misc: support relogin when jwt token changed (#112)

ringcentral · Oct 9, 2024 · b8ef9ae · b8ef9ae
1 parent de9c385
commit b8ef9ae
Show file tree

Hide file tree

Showing 6 changed files with 52 additions and 5 deletions.
diff --git a/docs/customize-authorization.md b/docs/customize-authorization.md
@@ -16,7 +16,7 @@ Developers can login to RingCX Embeddable using the [JWT auth flow](https://deve
 ```js
   (function() {
     var rcs = document.createElement("script");
-    rcs.src = "https://ringcentral.github.io/engage-voice-embeddable/adapter.js?clientId=YOU_OWN_JWT_APP_CLIENT_ID&clientSecret=YOUR_OWN_JWT_APP_CLIENT_SECRET&jwt=JWT_TOKEN";
+    rcs.src = "https://ringcentral.github.io/engage-voice-embeddable/adapter.js?clientId=YOU_OWN_JWT_APP_CLIENT_ID&clientSecret=YOUR_OWN_JWT_APP_CLIENT_SECRET&jwt=JWT_TOKEN&jwtOwnerId=optional_owner_id";
     var rcs0 = document.getElementsByTagName("script")[0];
     rcs0.parentNode.insertBefore(rcs, rcs0);
   })();

diff --git a/src/adapter.ts b/src/adapter.ts
@@ -33,6 +33,7 @@ const {
   enablePopup,
   popupPageUri,
   jwt,
+  jwtOwnerId,
   hideCallNote,
 } = parseUri(paramsUri);
 
@@ -59,6 +60,7 @@ const appUri = `${appUrl}?${obj2uri({
   fromAdapter: 1,
   fromPopup,
   jwt,
+  jwtOwnerId,
   hideCallNote,
   _t: Date.now(),
 })}`;

diff --git a/src/app.tsx b/src/app.tsx
@@ -28,6 +28,7 @@ const {
   disableLoginPopup,
   fromPopup,
   jwt,
+  jwtOwnerId,
 } = pathParams;
 
 if (clientId) {
@@ -58,6 +59,7 @@ const phone = createPhone({
   disableLoginPopup: !!disableLoginPopup,
   fromPopup,
   jwt,
+  jwtOwnerId,
 });
 
 const store = createStore(phone.reducer);

diff --git a/src/modules/EvAuth/index.ts b/src/modules/EvAuth/index.ts
@@ -34,6 +34,7 @@ const DEFAULT_COUNTRIES = ['USA', 'CAN'];
   deps: [
     'EvClient',
     'Auth',
+    'OAuth',
     'Block',
     'Alert',
     'Locale',
@@ -292,7 +293,8 @@ class EvAuth extends RcModuleV2<Deps> implements Auth {
       this._deps.auth.loggedIn &&
       this.loginStatus !== loginStatus.AUTH_SUCCESS &&
       this.loginStatus !== loginStatus.LOGIN_SUCCESS &&
-      !this.connecting
+      !this.connecting &&
+      !this._deps.oAuth.jwtOwnerChanged
     ) {
       this.connecting = true;
       // when login make sure the logoutByOtherTab is false
@@ -324,7 +326,6 @@ class EvAuth extends RcModuleV2<Deps> implements Auth {
     await this._deps.block.next(this._logout);
 
     const logoutAgentResponse = await this.logoutAgent(agentId);
-
     // TODO: error handle when logout fail
     // TODO: when failed need tell other tab not logout => this._deps.tabManager.send(tabManagerEvents.LOGOUT);
     if (!logoutAgentResponse.message || logoutAgentResponse.message !== 'OK') {

diff --git a/src/modules/OAuth/index.ts b/src/modules/OAuth/index.ts
@@ -7,11 +7,13 @@ import messageTypes from '../../enums/messageTypes';
 @Module({
   name: 'OAuth',
   deps: [
-    { dep: 'OAuthOptions', optional: true }
+    { dep: 'OAuthOptions', optional: true },
+    { dep: 'Prefix' },
   ]
 })
 export default class OAuth extends OAuthBase {
   protected _userLogout = false;
+  protected _jwtLogged = false;
 
   openOAuthPage() {
     if (this._deps.oAuthOptions.disableLoginPopup) {
@@ -43,22 +45,60 @@ export default class OAuth extends OAuthBase {
         if (this._userLogout) {
           return;
         }
+        if (this._jwtLogged) {
+          return;
+        }
         if (
-          !this._deps.auth.notLoggedIn
+          !this._deps.auth.notLoggedIn && (
+            !this._deps.oAuthOptions.jwtOwnerId ||
+            this._deps.oAuthOptions.jwtOwnerId === this.jwtOwnerId
+          )
         ) {
           return;
         }
         if (this._deps.oAuthOptions.jwt) {
+          if (!this._deps.auth.notLoggedIn) {
+            this._userLogout = true;
+            // logout before jwt login, hack for evAuth
+            await this._deps.auth.logout();
+          }
+          this._jwtLogged = true;
           this._deps.auth.setLogin();
           this._deps.client.service.platform().login({
             jwt: this._deps.oAuthOptions.jwt,
           });
+          if (this._deps.oAuthOptions.jwtOwnerId) {
+            this.setJwtOwnerId(this._deps.oAuthOptions.jwtOwnerId);
+          }
         }
       },
       {
         multiple: true,
       },
     );
   }
+
+  get jwtOwnerId() {
+    // check localStorage api availability
+    if (!window.localStorage) {
+      return null;
+    }
+    return localStorage.getItem(`${this._deps.prefix}-jwt-owner-id`);
+  }
+
+  setJwtOwnerId(jwtOwnerId: string) {
+    // check localStorage api availability
+    if (!window.localStorage) {
+      return;
+    }
+    localStorage.setItem(`${this._deps.prefix}-jwt-owner-id`, jwtOwnerId);
+  }
+
+  get jwtOwnerChanged() {
+    return (
+      (!!this._deps.oAuthOptions.jwtOwnerId) &&
+      this._deps.oAuthOptions.jwtOwnerId !== this.jwtOwnerId
+    );
+  }
 }
 
diff --git a/src/modules/Phone/index.ts b/src/modules/Phone/index.ts
@@ -394,6 +394,7 @@ export function createPhone({
   redirectUri,
   fromPopup,
   jwt,
+  jwtOwnerId,
 }) {
   const appVersion = buildHash ? `${version} (${buildHash})` : version;
   const usePKCE = sdkConfig.clientId && !sdkConfig.clientSecret;
@@ -467,6 +468,7 @@ export function createPhone({
           disableLoginPopup,
           redirectUri,
           jwt,
+          jwtOwnerId,
         },
       },
       { provide: 'AuthOptions', useValue: { usePKCE } },