[CST-14902][CST-15073][CST-15074] Adds ORCID login flow with private email

Author: alisaismailati

src/app/app-routes.ts

@@ -1,8 +1,4 @@
-import {
-  InMemoryScrollingOptions,
-  Route,
-  RouterConfigOptions,
-} from '@angular/router';
+import { InMemoryScrollingOptions, Route, RouterConfigOptions, } from '@angular/router';
 
 import { NOTIFICATIONS_MODULE_PATH } from './admin/admin-routing-paths';
 import {
@@ -25,8 +21,12 @@ import { COLLECTION_MODULE_PATH } from './collection-page/collection-page-routin
 import { COMMUNITY_MODULE_PATH } from './community-page/community-page-routing-paths';
 import { authBlockingGuard } from './core/auth/auth-blocking.guard';
 import { authenticatedGuard } from './core/auth/authenticated.guard';
-import { groupAdministratorGuard } from './core/data/feature-authorization/feature-authorization-guard/group-administrator.guard';
-import { siteAdministratorGuard } from './core/data/feature-authorization/feature-authorization-guard/site-administrator.guard';
+import {
+  groupAdministratorGuard
+} from './core/data/feature-authorization/feature-authorization-guard/group-administrator.guard';
+import {
+  siteAdministratorGuard
+} from './core/data/feature-authorization/feature-authorization-guard/site-administrator.guard';
 import { siteRegisterGuard } from './core/data/feature-authorization/feature-authorization-guard/site-register.guard';
 import { endUserAgreementCurrentUserGuard } from './core/end-user-agreement/end-user-agreement-current-user.guard';
 import { reloadGuard } from './core/reload/reload.guard';
@@ -37,7 +37,9 @@ import { ITEM_MODULE_PATH } from './item-page/item-page-routing-paths';
 import { menuResolver } from './menuResolver';
 import { provideSuggestionNotificationsState } from './notifications/provide-suggestion-notifications-state';
 import { ThemedPageErrorComponent } from './page-error/themed-page-error.component';
-import { ThemedPageInternalServerErrorComponent } from './page-internal-server-error/themed-page-internal-server-error.component';
+import {
+  ThemedPageInternalServerErrorComponent
+} from './page-internal-server-error/themed-page-internal-server-error.component';
 import { ThemedPageNotFoundComponent } from './pagenotfound/themed-pagenotfound.component';
 import { PROCESS_MODULE_PATH } from './process-page/process-page-routing.paths';
 import { provideSubmissionState } from './submission/provide-submission-state';
@@ -257,6 +259,20 @@ export const APP_ROUTES: Route[] = [
           .then((m) => m.ROUTES),
         canActivate: [authenticatedGuard],
       },
+      {
+        path: 'external-login/:token',
+        loadChildren: () => import('./external-login-page/external-login-routes').then((m) => m.ROUTES)
+      },
+      {
+        path: 'review-account/:token',
+        loadChildren: () => import('./external-login-review-account-info-page/external-login-review-account-info-page-routes')
+          .then((m) => m.ROUTES)
+      },
+      {
+        path: 'email-confirmation',
+        loadChildren: () => import('./external-login-email-confirmation-page/external-login-email-confirmation-page-routes')
+          .then((m) => m.ROUTES)
+      },
       { path: '**', pathMatch: 'full', component: ThemedPageNotFoundComponent },
     ],
   },

src/app/core/auth/auth-request.service.ts

@@ -1,36 +1,30 @@
 import { Observable } from 'rxjs';
-import {
-  distinctUntilChanged,
-  filter,
-  map,
-  switchMap,
-  take,
-  tap,
-} from 'rxjs/operators';
-
-import { isNotEmpty } from '../../shared/empty.util';
+import { distinctUntilChanged, filter, map, switchMap, take, tap, } from 'rxjs/operators';
+
+import { isNotEmpty, isNotEmptyOperator } from '../../shared/empty.util';
 import { FollowLinkConfig } from '../../shared/utils/follow-link-config.model';
-import { RemoteDataBuildService } from '../cache/builders/remote-data-build.service';
-import { RemoteData } from '../data/remote-data';
-import {
-  GetRequest,
-  PostRequest,
-} from '../data/request.models';
+import { HALEndpointService } from '../shared/hal-endpoint.service';
 import { RequestService } from '../data/request.service';
-import { RestRequest } from '../data/rest-request.model';
+import { DeleteRequest, GetRequest, PostRequest } from '../data/request.models';
 import { HttpOptions } from '../dspace-rest/dspace-rest.service';
-import { HALEndpointService } from '../shared/hal-endpoint.service';
 import { getFirstCompletedRemoteData } from '../shared/operators';
+import { RemoteDataBuildService } from '../cache/builders/remote-data-build.service';
+import { RemoteData } from '../data/remote-data';
+import { RestRequest } from '../data/rest-request.model';
 import { URLCombiner } from '../url-combiner/url-combiner';
 import { AuthStatus } from './models/auth-status.model';
 import { ShortLivedToken } from './models/short-lived-token.model';
+import { MachineToken } from './models/machine-token.model';
+import { NoContent } from '../shared/NoContent.model';
+import { sendRequest } from '../shared/request.operators';
 
 /**
  * Abstract service to send authentication requests
  */
 export abstract class AuthRequestService {
   protected linkName = 'authn';
   protected shortlivedtokensEndpoint = 'shortlivedtokens';
+  protected machinetokenEndpoint = 'machinetokens';
 
   constructor(protected halService: HALEndpointService,
               protected requestService: RequestService,
@@ -139,4 +133,32 @@ export abstract class AuthRequestService {
       }),
     );
   }
+
+  /**
+   * Send a post request to create a machine token
+   */
+  public postToMachineTokenEndpoint(): Observable<RemoteData<MachineToken>> {
+    return this.halService.getEndpoint(this.linkName).pipe(
+      isNotEmptyOperator(),
+      distinctUntilChanged(),
+      map((href: string) => new URLCombiner(href, this.machinetokenEndpoint).toString()),
+      map((endpointURL: string) => new PostRequest(this.requestService.generateRequestId(), endpointURL)),
+      tap((request: RestRequest) => this.requestService.send(request)),
+      switchMap((request: RestRequest) => this.rdbService.buildFromRequestUUID<MachineToken>(request.uuid))
+    );
+  }
+
+  /**
+   * Send a delete request to destroy a machine token
+   */
+  public deleteToMachineTokenEndpoint(): Observable<RemoteData<NoContent>> {
+    return this.halService.getEndpoint(this.linkName).pipe(
+      isNotEmptyOperator(),
+      distinctUntilChanged(),
+      map((href: string) => new URLCombiner(href, this.machinetokenEndpoint).toString()),
+      map((endpointURL: string) => new DeleteRequest(this.requestService.generateRequestId(), endpointURL)),
+      sendRequest(this.requestService),
+      switchMap((request: RestRequest) => this.rdbService.buildFromRequestUUID<MachineToken>(request.uuid)),
+    );
+  }
 }

src/app/core/auth/auth.service.ts

@@ -1,33 +1,14 @@
 import { HttpHeaders } from '@angular/common/http';
-import {
-  Inject,
-  Injectable,
-  Optional,
-} from '@angular/core';
+import { Inject, Injectable, Optional, } from '@angular/core';
 import { Router } from '@angular/router';
-import {
-  select,
-  Store,
-} from '@ngrx/store';
+import { select, Store, } from '@ngrx/store';
 import { TranslateService } from '@ngx-translate/core';
 import { CookieAttributes } from 'js-cookie';
-import {
-  Observable,
-  of as observableOf,
-} from 'rxjs';
-import {
-  filter,
-  map,
-  startWith,
-  switchMap,
-  take,
-} from 'rxjs/operators';
+import { Observable, of as observableOf, } from 'rxjs';
+import { filter, map, startWith, switchMap, take, } from 'rxjs/operators';
 
 import { environment } from '../../../environments/environment';
-import {
-  REQUEST,
-  RESPONSE,
-} from '../../../express.tokens';
+import { REQUEST, RESPONSE, } from '../../../express.tokens';
 import { AppState } from '../../app.reducer';
 import {
   hasNoValue,
@@ -41,10 +22,7 @@ import {
 import { NotificationsService } from '../../shared/notifications/notifications.service';
 import { createSuccessfulRemoteDataObject$ } from '../../shared/remote-data.utils';
 import { followLink } from '../../shared/utils/follow-link-config.model';
-import {
-  buildPaginatedList,
-  PaginatedList,
-} from '../data/paginated-list.model';
+import { buildPaginatedList, PaginatedList, } from '../data/paginated-list.model';
 import { RemoteData } from '../data/remote-data';
 import { HttpOptions } from '../dspace-rest/dspace-rest.service';
 import { EPersonDataService } from '../eperson/eperson-data.service';
@@ -54,13 +32,16 @@ import { CookieService } from '../services/cookie.service';
 import { HardRedirectService } from '../services/hard-redirect.service';
 import { RouteService } from '../services/route.service';
 import {
-  NativeWindowRef,
-  NativeWindowService,
-} from '../services/window.service';
-import {
-  getAllSucceededRemoteDataPayload,
-  getFirstCompletedRemoteData,
-} from '../shared/operators';
+  getAuthenticatedUserId,
+  getAuthenticationToken,
+  getExternalAuthCookieStatus,
+  getRedirectUrl,
+  isAuthenticated,
+  isAuthenticatedLoaded,
+  isIdle,
+  isTokenRefreshing
+} from './selectors';
+import { getAllSucceededRemoteDataPayload, getFirstCompletedRemoteData, } from '../shared/operators';
 import { PageInfo } from '../shared/page-info.model';
 import {
   CheckAuthenticationTokenAction,
@@ -74,20 +55,11 @@ import {
 import { AuthRequestService } from './auth-request.service';
 import { AuthMethod } from './models/auth.method';
 import { AuthStatus } from './models/auth-status.model';
-import {
-  AuthTokenInfo,
-  TOKENITEM,
-} from './models/auth-token-info.model';
-import {
-  getAuthenticatedUserId,
-  getAuthenticationToken,
-  getExternalAuthCookieStatus,
-  getRedirectUrl,
-  isAuthenticated,
-  isAuthenticatedLoaded,
-  isIdle,
-  isTokenRefreshing,
-} from './selectors';
+import { AuthTokenInfo, TOKENITEM, } from './models/auth-token-info.model';
+import { NoContent } from '../shared/NoContent.model';
+import { URLCombiner } from '../url-combiner/url-combiner';
+import { MachineToken } from './models/machine-token.model';
+import { NativeWindowRef, NativeWindowService } from '../services/window.service';
 
 export const LOGIN_ROUTE = '/login';
 export const LOGOUT_ROUTE = '/logout';
@@ -579,6 +551,31 @@ export class AuthService {
       });
   }
 
+  /**
+   * Returns the external server redirect URL.
+   * @param origin - The origin route.
+   * @param redirectRoute - The redirect route.
+   * @param location - The location.
+   * @returns The external server redirect URL.
+   */
+  getExternalServerRedirectUrl(origin: string, redirectRoute: string, location: string): string  {
+    const correctRedirectUrl = new URLCombiner(origin, redirectRoute).toString();
+
+    let externalServerUrl = location;
+    const myRegexp = /\?redirectUrl=(.*)/g;
+    const match = myRegexp.exec(location);
+    const redirectUrlFromServer = (match && match[1]) ? match[1] : null;
+
+    // Check whether the current page is different from the redirect url received from rest
+    if (isNotNull(redirectUrlFromServer) && redirectUrlFromServer !== correctRedirectUrl) {
+      // change the redirect url with the current page url
+      const newRedirectUrl = `?redirectUrl=${correctRedirectUrl}`;
+      externalServerUrl = location.replace(/\?redirectUrl=(.*)/g, newRedirectUrl);
+    }
+
+    return externalServerUrl;
+  }
+
   /**
    * Clear redirect url
    */
@@ -664,4 +661,18 @@ export class AuthService {
     }
   }
 
+  /**
+   * Create a new machine token for the current user
+   */
+  public createMachineToken(): Observable<RemoteData<MachineToken>> {
+    return this.authRequestService.postToMachineTokenEndpoint();
+  }
+
+  /**
+   * Delete the machine token for the current user
+   */
+  public deleteMachineToken(): Observable<RemoteData<NoContent>> {
+    return this.authRequestService.deleteToMachineTokenEndpoint();
+  }
+
 }

src/app/core/auth/models/auth.method-type.ts

@@ -5,5 +5,5 @@ export enum AuthMethodType {
   Ip = 'ip',
   X509 = 'x509',
   Oidc = 'oidc',
-  Orcid = 'orcid'
+  Orcid = 'orcid',
 }

src/app/core/auth/models/auth.registration-type.ts

@@ -0,0 +1,4 @@
+export enum AuthRegistrationType {
+  Orcid = 'ORCID',
+  Validation = 'VALIDATION_',
+}

src/app/core/auth/models/machine-token.model.ts

@@ -0,0 +1,36 @@
+import { autoserialize, autoserializeAs, deserialize } from 'cerialize';
+
+import { typedObject } from '../../cache/builders/build-decorators';
+import { CacheableObject } from '../../cache/cacheable-object.model';
+import { excludeFromEquals } from '../../utilities/equals.decorators';
+import { ResourceType } from '../../shared/resource-type';
+import { HALLink } from '../../shared/hal-link.model';
+import { MACHINE_TOKEN } from './machine-token.resource-type';
+
+/**
+ * A machine token that can be used to authenticate a rest request
+ */
+@typedObject
+export class MachineToken implements CacheableObject {
+  static type = MACHINE_TOKEN;
+  /**
+   * The type for this MachineToken
+   */
+  @excludeFromEquals
+  @autoserialize
+  type: ResourceType;
+
+  /**
+   * The value for this MachineToken
+   */
+  @autoserializeAs('token')
+  value: string;
+
+  /**
+   * The {@link HALLink}s for this MachineToken
+   */
+  @deserialize
+  _links: {
+    self: HALLink;
+  };
+}

src/app/core/auth/models/machine-token.resource-type.ts

@@ -0,0 +1,9 @@
+import { ResourceType } from '../../shared/resource-type';
+
+/**
+ * The resource type for MachineToken
+ *
+ * Needs to be in a separate file to prevent circular
+ * dependencies in webpack.
+ */
+export const MACHINE_TOKEN = new ResourceType('machinetoken');

src/app/core/data/eperson-registration.service.spec.ts

@@ -105,7 +105,7 @@ describe('EpersonRegistrationService', () => {
 
   describe('searchByToken', () => {
     it('should return a registration corresponding to the provided token', () => {
-      const expected = service.searchByToken('test-token');
+      const expected = service.searchByTokenAndUpdateData('test-token');
 
       expect(expected).toBeObservable(cold('(a|)', {
         a: jasmine.objectContaining({
@@ -123,7 +123,7 @@ describe('EpersonRegistrationService', () => {
       testScheduler.run(({ cold, expectObservable }) => {
         rdbService.buildSingle.and.returnValue(cold('a', { a: rd }));
 
-        service.searchByToken('test-token');
+        service.searchByTokenAndUpdateData('test-token');
 
         expect(requestService.send).toHaveBeenCalledWith(
           jasmine.objectContaining({