Merge pull request #155 from ioet/148-send-jwt

fix: #148 adding interceptor to inject Authorization headers

Author: enriquezrene

src/app/app.module.ts

@@ -2,7 +2,7 @@ import { CommonModule } from '@angular/common';
 import { BrowserModule } from '@angular/platform-browser';
 import { NgModule } from '@angular/core';
 import { FormsModule, ReactiveFormsModule } from '@angular/forms';
-import { HttpClientModule } from '@angular/common/http';
+import { HttpClientModule, HTTP_INTERCEPTORS } from '@angular/common/http';
 import { StoreModule } from '@ngrx/store';
 import { EffectsModule } from '@ngrx/effects';
 import { StoreDevtoolsModule } from '@ngrx/store-devtools';
@@ -50,6 +50,7 @@ import { ProjectTypeListComponent } from './modules/customer-management/componen
 // tslint:disable-next-line: max-line-length
 import { CreateProjectTypeComponent } from './modules/customer-management/components/projects-type/components/create-project-type/create-project-type.component';
 import { CustomerEffects } from './modules/customer-management/store/customer-management.effects';
+import { InjectTokenInterceptor } from './modules/shared/interceptors/inject.token.interceptor';
 
 @NgModule({
   declarations: [
@@ -103,7 +104,11 @@ import { CustomerEffects } from './modules/customer-management/store/customer-ma
       : [],
     EffectsModule.forRoot([ProjectEffects, ActivityEffects, CustomerEffects, TechnologyEffects]),
   ],
-  providers: [],
+  providers: [{
+    provide: HTTP_INTERCEPTORS,
+    useClass: InjectTokenInterceptor,
+    multi: true,
+  }],
   bootstrap: [AppComponent],
 })
 export class AppModule {}

src/app/modules/shared/interceptors/inject.token.interceptor.spec.ts

@@ -0,0 +1,46 @@
+import { HttpHandler, HttpRequest, HttpResponse, HttpEvent } from '@angular/common/http';
+import { Observable, of } from 'rxjs';
+
+import { AzureAdB2CService } from 'src/app/modules/login/services/azure.ad.b2c.service';
+import { environment } from '../../../../environments/environment';
+import { InjectTokenInterceptor } from './inject.token.interceptor';
+
+describe('InjectTokenInterceptor test', () => {
+
+  class MockHttpHandler extends HttpHandler {
+    handle(req: HttpRequest<any>): Observable<HttpEvent<any>> {
+      return of(new HttpResponse());
+    }
+  }
+
+  const azureAdB2CService: AzureAdB2CService = new AzureAdB2CService();
+  azureAdB2CService.getBearerToken = () => {
+    return 'XYZ';
+  };
+  const handler: HttpHandler = new MockHttpHandler();
+
+  it('if request.url is not part of time-tracker-api, then next.handle', () => {
+    const interceptor = new InjectTokenInterceptor(azureAdB2CService);
+    const request = new HttpRequest('GET', '/foo');
+    spyOn(handler, 'handle');
+
+    interceptor.intercept(request, handler);
+
+    expect(handler.handle).toHaveBeenCalledWith(request);
+  });
+
+  it('if request.url is part of time-tracker-api, then Authorization header is injected', () => {
+    const interceptor = new InjectTokenInterceptor(azureAdB2CService);
+    const request = new HttpRequest('GET', environment.timeTrackerApiUrl);
+    spyOn(handler, 'handle');
+    const requestWithHeaders = request.clone(
+      {
+        headers: request.headers.set('Authorization', 'Bearer XYZ')
+      });
+
+    interceptor.intercept(request, handler);
+
+    expect(handler.handle).toHaveBeenCalledWith(requestWithHeaders);
+  });
+
+});

src/app/modules/shared/interceptors/inject.token.interceptor.ts

@@ -0,0 +1,31 @@
+import { Injectable } from '@angular/core';
+import {
+  HttpEvent,
+  HttpInterceptor,
+  HttpHandler,
+  HttpRequest,
+} from '@angular/common/http';
+import { Observable } from 'rxjs';
+
+import { AzureAdB2CService } from 'src/app/modules/login/services/azure.ad.b2c.service';
+import { environment } from './../../../../environments/environment';
+
+@Injectable()
+export class InjectTokenInterceptor implements HttpInterceptor {
+
+  constructor(private azureAdB2CService: AzureAdB2CService) { }
+
+  intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
+    if (request.url.startsWith(environment.timeTrackerApiUrl)) {
+      const requestWithHeaders = request.clone(
+        {
+          headers: request.headers.set('Authorization',
+            'Bearer ' + this.azureAdB2CService.getBearerToken())
+        });
+      return next.handle(requestWithHeaders);
+    } else {
+      return next.handle(request);
+    }
+  }
+
+}