let gAccessToken = null; let gUserName = ""; let gPermissions = new Set(); const PAGE_401 = "/html/401.html"; const CALLBACK_URL = "auth-callback"; const USER_PROFILE_ENDPOINT = "https://auth0-proxy-dot-toolbox-235607.appspot.com/userinfo"; const webAuth = new auth0.WebAuth({ domain: "imperson.auth0.com", clientID: "xgzeb3pAEdiBHOqvHMONxSUvLRsgOcFl", responseType: "token", scope: "openid", redirectUri: window.location.origin + "/" + CALLBACK_URL }); function loginFailed(err) { if (err) console.error(err); window.location.href = PAGE_401 + (err ? "?error=" + err : ""); } function scheduleRenewToken(tokenExpiresAt) { if (!tokenExpiresAt) return; let delay = tokenExpiresAt - Date.now() - 10 * 1000; if (delay > 0) { setTimeout(() => { webAuth.checkSession({}, (err, authResult) => { if (err) console.error("Token renewal error:" + err.error + "-" + err.errorDescription); else { gAccessToken = authResult.accessToken; let tokenExpiresAt = Date.now() + parseInt(authResult.expiresIn) * 1000; console.log("Token refreshed"); scheduleRenewToken(tokenExpiresAt); } }); }, delay); } } async function doLogin(loggedinCallback) { if ($.url(1) !== CALLBACK_URL) { webAuth.authorize({state: saveState({href: window.location.href})}); return; } webAuth.parseHash(async (err, authResult) => { if (err) { loginFailed(`Cannot parse hash: ${err.error}-${err.errorDescription}`); return; } if (!authResult || !authResult.accessToken || !authResult.state) { loginFailed(`Missing auth result data: ${JSON.stringify(authResult)}`); return; } gAccessToken = authResult.accessToken; let tokenExpiresAt = authResult.expiresIn ? Date.now() + parseInt(authResult.expiresIn) * 1000 : undefined; const state = loadState(authResult.state); if (!state) { loginFailed("Error restoring state"); return; } try { let result = await fetch(USER_PROFILE_ENDPOINT, {headers: {Authorization: "Bearer " + gAccessToken}}); if (result.ok) { let user = await result.json(); gUserName = user["https://imperson.com/name"]; let metadata = user["https://imperson.com/app_metadata"]; if (metadata && metadata.permissions) gPermissions = new Set(metadata.permissions); scheduleRenewToken(tokenExpiresAt); history.pushState("", document.title, state.href); console.log("Logged in"); loggedinCallback(); } else { loginFailed("Error fetching user profile: " + result.statusText + ", code:" + result.status); } } catch (e) { loginFailed("Error fetching user profile: " + e); } }); } function saveState(state) { let key = Math.random() .toString(36) .replace("0.", ""); localStorage.setItem(key, JSON.stringify(state)); return key; } function loadState(key) { let stateStr = localStorage.getItem(key); if (stateStr) { localStorage.removeItem(key); return JSON.parse(stateStr); } return null; } function canViewDB(dbName) { if (!dbName) dbName = gPersonality; return canUpdateDB(dbName) || gPermissions.has("/db/view/*") || gPermissions.has("/db/view/" + dbName); } function canUpdateDB(dbName) { if (!dbName) dbName = gPersonality; return gPermissions.has("/db/update/*") || gPermissions.has("/db/update/" + dbName); } function canManageDB(dbName) { if (!dbName) dbName = gPersonality; return gPermissions.has("/db/manage/*") || gPermissions.has("/db/manage/" + dbName); } function canCreateDB(dbName) { if (!dbName) dbName = gPersonality; return gPermissions.has("/db/create/*") || gPermissions.has("/db/create/" + dbName); } function canCreateAnyDB() { return !!Array.from(gPermissions).filter(p => p.startsWith("/db/create/")).length; } function canDeployCustomerId(customerId) { return gPermissions.has("/bot/deploy/*") || gPermissions.has("/bot/deploy/" + customerId); } function canDeleteDB(dbName) { return gPermissions.has("/db/delete/*") || gPermissions.has("/db/delete/" + dbName); } function canDeleteAnyDB() { return !!Array.from(gPermissions).filter(p => p.startsWith("/db/delete/")).length; } function isAdmin() { return gPermissions.has("/golem/admin"); }