-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfetch.js
64 lines (55 loc) · 2.45 KB
/
fetch.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import { msalConfig } from './authConfig';
import { addClaimsToStorage } from './utils/storageUtils';
import { parseChallenges } from './utils/claimUtils';
/**
* Makes a fetch call to the API endpoint with the access token in the Authorization header
* @param {string} accessToken
* @param {string} apiEndpoint
* @returns
*/
export const callApiWithToken = async (accessToken, apiEndpoint, account) => {
const headers = new Headers();
const bearer = `Bearer ${accessToken}`;
headers.append("Authorization", bearer);
const options = {
method: "GET",
headers: headers
};
const response = await fetch(apiEndpoint, options);
return handleClaimsChallenge(response, apiEndpoint, account);
};
/**
* This method inspects the HTTPS response from a fetch call for the "www-authenticate header"
* If present, it grabs the claims challenge from the header and store it in the localStorage
* For more information, visit: https://docs.microsoft.com/en-us/azure/active-directory/develop/claims-challenge#claims-challenge-header-format
* @param {object} response
* @returns response
*/
export const handleClaimsChallenge = async (response, apiEndpoint, account) => {
if (response.status === 200) {
return response.json();
} else if (response.status === 401) {
if (response.headers.get('WWW-Authenticate')) {
const authenticateHeader = response.headers.get('WWW-Authenticate');
const claimsChallenge = parseChallenges(authenticateHeader);
/**
* This method stores the claim challenge to the session storage in the browser to be used when acquiring a token.
* To ensure that we are fetching the correct claim from the storage, we are using the clientId
* of the application and oid (user’s object id) as the key identifier of the claim with schema
* cc.<clientId>.<oid>.<resource.hostname>
*/
addClaimsToStorage(
`cc.${msalConfig.auth.clientId}.${account.idTokenClaims.oid}.${new URL(apiEndpoint).hostname}`,
claimsChallenge.claims,
);
throw new Error(`claims_challenge_occurred`);
}
throw new Error(`Unauthorized: ${response.status}`);
} else {
throw new Error(`Something went wrong with the request: ${response.status}`);
}
};