cartes.gouv.fr-service
    Preparing search index...

    Class ServiceLocal

    ServiceLocal est une implémentation de ServiceBase qui gère l'authentification via OAuth2 en mode local.

    Il utilise la librairie @badgateway/oauth2-client pour gérer le flux d'authentification OAuth2 avec PKCE.

    Le mode local implique que l'application gère directement le flux d'authentification avec le serveur IAM (ex. Keycloak) sans passer par une API intermédiaire.

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    settings authenticated user documents error mode url session codeVerifier code token routing api

    Methods

    getFetch setFetch saveStore throwError isPending stopPending getEmitter setEmitter checkKeycloakSession resolveAccessStatus getAccessToken isAuthenticatedLocally validateAuthentication getAccessLogin getAccessLogout getAccessLogoutSilent isTokenExpiredForMoreThan12h

    Constructors

    Properties

    settings: any
    authenticated: any

    authentification

    user: any

    user

    documents: any

    documents

    error: any

    erreurs IAM

    mode: any

    mode local ou remote on force toujours le mode d'authentification pour éviter les erreurs de configuration

    url: string
    session: any

    state session

    codeVerifier: any

    code verificated

    code: any

    code

    token: any

    token

    routing: any

    routing: si true, les redirectUri utilisent les routes /login et /logout

    api: string

    Methods

    • Set Fetch

      Parameters

      • fetcher: any

        fetch instance to sets

      Returns void

    • Save the current service state to the store

      Returns void

      This method saves the current state of the service instance to the service store. It is typically called after any changes to the service's properties to ensure that the latest state is persisted.

      // Usage:
      const service = new ServiceBase();
      service.saveStore();

    • Throw an error

      Parameters

      • error: any

      Returns void

    • Check if the service is pending

      Returns boolean

      • true if pending, false otherwise

    • Stop the pending state

      Returns void

      This method sets the pending state of the service to false, indicating that the service is no longer in a pending state. It is typically called when an operation is completed or cancelled.

    • Get emitter instance used to dispatch global events.

      Returns any

    • Set emitter instance used to dispatch global events.

      Parameters

      • emitter: any

      Returns void

    • Verifie la session Keycloak en utilisant (iframe)

      • soit avec la librairie Keycloak (par défaut)
      • soit via la méthode oauth2

      Parameters

      • adapter: string

        oauth2 or keycloak

      Returns Promise<boolean>

      • true if session is active, false otherwise

    • Check if the access is valid

      Returns Promise<any>

      • Promise that resolves if access is valid, rejects otherwise

    • Get the access token

      Returns Promise<any>

      • Promise that resolves with the access token

    • Check if the authentificate is already done locally

      Returns boolean

      • True if authentificate

    • Check if the authentificate is really done

      Returns Promise<boolean>

      • True if authentificate

    • IAM pour se connecter

      Returns Promise<string>

      Login

      // requête :
      https://sso.geopf.fr/realms/geoplateforme/protocol/openid-connect/auth?
       scope=openid%20profile%20email&
       response_type=code&
       approval_prompt=auto&
       redirect_uri=http%3A%2F%2Flocalhost%3A5173%2Fcartes.gouv.fr-entree-carto/login&
       client_id=IAM_CLIENT_ID
      // réponse avec redirection :
      http://localhost:5173/cartes.gouv.fr-entree-carto/login?
       session_state=968321a6-385e-4058-a17a-571ab08303bd&
       iss=https%3A%2F%2Fsso.geopf.fr%2Frealms%2Fgeoplateforme&
       code=168e7dd8-ae1f-4f8b-99f7-ae0aac066067.968321a6-385e-4058-a17a-571ab08303bd.3038d336-2dfa-4c2e-954e-090ee781ed7f

    • IAM pour se deconnecter

      Returns Promise<string>

      Logout

      // requête :
      https://sso.geopf.fr/realms/geoplateforme/protocol/openid-connect/logout?
       post_logout_redirect_uri=http%3A%2F%2Flocalhost%3A5173%2Fcartes.gouv.fr-entree-carto/logout&
       scope=profile%20email&
       response_type=code&
       approval_prompt=auto&
       client_id=IAM_CLIENT_ID
      // réponse avec redirection :
      http://localhost:5173/cartes.gouv.fr-entree-carto/?
       session_state=968321a6-385e-4058-a17a-571ab08303bd

    • IAM pour se deconnecter silencieusement

      Returns Promise<string>

      Logout

      GET /realms/{realm}/protocol/openid-connect/logout?
        id_token_hint=<id_token>
        &post_logout_redirect_uri=https://myapp.com/loggedout
        &client_id=my-client

    • Not used ! Indique si le token est expiré depuis plus de 12h.

      Returns boolean

      Cette vérification devait être utilisée pour déclencher une déconnexion silencieuse lorsque le token est expiré depuis plus de 12 heures. Mais, le nouveau workflow de deconnexion ne se base plus sur cette logique...

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods