diff --git a/src/app/app-routing-paths.ts b/src/app/app-routing-paths.ts index 3f0b806a2c..4ef99559a8 100644 --- a/src/app/app-routing-paths.ts +++ b/src/app/app-routing-paths.ts @@ -34,12 +34,19 @@ export function getBitstreamRequestACopyRoute(item, bitstream): { routerLink: st }, }; } + +/** + * Get a bitstream download route with an access token (to provide direct access to a user) added as a query parameter + * @param bitstream the bitstream to download + * @param accessToken the access token, which should match an access_token in the requestitem table + */ export function getBitstreamDownloadWithAccessTokenRoute(bitstream, accessToken): { routerLink: string, queryParams: any } { const url = new URLCombiner(getBitstreamModuleRoute(), bitstream.uuid, 'download').toString(); const options = { routerLink: url, queryParams: {}, }; + // Only add the access token if it is not empty, otherwise keep valid empty query parameters if (hasValue(accessToken)) { options.queryParams = { accessToken: accessToken }; } @@ -60,21 +67,7 @@ export function getAccessTokenRequestRoute(item_uuid, accessToken): { routerLink }; return options; } -/** - * Get an access token request route for a user to access approved bitstreams using a supplied access token - * @param item_uuid item UUID - * @param accessToken access token (generated by backend) - */ -export function getAccessTokenRequestFileRoute(item_uuid, accessToken): { routerLink: string, queryParams: any } { - const url = new URLCombiner(getItemModuleRoute(), item_uuid, ACCESS_BY_TOKEN_MODULE_PATH).toString(); - const options = { - routerLink: url, - queryParams: { - accessToken: (hasValue(accessToken) ? accessToken : undefined), - }, - }; - return options; -} + export const COAR_NOTIFY_SUPPORT = 'coar-notify-support'; export const HOME_PAGE_PATH = 'home'; diff --git a/src/app/bitstream-page/bitstream-download-page/bitstream-download-page.component.ts b/src/app/bitstream-page/bitstream-download-page/bitstream-download-page.component.ts index 9a4ee2df97..23117c1bac 100644 --- a/src/app/bitstream-page/bitstream-download-page/bitstream-download-page.component.ts +++ b/src/app/bitstream-page/bitstream-download-page/bitstream-download-page.component.ts @@ -93,7 +93,6 @@ export class BitstreamDownloadPageComponent implements OnInit { map((data) => data.bitstream)); this.bitstream$ = this.bitstreamRD$.pipe( - // TODO: this redirect was commented out earlier... redirectOn4xx(this.router, this.auth), getRemoteDataPayload(), ); @@ -101,7 +100,6 @@ export class BitstreamDownloadPageComponent implements OnInit { this.bitstream$.pipe( switchMap((bitstream: Bitstream) => { const isAuthorized$ = this.authorizationService.isAuthorized(FeatureID.CanDownload, isNotEmpty(bitstream) ? bitstream.self : undefined); - // TODO isAuthorizedByToken check here so we already know if this token is going to be valid? const isLoggedIn$ = this.auth.isAuthenticated(); return observableCombineLatest([isAuthorized$, isLoggedIn$, accessToken$, observableOf(bitstream)]); }), @@ -116,32 +114,12 @@ export class BitstreamDownloadPageComponent implements OnInit { return [isAuthorized, isLoggedIn, bitstream, fileLink]; })); } else if (hasValue(accessToken)) { - // We aren't authorized or logged in, but we might have temp access via the access token - console.log('RETRIEVE WITH ACCESS TOKEN'); - console.log('BUT - we dont want to retrieve the link with access token eh bro'); - // return this.fileService.retrieveFileDownloadLinkWithAccessToken(bitstream._links.content.href, accessToken).pipe( - // filter((fileLink) => hasValue(fileLink)), - // take(1), - // map((fileLink) => { - // return [isAuthorized, isLoggedIn, bitstream, fileLink]; - // })); return [[isAuthorized, !isLoggedIn, bitstream, '', accessToken]]; } else { return [[isAuthorized, isLoggedIn, bitstream, '']]; } }), ).subscribe(([isAuthorized, isLoggedIn, bitstream, fileLink, accessToken]: [boolean, boolean, Bitstream, string, string]) => { - // if (isAuthorized && isLoggedIn && isNotEmpty(fileLink)) { - // this.hardRedirectService.redirect(fileLink); - // } else if (isAuthorized && !isLoggedIn) { - // this.hardRedirectService.redirect(bitstream._links.content.href); - // } else if (!isAuthorized && isLoggedIn) { - // this.router.navigateByUrl(getForbiddenRoute(), {skipLocationChange: true}); - // } else if (!isAuthorized && !isLoggedIn) { - // this.auth.setRedirectUrl(this.router.url); - // this.router.navigateByUrl('login'); - // } - if (isAuthorized && isLoggedIn && isNotEmpty(fileLink)) { this.hardRedirectService.redirect(fileLink); } else if (isAuthorized && !isLoggedIn && !hasValue(accessToken)) { diff --git a/src/app/item-page/bitstreams/request-a-copy/altcha-captcha.component.ts b/src/app/item-page/bitstreams/request-a-copy/altcha-captcha.component.ts index 9740068d67..a9d5fd77f3 100644 --- a/src/app/item-page/bitstreams/request-a-copy/altcha-captcha.component.ts +++ b/src/app/item-page/bitstreams/request-a-copy/altcha-captcha.component.ts @@ -30,11 +30,22 @@ import { VarDirective } from '../../../shared/utils/var.directive'; schemas: [CUSTOM_ELEMENTS_SCHEMA], standalone: true, }) + +/** + * Component that renders the ALTCHA captcha widget. GDPR-compliant, no cookies, proof-of-work based anti-spam captcha. + * See: https://altcha.org/ + * + * Once the proof of work is verified, the final payload is emitted to the parent component for inclusion in the form submission. + */ export class AltchaCaptchaComponent implements OnInit { + // Challenge URL, to query the backend (or other remote) for a challenge @Input() challengeUrl: string; - @Input() autoload: string; + // Whether / how to autoload the widget, e.g. 'onload', 'onsubmit', 'onfocus', 'off' + @Input() autoload = 'onload'; + // Whether to debug altcha activity to the javascript console @Input() debug: boolean; + // The final calculated payload (containing, challenge, salt, number) to be sent with the protected form submission for validation @Output() payload = new EventEmitter; ngOnInit(): void {