From eddf0af03ed7f31266d8b0e3c7fa231cf7c0bb04 Mon Sep 17 00:00:00 2001
From: Carina Antunes <carina.oliveira.antunes@cern.ch>
Date: Fri, 28 Apr 2023 19:20:13 +0200
Subject: [PATCH] SSO refresh improvements

---
 src/auth/utils/authUtils.js                   |  4 +--
 .../ChannelRecommendationsComponent.js        |  7 +++--
 src/middleware.js                             | 26 +++++++++++++++++++
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/src/auth/utils/authUtils.js b/src/auth/utils/authUtils.js
index f3cac64b..4118fd9c 100644
--- a/src/auth/utils/authUtils.js
+++ b/src/auth/utils/authUtils.js
@@ -41,11 +41,11 @@ export function deleteSavedTokens() {
 }
 
 /**
- * Checks if the user is authenticated on the application. Refresh token must be present.
+ * Checks if the user is authenticated on the application. Both tokens must be present.
  * @returns {boolean} (true|false)
  */
 export function isAuthenticated() {
-  return getRefreshToken() !== null;
+  return getAccessToken() !== null && getRefreshToken() !== null;
 }
 
 /**
diff --git a/src/channels/components/ChannelRecommendationsComponent/ChannelRecommendationsComponent.js b/src/channels/components/ChannelRecommendationsComponent/ChannelRecommendationsComponent.js
index 174600c9..5afac8b2 100644
--- a/src/channels/components/ChannelRecommendationsComponent/ChannelRecommendationsComponent.js
+++ b/src/channels/components/ChannelRecommendationsComponent/ChannelRecommendationsComponent.js
@@ -30,6 +30,7 @@ const ChannelRecommendationsComponent = ({
   loading,
   loadingSubscribe,
   loadingIgnore,
+  isAuthenticated,
 }) => {
   const [openModal, setOpenModal] = useState(false);
   const [activeIndex, setActiveIndex] = useState(-1);
@@ -38,10 +39,10 @@ const ChannelRecommendationsComponent = ({
   const [needsRefreshChannels, setNeedsRefreshChannels] = useState(false);
 
   useEffect(() => {
-    if (!loadingIgnore && !loadingSubscribe) {
+    if (isAuthenticated && !loadingIgnore && !loadingSubscribe) {
       getChannelRecommendations();
     }
-  }, [getChannelRecommendations, loadingSubscribe, loadingIgnore]);
+  }, [isAuthenticated, getChannelRecommendations, loadingSubscribe, loadingIgnore]);
 
   async function handleSubscribe(channelRecommendation) {
     setSubscribeId(channelRecommendation.channelId);
@@ -187,6 +188,7 @@ const ChannelRecommendationsComponent = ({
 
 const mapStateToProps = state => {
   return {
+    isAuthenticated: state.auth.loggedIn,
     channelRecommendations: state.channels.channelRecommendations.recommendations,
     getChannelsQuery: state.channels.channelsList.getChannelsQuery,
     loading: state.channels.channelRecommendations.loading,
@@ -208,6 +210,7 @@ ChannelRecommendationsComponent.propTypes = {
   loading: PropTypes.bool.isRequired,
   loadingSubscribe: PropTypes.bool.isRequired,
   loadingIgnore: PropTypes.bool.isRequired,
+  isAuthenticated: PropTypes.bool.isRequired,
 };
 
 const mapDispatchToProps = dispatch => {
diff --git a/src/middleware.js b/src/middleware.js
index 6bbc5e30..d0e5c8db 100644
--- a/src/middleware.js
+++ b/src/middleware.js
@@ -1,5 +1,6 @@
 import {isRSAA, apiMiddleware} from 'redux-api-middleware';
 
+import isEqual from 'lodash/isEqual';
 import {
   REFRESH_TOKEN_SUCCESS,
   REFRESH_TOKEN_FAILURE,
@@ -16,6 +17,15 @@ const redirectToSSO = () => {
   window.location = buildAuthorizeUrl();
 };
 
+const listIncludesObject = (list, obj) => {
+  console.log(
+    list,
+    obj,
+    list.some(elem => JSON.stringify(elem) === JSON.stringify(obj))
+  );
+  return list.some(elem => isEqual(elem, obj));
+};
+
 export function createApiMiddleware() {
   const postponedRSAAs = [];
 
@@ -37,24 +47,40 @@ export function createApiMiddleware() {
           // Clear access and refresh tokens, otherwise we'll have an endless loop
           deleteSavedTokens();
           next(redirectToSSO());
+          // eslint-disable-next-line no-empty
         } else {
           next(nextAction);
         }
       };
+
       if (isRSAA(action)) {
         const refreshToken = getRefreshToken();
         if (refreshToken && isAccessTokenExpired()) {
           console.debug('Access token is expired but we have refresh token');
           postponedRSAAs.push(action);
           console.debug('postponed RSAAs: ', postponedRSAAs, action);
+
+          const {
+            auth: {loginInProgress},
+          } = getState();
+          if (loginInProgress) return;
+
           if (postponedRSAAs.length > 0) {
+            // eslint-disable-next-line consistent-return
             return rsaaMiddleware(nextCheckPostponed)(refreshAccessToken());
           }
           return;
         }
 
+        // avoid duplicate calls
+        if (postponedRSAAs.length > 0 && listIncludesObject(postponedRSAAs, action)) {
+          return;
+        }
+
+        // eslint-disable-next-line consistent-return
         return rsaaMiddleware(next)(action);
       }
+      // eslint-disable-next-line consistent-return
       return next(action);
     };
   };
-- 
GitLab