Improve localStorage ability checking; Iframe check on useDotYouClient;

homebase-id · Jul 13, 2023 · 09db0f2 · 09db0f2
1 parent c3c2ece
commit 09db0f2
Show file tree

Hide file tree

Showing 8 changed files with 43 additions and 24 deletions.
diff --git a/packages/common-app/src/hooks/auth/useDotYouClient.ts b/packages/common-app/src/hooks/auth/useDotYouClient.ts
@@ -1,5 +1,5 @@
 import { ApiType, DotYouClient } from '@youfoundation/js-lib/core';
-import { base64ToUint8Array } from '@youfoundation/js-lib/helpers';
+import { base64ToUint8Array, isLocalStorageAvailable } from '@youfoundation/js-lib/helpers';
 import { OwnerClient } from '../../core';
 import { APP_AUTH_TOKEN, APP_SHARED_SECRET, retrieveIdentity } from '@youfoundation/js-lib/auth';
 
@@ -16,8 +16,9 @@ export const useDotYouClient = () => {
 
   const _isOwner =
     _app === 'owner' ||
-    localStorage.getItem(STORAGE_IDENTITY_KEY) === window.location.host ||
-    !!localStorage.getItem(OWNER_SHARED_SECRET);
+    (isLocalStorageAvailable() &&
+      localStorage.getItem(STORAGE_IDENTITY_KEY) === window.location.host) ||
+    (isLocalStorageAvailable() && !!localStorage.getItem(OWNER_SHARED_SECRET));
 
   const getApiType = () => {
     if (_app === 'apps') return ApiType.App;
@@ -27,11 +28,13 @@ export const useDotYouClient = () => {
   };
 
   const getRawSharedSecret = () =>
-    _app !== 'apps'
-      ? _isOwner
-        ? window.localStorage.getItem(OWNER_SHARED_SECRET)
-        : window.localStorage.getItem(HOME_SHARED_SECRET)
-      : window.localStorage.getItem(APP_SHARED_SECRET);
+    isLocalStorageAvailable()
+      ? _app !== 'apps'
+        ? _isOwner
+          ? window.localStorage.getItem(OWNER_SHARED_SECRET)
+          : window.localStorage.getItem(HOME_SHARED_SECRET)
+        : window.localStorage.getItem(APP_SHARED_SECRET)
+      : undefined;
 
   const hasSharedSecret = !!getRawSharedSecret();
 
@@ -45,6 +48,9 @@ export const useDotYouClient = () => {
   };
 
   const getDotYouClient = () => {
+    // When running in an iframe, use the public YouAuth Api;
+    if (window.self !== window.top) return new DotYouClient({ api: ApiType.YouAuth });
+
     const apiType = getApiType();
 
     if (apiType === ApiType.Owner)

diff --git a/packages/js-lib/src/auth/providers/AuthenticationProvider.ts b/packages/js-lib/src/auth/providers/AuthenticationProvider.ts
@@ -1,4 +1,5 @@
 import { ApiType, DotYouClient } from '../../core/DotYouClient';
+import { isLocalStorageAvailable } from '../../helpers/BrowserUtil';
 import { base64ToUint8Array, uint8ArrayToBase64 } from '../../helpers/DataUtil';
 import { getBrowser, getOperatingSystem } from '../helpers/browserInfo';
 import { retrieveIdentity, saveIdentity } from './IdentityProvider';
@@ -8,13 +9,12 @@ export const APP_SHARED_SECRET = 'APSS';
 export const APP_AUTH_TOKEN = 'BX0900';
 
 const getSharedSecret = () => {
-  if (typeof localStorage === 'undefined') return;
+  if (!isLocalStorageAvailable()) return;
   const raw = localStorage.getItem(APP_SHARED_SECRET);
   if (raw) return base64ToUint8Array(raw);
 };
 
-const getAppAuthToken = () =>
-  typeof localStorage !== 'undefined' && localStorage.getItem(APP_AUTH_TOKEN);
+const getAppAuthToken = () => isLocalStorageAvailable() && localStorage.getItem(APP_AUTH_TOKEN);
 
 //checks if the authentication token (stored in a cookie) is valid
 export const hasValidToken = async (dotYouClient: DotYouClient): Promise<boolean> => {
@@ -87,7 +87,7 @@ export const finalizeAuthentication = async (
   const { authToken, sharedSecret } = splitDataString(decryptedData);
 
   // Store authToken and sharedSecret
-  if (typeof localStorage !== 'undefined') {
+  if (isLocalStorageAvailable()) {
     localStorage.setItem(APP_SHARED_SECRET, uint8ArrayToBase64(sharedSecret));
     localStorage.setItem(APP_AUTH_TOKEN, uint8ArrayToBase64(authToken));
   }
@@ -107,7 +107,7 @@ export const logout = async (dotYouClient: DotYouClient) => {
       return { status: 400, data: false };
     });
 
-  if (typeof localStorage !== 'undefined') {
+  if (isLocalStorageAvailable()) {
     localStorage.removeItem(APP_SHARED_SECRET);
     localStorage.removeItem(APP_AUTH_TOKEN);
   }

diff --git a/packages/js-lib/src/auth/providers/IdentityProvider.ts b/packages/js-lib/src/auth/providers/IdentityProvider.ts
@@ -1,9 +1,11 @@
+import { isLocalStorageAvailable } from '../../helpers/BrowserUtil';
+
 const STORAGE_IDENTITY = 'identity';
 export const saveIdentity = (identity: string) => {
-  if (typeof localStorage === 'undefined') return;
+  if (!isLocalStorageAvailable()) return;
   localStorage.setItem(STORAGE_IDENTITY, identity);
 };
 export const retrieveIdentity = () => {
-  if (typeof localStorage === 'undefined') return;
+  if (!isLocalStorageAvailable()) return;
   return localStorage.getItem(STORAGE_IDENTITY) || '';
 };
diff --git a/packages/js-lib/src/auth/providers/KeyProvider.ts b/packages/js-lib/src/auth/providers/KeyProvider.ts
@@ -1,3 +1,4 @@
+import { isLocalStorageAvailable } from '../../helpers/BrowserUtil';
 import { base64ToUint8Array, uint8ArrayToBase64 } from '../../helpers/DataUtil';
 
 const STORAGE_KEY = 'pk';
@@ -35,15 +36,15 @@ export const decryptWithKey = async (encrypted: string, key: CryptoKey) => {
 
 // Saves private key of a pair
 export const saveKey = async (keyPair: CryptoKeyPair) => {
-  if (typeof crypto === 'undefined' || typeof localStorage === 'undefined') return null;
+  if (typeof crypto === 'undefined' || !isLocalStorageAvailable()) return null;
   await crypto.subtle
     .exportKey('pkcs8', keyPair.privateKey)
     .then((e) => localStorage.setItem(STORAGE_KEY, uint8ArrayToBase64(new Uint8Array(e))));
 };
 
 // Retrieves private key of a pair
 export const retrieveKey = async () => {
-  if (typeof crypto === 'undefined' || typeof localStorage === 'undefined') return null;
+  if (typeof crypto === 'undefined' || !isLocalStorageAvailable()) return null;
   const key = base64ToUint8Array(localStorage.getItem(STORAGE_KEY) || '');
   return await crypto.subtle
     .importKey(
@@ -68,5 +69,5 @@ export const retrieveKey = async () => {
 
 // Clears private key from storage
 export const throwAwayTheKey = () => {
-  if (typeof localStorage !== 'undefined') localStorage.removeItem(STORAGE_KEY);
+  if (isLocalStorageAvailable()) localStorage.removeItem(STORAGE_KEY);
 };
diff --git a/packages/js-lib/src/core/DotYouClient.ts b/packages/js-lib/src/core/DotYouClient.ts
@@ -1,6 +1,6 @@
 import axios, { AxiosError } from 'axios';
 import { decryptData, encryptData, encryptUrl } from './InterceptionEncryptionUtil';
-import { jsonStringify64 } from '../helpers/helpers';
+import { isLocalStorageAvailable, jsonStringify64 } from '../helpers/helpers';
 
 export enum ApiType {
   Owner,
@@ -72,16 +72,15 @@ export class BaseDotYouClient {
   createAxiosClient(options?: createAxiosClientOptions) {
     const client = axios.create({
       baseURL: this.getEndpoint(),
-      withCredentials: true,
+      withCredentials: isLocalStorageAvailable(),
       headers: { ...this._options.headers, ...options?.headers },
     });
 
     if (options?.overrideEncryption) return client;
 
     // Encryption/Decryption on requests and responses
     const ss = this.getSharedSecret();
-    const isDebug =
-      typeof localStorage !== 'undefined' ? localStorage.getItem('debug') === '1' : false;
+    const isDebug = isLocalStorageAvailable() ? localStorage.getItem('debug') === '1' : false;
 
     client.interceptors.request.use(
       async function (request) {

diff --git a/packages/js-lib/src/core/NotificationData/NotificationProvider.ts b/packages/js-lib/src/core/NotificationData/NotificationProvider.ts
@@ -1,4 +1,4 @@
-import { jsonStringify64 } from '../../helpers/helpers';
+import { isLocalStorageAvailable, jsonStringify64 } from '../../helpers/helpers';
 import { ApiType, DotYouClient } from '../DotYouClient';
 import { decryptData, encryptData, getRandomIv } from '../InterceptionEncryptionUtil';
 import { TargetDrive } from '../core';
@@ -24,7 +24,7 @@ interface RawClientNotification {
   data: string;
 }
 
-const isDebug = typeof localStorage !== 'undefined' && localStorage.getItem('debug') === '1';
+const isDebug = isLocalStorageAvailable() && localStorage.getItem('debug') === '1';
 
 const ParseRawClientNotification = (
   notification: RawClientNotification

diff --git a/packages/js-lib/src/helpers/BrowserUtil.ts b/packages/js-lib/src/helpers/BrowserUtil.ts
@@ -0,0 +1,10 @@
+export const isLocalStorageAvailable = () => {
+  const test = 'test';
+  try {
+    localStorage.setItem(test, test);
+    localStorage.removeItem(test);
+    return true;
+  } catch (e) {
+    return false;
+  }
+};
diff --git a/packages/js-lib/src/helpers/helpers.tsx b/packages/js-lib/src/helpers/helpers.tsx
@@ -1,3 +1,4 @@
 export * from './AesEncrypt';
 export * from './DataUtil';
+export * from './BrowserUtil';
 export * from './VideoSegmenter';