From 0b2c90c8b5da2b456fac083f10e355b2172e1525 Mon Sep 17 00:00:00 2001 From: Gerald Schmittinger Date: Sun, 2 Mar 2025 23:51:51 +0100 Subject: [PATCH] fix(frontend): Fixed infinite retry loop when unauthorized Also adjusted the Keycloak config --- frontend/src/services/api-client.ts | 1 - frontend/src/services/auth/auth-service.ts | 16 ++++++++++------ idp/student-realm.json | 6 +++--- idp/teacher-realm.json | 8 ++++---- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/frontend/src/services/api-client.ts b/frontend/src/services/api-client.ts index 320faf23..bddeeff7 100644 --- a/frontend/src/services/api-client.ts +++ b/frontend/src/services/api-client.ts @@ -7,5 +7,4 @@ const apiClient = axios.create({ "Content-Type": "application/json", }, }); - export default apiClient; diff --git a/frontend/src/services/auth/auth-service.ts b/frontend/src/services/auth/auth-service.ts index 76d3b6dc..917df7fc 100644 --- a/frontend/src/services/auth/auth-service.ts +++ b/frontend/src/services/auth/auth-service.ts @@ -7,12 +7,12 @@ import type {AuthState, Role, UserManagersForRoles} from "@/services/auth/auth-t import {User, UserManager} from "oidc-client-ts"; import {loadAuthConfig} from "@/services/auth/auth-config-loader.ts"; import authStorage from "./auth-storage.ts" -import {useRouter} from "vue-router"; import {loginRoute} from "@/config.ts"; import apiClient from "@/services/api-client.ts"; +import router from "@/router"; +import type {AxiosError} from "axios"; const authConfig = await loadAuthConfig(); -const router = useRouter(); const userManagers: UserManagersForRoles = { student: new UserManager(authConfig.student), @@ -115,11 +115,15 @@ apiClient.interceptors.request.use(async (reqConfig) => { // Registering interceptor to refresh the token when a request failed because it was expired. apiClient.interceptors.response.use( response => response, - async (error) => { + async (error: AxiosError<{message?: string}>) => { if (error.response?.status === 401) { - console.log("Access token expired, trying to refresh..."); - await renewToken(); - return apiClient(error.config); // Retry the request + if (error.response!.data.message === "token_expired") { + console.log("Access token expired, trying to refresh..."); + await renewToken(); + return apiClient(error.config!); // Retry the request + } else { // Apparently, the user got a 401 because he was not logged in yet at all. Redirect him to login. + await initiateLogin() + } } return Promise.reject(error); } diff --git a/idp/student-realm.json b/idp/student-realm.json index 57ff2dd2..7b6bc94b 100644 --- a/idp/student-realm.json +++ b/idp/student-realm.json @@ -544,14 +544,14 @@ "clientId" : "dwengo", "name" : "Dwengo", "description" : "", - "rootUrl" : "http://localhost:3000", - "adminUrl" : "http://localhost:3000", + "rootUrl" : "http://localhost:5173", + "adminUrl" : "http://localhost:5173", "baseUrl" : "/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-jwt", - "redirectUris" : [ "urn:ietf:wg:oauth:2.0:oob", "http://localhost:3000/*", "http://localhost:3000" ], + "redirectUris" : [ "urn:ietf:wg:oauth:2.0:oob", "http://localhost:5173/*", "http://localhost:5173" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false, diff --git a/idp/teacher-realm.json b/idp/teacher-realm.json index 5584f692..f1bc513a 100644 --- a/idp/teacher-realm.json +++ b/idp/teacher-realm.json @@ -544,14 +544,14 @@ "clientId" : "dwengo", "name" : "Dwengo", "description" : "", - "rootUrl" : "http://localhost:3000", - "adminUrl" : "http://localhost:3000", - "baseUrl" : "http://localhost:3000", + "rootUrl" : "http://localhost:5173", + "adminUrl" : "http://localhost:5173", + "baseUrl" : "http://localhost:5173", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "urn:ietf:wg:oauth:2.0:oob", "http://localhost:3000/*", "http://localhost:3000" ], + "redirectUris" : [ "urn:ietf:wg:oauth:2.0:oob", "http://localhost:5173/*", "http://localhost:5173" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false,