAAQ,eAAeC,CAAW,kBAAoB,IAAIC,KAAS,IAAIA,KAAKrB,EAAMsB,IAAM,GAAI,CAEjH,CAEQ1C,mBAAmB2C,EAA0Bd,EAAkB,CACrE,OAAO,KAAKjD,eACTM,aAAY,EACZiB,KAAKgB,EAAWnC,GAA6B,KAAKN,MAAMkE,oBAAoB5D,EAAW2D,EAAad,CAAS,CAAC,CAAC,CACpH,CAEOI,iBAAiBN,EAAoBE,EAAY,OAAM,CAC5D,IAAMgB,EAAU,IAAIC,EAAY,CAC9B,eAAgB,mDACjB,EACD,OAAO,KAAKjE,WAAWkE,KAAK,2BAA4B,aAAapB,CAAU,cAAcE,CAAS,GAAI,CACxGgB,QAASA,EACV,CACH,yCAjFWhF,GAAWmF,EAAAC,CAAA,EAAAD,EAAAC,CAAA,EAAAD,EAAAE,CAAA,CAAA,CAAA,wBAAXrF,EAAWsF,QAAXtF,EAAWuF,UAAAC,WADE,MAAM,CAAA,EAC1B,IAAOxF,EAAPyF,SAAOzF,CAAW,GAAA", "names": ["AuthService", "init_auth_service", "__esmMin", "init_http", "init_core", "init_rxjs_interop", "init_dist", "init_vendasta_iam", "init_vendasta_iamv2", "init_jwt_decode_esm", "init_esm", "init_globals", "constructor", "iamV1", "iamV2", "sessionService", "httpClient", "inject", "HttpClient", "sessionId", "toSignal", "getSessionId", "sessionData", "computed", "decodeJWT", "isAuthed", "tokenIsValid", "isInPreviewMode", "temporary_subject", "impersonatee", "isImpersonating", "userId", "user_id", "effectiveUserId", "temporarySubject$", "getLoggedInSubject", "PersonaType", "account_group", "pipe", "catchError", "of", "shareReplay", "refCount", "bufferSize", "temporarySubjectEmail$", "map", "subject", "email", "temporarySubjectUserId$", "smbSubjectId$", "smb", "subjectId", "currentUser$", "filter", "switchMap", "token", "getUser", "UserIdentifier", "currentUser", "login", "password", "__async", "iamSession", "firstValueFrom", "partnerId", "setSessionId", "Capacitor", "isNativePlatform", "createVBCSession", "jwt", "jwtDecode", "err", "console", "error", "iss", "environment", "Date", "exp", "personaType", "getSubjectBySession", "headers", "HttpHeaders", "post", "\u0275\u0275inject", "IAMService", "SessionService", "factory", "\u0275fac", "providedIn", "_AuthService"] }