From fc70ad2f6581b888b3d730beb39f1e543027febc Mon Sep 17 00:00:00 2001
From: Hans-Peter Herzog <hherzog@sipwise.com>
Date: Thu, 22 Jul 2021 15:21:12 +0200
Subject: [PATCH] TT#132162 As Admin, I want to login from AUIv1

- If token is valid the related user is logged in automatically
- Existing user (JWT) in the same browser context gets overwritten
- If token is invalid user lands on login page
- Token is removed from URL after it was processed

Change-Id: Ied1266178281bd10420594ceca3cbd4b84e1490d
---
 src/api/user.js  | 18 ++++++++++++++++++
 src/boot/user.js | 19 ++++++++++++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/src/api/user.js b/src/api/user.js
index 1b3eb750..7dec0293 100644
--- a/src/api/user.js
+++ b/src/api/user.js
@@ -33,6 +33,24 @@ export function login (username, password) {
     })
 }
 
+export async function loginByExchangeToken (token) {
+    try {
+        const res = await Vue.http.post('login_jwt', {
+            token: token
+        })
+        return {
+            jwt: res.body?.jwt,
+            subscriberId: res.body?.subscriber_id + ''
+        }
+    } catch (err) {
+        if (err.status && err.status >= 400) {
+            throw new Error(err.body.message)
+        } else {
+            throw err
+        }
+    }
+}
+
 export function getUserData (id) {
     return new Promise((resolve, reject) => {
         return Promise.all([
diff --git a/src/boot/user.js b/src/boot/user.js
index c4a3d520..ffb008d3 100644
--- a/src/boot/user.js
+++ b/src/boot/user.js
@@ -1,6 +1,23 @@
-import { hasJwt } from 'src/auth'
+import { hasJwt, setJwt, setSubscriberId } from 'src/auth'
+import { loginByExchangeToken } from 'src/api/user'
 
 export default async ({ store }) => {
+    // Todo: Use "URL" shim to hide workaround
+    const linkDomNode = document.createElement('a')
+    linkDomNode.href = document.location.href
+    const searchParams = new URLSearchParams(linkDomNode.search)
+    if (searchParams.has('a')) {
+        try {
+            const exchangeToken = searchParams.get('a')
+            const authRes = await loginByExchangeToken(exchangeToken)
+            setJwt(authRes.jwt)
+            setSubscriberId(authRes.subscriberId)
+        } finally {
+            searchParams.delete('a')
+            linkDomNode.search = searchParams.toString()
+            document.location.href = linkDomNode.href
+        }
+    }
     if (hasJwt()) {
         await store.dispatch('user/initUser')
     }