NIFI-10313 Removed Expiration Token on Authentication Errors

- Updated standard user interface error handler to clear the Access-Token-Expiration item from Session Storage when receiving an error with the WWW-Authenticate Header indicating a problem with the Bearer Token Signed-off-by: Nathan Gough <thenatog@gmail.com> This closes #6334.
2022-08-24 16:40:15 -05:00 · 2022-08-24 16:40:15 -05:00 · b777978293
parent f5fee4dda3
commit b777978293
1 changed files with 20 additions and 6 deletions
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/nf-error-handler.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/nf-error-handler.js
@ -21,20 +21,24 @@
    if (typeof define === 'function' && define.amd) {
        define(['jquery',
                'nf.Dialog',
-                'nf.Common'],
-            function ($, nfDialog, nfCommon) {
-                return (nf.ErrorHandler = factory($, nfDialog, nfCommon));
+                'nf.Common',
+                'nf.AuthorizationStorage'],
+            function ($, nfDialog, nfCommon, nfAuthorizationStorage) {
+                return (nf.ErrorHandler = factory($, nfDialog, nfCommon, nfAuthorizationStorage));
            });
    } else if (typeof exports === 'object' && typeof module === 'object') {
        module.exports = (nf.ErrorHandler = factory(require('jquery'),
            require('nf.Dialog'),
-            require('nf.Common')));
+            require('nf.Common'),
+            require('nf.AuthorizationStorage')
+        ));
    } else {
        nf.ErrorHandler = factory(root.$,
            root.nf.Dialog,
-            root.nf.Common);
+            root.nf.Common,
+            root.nf.AuthorizationStorage);
    }
-}(this, function ($, nfDialog, nfCommon) {
+}(this, function ($, nfDialog, nfCommon, nfAuthorizationStorage) {
    'use strict';

    var self = {
@ -47,6 +51,9 @@
         */
        handleAjaxError: function (xhr, status, error) {
            if (status === 'canceled') {
+                // Remove Token from storage for session expiration
+                nfAuthorizationStorage.removeToken();
+
                if ($('#splash').is(':visible')) {
                    $('#message-title').text('Session Expired');
                    $('#message-content').text('Your session has expired. Please reload to log in again.');
@ -65,6 +72,13 @@
                return;
            }

+            // Remove Token from storage when REST API returns WWW-Authenticate Bearer indicating authorization errors
+            var authenticateHeader = xhr.getResponseHeader('WWW-Authenticate');
+            var bearerPattern = new RegExp('^Bearer.*$');
+            if (bearerPattern.test(authenticateHeader)) {
+                nfAuthorizationStorage.removeToken();
+            }
+
            // if an error occurs while the splash screen is visible close the canvas show the error message
            if ($('#splash').is(':visible')) {
                if (xhr.status === 401) {