Add withCredentials param to request options instead of using http interceptor

2025-10-07 10:04:11 +00:00 · 2020-01-22 17:06:54 +01:00
parent c8d516598a
commit b19aa64052
3 changed files with 12 additions and 12 deletions
--- a/src/app/core/auth/auth.interceptor.ts
+++ b/src/app/core/auth/auth.interceptor.ts
@@ -213,7 +213,6 @@ export class AuthInterceptor implements HttpInterceptor {

    const token: AuthTokenInfo = authService.getToken();
    let newReq: HttpRequest<any>;
-    let updateReq: any = {};
    let authorization: string;

    if (authService.isTokenExpired()) {
@@ -239,10 +238,7 @@ export class AuthInterceptor implements HttpInterceptor {
      // Clone the request to add the new header.
      newReq = req.clone({ headers: req.headers.set('authorization', authorization) });
    } else {
-      if (this.isAuthRequest(req)) {
-        updateReq = { withCredentials: true };
-      }
-      newReq = req.clone(updateReq);
+      newReq = req.clone();
    }

    // Pass on the new request instead of the original request.
--- a/src/app/core/auth/auth.service.ts
+++ b/src/app/core/auth/auth.service.ts
@@ -16,13 +16,7 @@ import { AuthStatus } from './models/auth-status.model';
 import { AuthTokenInfo, TOKENITEM } from './models/auth-token-info.model';
 import { isEmpty, isNotEmpty, isNotNull, isNotUndefined } from '../../shared/empty.util';
 import { CookieService } from '../services/cookie.service';
-import {
-  getAuthenticationMethods,
-  getAuthenticationToken,
-  getRedirectUrl,
-  isAuthenticated,
-  isTokenRefreshing
-} from './selectors';
+import { getAuthenticationToken, getRedirectUrl, isAuthenticated, isTokenRefreshing } from './selectors';
 import { AppState, routerStateSelector } from '../../app.reducer';
 import {
  CheckAuthenticationTokenAction,
@@ -134,6 +128,7 @@ export class AuthService {
    let headers = new HttpHeaders();
    headers = headers.append('Accept', 'application/json');
    options.headers = headers;
+    options.withCredentials = true;
    return this.authRequestService.getRequest('status', options).pipe(
      map((status: NormalizedAuthStatus) => Object.assign(new AuthStatus(), status))
    );
@@ -207,6 +202,7 @@ export class AuthService {
      headers = headers.append('Authorization', `Bearer ${token.accessToken}`);
    }
    options.headers = headers;
+    options.withCredentials = true;
    return this.authRequestService.postToEndpoint('login', {}, options).pipe(
      map((status: AuthStatus) => {
        if (status.authenticated) {
--- a/src/app/core/dspace-rest-v2/dspace-rest-v2.service.ts
+++ b/src/app/core/dspace-rest-v2/dspace-rest-v2.service.ts
@@ -91,6 +91,14 @@ export class DSpaceRESTv2Service {
      requestOptions.headers = options.headers;
    }

+    if (options && options.params) {
+      requestOptions.params = options.params;
+    }
+
+    if (options && options.withCredentials) {
+      requestOptions.withCredentials = options.withCredentials;
+    }
+
    if (!requestOptions.headers.has('Content-Type')) {
      // Because HttpHeaders is immutable, the set method returns a new object instead of updating the existing headers
      requestOptions.headers = requestOptions.headers.set('Content-Type', DEFAULT_CONTENT_TYPE);