diff options
Diffstat (limited to 'packages/taler-util/src/http-client/challenger.ts')
-rw-r--r-- | packages/taler-util/src/http-client/challenger.ts | 67 |
1 files changed, 43 insertions, 24 deletions
diff --git a/packages/taler-util/src/http-client/challenger.ts b/packages/taler-util/src/http-client/challenger.ts index fa4214aa6..8d23ed273 100644 --- a/packages/taler-util/src/http-client/challenger.ts +++ b/packages/taler-util/src/http-client/challenger.ts @@ -4,10 +4,13 @@ import { createPlatformHttpLib } from "../http.js"; import { LibtoolVersion } from "../libtool-version.js"; import { FailCasesByMethod, + RedirectResult, ResultByMethod, + opFixedSuccess, + opKnownAlternativeFailure, opKnownHttpFailure, opSuccessFromHttp, - opUnknownFailure + opUnknownFailure, } from "../operation.js"; import { AccessToken, @@ -16,7 +19,8 @@ import { codecForChallengeStatus, codecForChallengerAuthResponse, codecForChallengerInfoResponse, - codecForChallengerTermsOfServiceResponse + codecForChallengerTermsOfServiceResponse, + codecForInvalidPinResponse, } from "./types.js"; import { makeBearerTokenAuthHeader } from "./utils.js"; @@ -91,7 +95,12 @@ export class ChallengerHttpClient { * https://docs.taler.net/core/api-challenger.html#post--authorize-$NONCE * */ - async login(nonce: string, clientId: string, redirectUri: string, state: string | undefined) { + async login( + nonce: string, + clientId: string, + redirectUri: string, + state: string | undefined, + ) { const url = new URL(`authorize/${nonce}`, this.baseUrl); url.searchParams.set("response_type", "code"); url.searchParams.set("client_id", clientId); @@ -127,17 +136,23 @@ export class ChallengerHttpClient { */ async challenge(nonce: string, body: Record<"email", string>) { const url = new URL(`challenge/${nonce}`, this.baseUrl); - + const resp = await this.httpLib.fetch(url.href, { method: "POST", body: new URLSearchParams(Object.entries(body)).toString(), headers: { - "Content-Type": "application/x-www-form-urlencoded" - } + "Content-Type": "application/x-www-form-urlencoded", + }, + redirect: "manual", }); switch (resp.status) { case HttpStatusCode.Ok: return opSuccessFromHttp(resp, codecForChallengeCreateResponse()); + case HttpStatusCode.Found: + const redirect = resp.headers.get("Location")!; + return opFixedSuccess<RedirectResult>({ + redirectURL: new URL(redirect), + }); case HttpStatusCode.BadRequest: return opKnownHttpFailure(resp.status, resp); case HttpStatusCode.NotFound: @@ -165,23 +180,25 @@ export class ChallengerHttpClient { method: "POST", body: new URLSearchParams(Object.entries(body)).toString(), headers: { - "Content-Type": "application/x-www-form-urlencoded" + "Content-Type": "application/x-www-form-urlencoded", }, redirect: "manual", }); switch (resp.status) { case HttpStatusCode.Found: - const redirect = resp.headers.get("Location")! - const uri = new URL(redirect) - const code = uri.searchParams.get("code")! - return { - type: "ok" as const, - body: { code } - } - // return opSuccessFromHttp(resp, codecForChallengeCreateResponse()); + const redirect = resp.headers.get("Location")!; + return opFixedSuccess<RedirectResult>({ + redirectURL: new URL(redirect), + }); case HttpStatusCode.BadRequest: return opKnownHttpFailure(resp.status, resp); - case HttpStatusCode.NotFound: + case HttpStatusCode.Forbidden: + return opKnownAlternativeFailure( + resp, + resp.status, + codecForInvalidPinResponse(), + ); + case HttpStatusCode.NotFound: return opKnownHttpFailure(resp.status, resp); case HttpStatusCode.NotAcceptable: return opKnownHttpFailure(resp.status, resp); @@ -210,15 +227,17 @@ export class ChallengerHttpClient { const resp = await this.httpLib.fetch(url.href, { method: "POST", headers: { - "Content-Type": "application/x-www-form-urlencoded" + "Content-Type": "application/x-www-form-urlencoded", }, - body: new URLSearchParams(Object.entries({ - client_id, - redirect_uri, - client_secret, - code, - grant_type: "authorization_code", - })).toString(), + body: new URLSearchParams( + Object.entries({ + client_id, + redirect_uri, + client_secret, + code, + grant_type: "authorization_code", + }), + ).toString(), }); switch (resp.status) { case HttpStatusCode.Ok: |