Skip to content

Commit

Permalink
bugfix/CXSPA-8626:Log out will lead to many request and keep getting …
Browse files Browse the repository at this point in the history 
…error (#19393)
  • Loading branch information
@Melody-zhou-512
Melody-zhou-512 authored Oct 14, 2024
1 parent 53ce472 commit 37b8eb1
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 1 deletion.
33 changes: 33 additions & 0 deletions projects/core/src/auth/user-auth/http-interceptors/auth.interceptor.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,4 +370,37 @@ describe('AuthInterceptor', () => {
);
sub.unsubscribe();
});

it(`Should handle 401 error for invalid error when customer in Logout process`, (done) => {
spyOn(authConfigService, 'getOAuthLibConfig').and.returnValue({
disablePKCE: false,
});

spyOn(authHeaderService, 'handleExpiredAccessToken').and.callThrough();
spyOn(authHeaderService, 'handleExpiredRefreshToken').and.callThrough();

const sub: Subscription = http.get('/occ').subscribe({
error: (err) => {
expect(err.status).toEqual(401);
expect(
authHeaderService.handleExpiredAccessToken
).not.toHaveBeenCalled();
expect(
authHeaderService.handleExpiredRefreshToken
).not.toHaveBeenCalled();
done();
},
});

const mockReq: TestRequest = httpMock.expectOne(
(req) => req.url === '/occ'
);

mockReq.flush(
{ errors: [{ message: 'Access is denied' }] },
{ status: 401, statusText: 'Unauthorized' }
);

sub.unsubscribe();
});
});
7 changes: 6 additions & 1 deletion projects/core/src/auth/user-auth/http-interceptors/auth.interceptor.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,12 @@ export class AuthInterceptor implements HttpInterceptor {
}

protected isExpiredToken(resp: HttpErrorResponse): boolean {
if (!this.authConfigService.getOAuthLibConfig().disablePKCE) {
const isLogoutProcess =
resp.error?.errors?.[0]?.message === 'Access is denied';
if (
!this.authConfigService.getOAuthLibConfig().disablePKCE &&
!isLogoutProcess
) {
return resp.error?.errors?.[0]?.type === 'AccessDeniedError';
}
return resp.error?.errors?.[0]?.type === 'InvalidTokenError';
Expand Down

0 comments on commit 37b8eb1

Please sign in to comment.