diff --git a/renderer/AuthProvider.js b/renderer/AuthProvider.js index 4fba94e..759e289 100644 --- a/renderer/AuthProvider.js +++ b/renderer/AuthProvider.js @@ -34,8 +34,14 @@ class AuthProvider { } async logout() { - if (!this.account) return; - + if (!this.account){ + this.account = await this.getAccount(); + console.log('AuthProvider logout: ', this.account); + } + if (!this.account) { + console.log('AuthProvider logout: no account'); + return; + } try { /** * If you would like to end the session with AAD, use the logout endpoint. You'll need to enable diff --git a/renderer/authConfig.js b/renderer/authConfig.js index 9019bd4..ed70cd3 100644 --- a/renderer/authConfig.js +++ b/renderer/authConfig.js @@ -38,7 +38,7 @@ const protectedResources = { graphMe: { endpoint: `${GRAPH_ENDPOINT_HOST}v1.0/me`, // scopes: ["User.Read"], - scopes: ["OneDrive.ReadWrite", "offline_access", "openid", "profile", "User.Read"] + scopes: ["OneDrive.ReadWrite", "User.Read"] } }; diff --git a/renderer/graphApi.js b/renderer/graphApi.js index bb9c7dc..f1436eb 100644 --- a/renderer/graphApi.js +++ b/renderer/graphApi.js @@ -1,6 +1,10 @@ const { BrowserWindow } = require('@electron/remote'); const { v4: uuidv4 } = require('uuid'); // Add this for GUID generation +const AuthProvider = require("./AuthProvider"); +const { protectedResources, msalConfig } = require("./authConfig"); + +let authProvider; class GraphApiClient { constructor() { this.baseUrl = 'https://graph.microsoft.com/v1.0'; @@ -10,103 +14,6 @@ class GraphApiClient { } - async getAccessToken() { - return new Promise((resolve, reject) => { - const authWindow = new BrowserWindow({ - width: 800, - height: 600, - show: true, - webPreferences: { - nodeIntegration: false, - contextIsolation: true - } - }); - - const authUrl = `https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?` + - `client_id=${this.clientId}` + - `&nonce=uv.${uuidv4()}` + - `&response_mode=form_post` + - `&scope=${this.scopes}` + - `&response_type=code` + - `&redirect_uri=${encodeURIComponent(this.redirectUrl)}`; - - console.log('Loading auth URL:', authUrl); - authWindow.loadURL(authUrl); - - // Handle the navigation events - authWindow.webContents.on('will-navigate', (event, url) => { - console.log('Navigation detected:', url); - handleCallback(url); - }); - - authWindow.webContents.on('will-redirect', (event, url) => { - console.log('Redirect detected:', url); - handleCallback(url); - }); - - const handleCallback = async (callbackUrl) => { - // Check if this is our redirect URI - if (callbackUrl.startsWith(this.redirectUrl)) { - console.log('Redirect URI matched, getting cookies...'); - - try { - // Get all cookies - const cookies = await authWindow.webContents.session.cookies.get({}); - console.log('Found cookies:', cookies.length); - console.log('Cookies:', cookies); - - // Find the access token cookie - const accessTokenCookie = cookies.find( - c => c.name === 'AccessToken-OneDrive.ReadWrite' - ); - console.log('Access token cookie:', accessTokenCookie); - - - if (!accessTokenCookie) { - console.log('Access token not found in cookies'); - return; - } - - // Clean and format the access token - let accessToken = accessTokenCookie.value; - console.log('Access token:', accessToken); - // Remove any URL encoding - accessToken = decodeURIComponent(accessToken); - console.log('Access token decoded:', accessToken); - // Remove any extra dots beyond the two expected in a JWT - const tokenParts = accessToken.split('.'); - if (tokenParts.length > 3) { - accessToken = tokenParts.slice(0, 3).join('.'); - } - - console.log('Access token formatted:', accessToken); - - // Convert cookies to a cookie string - const cookieString = cookies - .map(cookie => `${cookie.name}=${cookie.value}`) - .join('; '); - - authWindow.close(); - resolve({ - cookies: cookieString, - accessToken: accessToken - }); - - } catch (error) { - console.error('Error getting cookies:', error); - reject(error); - } - } - }; - - // Handle window closing - authWindow.on('closed', () => { - console.log('Auth window closed'); - reject(new Error('Authentication window was closed')); - }); - }); - } - cleanPath(path) { return path .replace(/^\/+|\/+$/g, '') // Remove leading/trailing slashes @@ -118,8 +25,21 @@ class GraphApiClient { async listFolderContents(folderPath) { try { console.log('graphApiClient listFolderContents:', folderPath); - const auth = await this.getAccessToken(); - console.log('graphApiClient Auth received'); + const tokenRequest = { + scopes: protectedResources.graphMe.scopes + }; + console.log('graphApiClient tokenRequest:', tokenRequest); + if (!authProvider) { + authProvider = new AuthProvider(msalConfig); + console.log('graphApiClient AuthProvider created', msalConfig); + } + + await authProvider.logout(); + const tokenResponse = await authProvider.getToken(tokenRequest); + const account = authProvider.account; + const accessToken = tokenResponse.accessToken; + console.log('graphApiClient Auth received: ', accessToken); + console.log('graphApiClient Auth received: ', account); const cleanPath = this.cleanPath(folderPath); console.log('graphApiClient Clean path:', cleanPath); @@ -129,7 +49,7 @@ class GraphApiClient { const response = await fetch(url, { headers: { - 'Authorization': `Bearer ${auth.accessToken}`, + 'Authorization': `Bearer ${accessToken}`, 'Accept': 'application/json', 'Cookie': auth.cookies, 'Origin': 'https://onedrive.live.com',