obs-portal/frontend/src/api.js

import {stringifyParams} from 'query'
import globalStore from 'store'
import {setAuth, invalidateAccessToken, resetAuth} from 'reducers/auth'
import {setLogin} from 'reducers/login'
import configPromise from 'config'
import {create as createPkce} from 'pkce'
import download from 'downloadjs'

function getFileNameFromContentDispostionHeader(contentDisposition: string): string | undefined {
  const standardPattern = /filename=(["']?)(.+)\1/i
  const wrongPattern = /filename=([^"'][^;"'\n]+)/i

  if (standardPattern.test(contentDisposition)) {
    return contentDisposition.match(standardPattern)[2]
  }

  if (wrongPattern.test(contentDisposition)) {
    return contentDisposition.match(wrongPattern)[1]
  }
}

class RequestError extends Error {
  constructor(message, errors) {
    super(message)
    this.errors = errors
  }
}

class API {
  constructor(store) {
    this.store = store
    this._getValidAccessTokenPromise = null
  }

  /**
   * Fetches or directly returns from cache the metadata information from the
   * authorization server, according to https://tools.ietf.org/html/rfc8414.
   * Also validates compatibility with this metadata server, i.e. checking that
   * it supports PKCE.
   */
  async getAuthorizationServerMetadata() {
    const config = await configPromise
    const url = new URL(config.auth.server)
    const pathSuffix = url.pathname.replace(/^\/+|\/+$/, '')
    url.pathname = '/.well-known/oauth-authorization-server' + (pathSuffix ? '/' + pathSuffix : '')

    const response = await window.fetch(url.toString())
    const metadata = await response.json()

    const {
      authorization_endpoint: authorizationEndpoint,
      token_endpoint: tokenEndpoint,
      response_types_supported: responseTypesSupported,
      code_challenge_methods_supported: codeChallengeMethodsSupported,
    } = metadata
    if (!authorizationEndpoint) {
      throw new Error('No authorization endpoint')
    }

    if (!authorizationEndpoint.startsWith(config.auth.server)) {
      throw new Error('Invalid authorization endpoint')
    }

    if (!tokenEndpoint) {
      throw new Error('No token endpoint')
    }

    if (!tokenEndpoint.startsWith(config.auth.server)) {
      throw new Error('Invalid token endpoint')
    }

    if (!Array.isArray(responseTypesSupported) || !responseTypesSupported.includes('code')) {
      throw new Error('Authorization code flow not supported or no support advertised.')
    }

    if (!Array.isArray(codeChallengeMethodsSupported) || !codeChallengeMethodsSupported.includes('S256')) {
      throw new Error('PKCE with S256 not supported or no support advertised.')
    }

    return {authorizationEndpoint, tokenEndpoint}
  }

  /**
   * Return an access token, if it is (still) valid. If not, and a refresh
   * token exists, use the refresh token to issue a new access token. If that
   * fails, or neither is available, return `null`. This should usually result
   * in a redirect to login.
   */
  async getValidAccessToken() {
    // prevent multiple parallel refresh processes
    if (this._getValidAccessTokenPromise) {
      return await this._getValidAccessTokenPromise
    } else {
      this._getValidAccessTokenPromise = this._getValidAccessToken()
      const result = await this._getValidAccessTokenPromise
      this._getValidAccessTokenPromise = null
      return result
    }
  }

  async _getValidAccessToken() {
    let {auth} = this.store.getState()

    if (!auth) {
      return null
    }

    const {tokenType, accessToken, refreshToken, expiresAt} = auth

    // access token is valid
    if (accessToken && expiresAt > new Date().getTime()) {
      return `${tokenType} ${accessToken}`
    }

    if (!refreshToken) {
      return null
    }

    //  Try to use the refresh token
    const {tokenEndpoint} = await this.getAuthorizationServerMetadata()
    const config = await configPromise
    const url = new URL(tokenEndpoint)
    url.searchParams.append('refresh_token', refreshToken)
    url.searchParams.append('grant_type', 'refresh_token')
    url.searchParams.append('scope', config.auth.scope)
    const response = await window.fetch(url.toString())
    const json = await response.json()

    if (response.status === 200 && json != null && json.error == null) {
      auth = this.getAuthFromTokenResponse(json)
      this.store.dispatch(setAuth(auth))
      return `${auth.tokenType} ${auth.accessToken}`
    } else {
      console.warn('Could not use refresh token, error response:', json)
      this.store.dispatch(resetAuth())
      return null
    }
  }

  async exchangeAuthorizationCode(code) {
    const codeVerifier = localStorage.getItem('codeVerifier')
    if (!codeVerifier) {
      throw new Error('No code verifier found')
    }

    const {tokenEndpoint} = await this.getAuthorizationServerMetadata()
    const config = await configPromise
    const url = new URL(tokenEndpoint)
    url.searchParams.append('code', code)
    url.searchParams.append('grant_type', 'authorization_code')
    url.searchParams.append('client_id', config.auth.clientId)
    url.searchParams.append('redirect_uri', config.auth.redirectUri)
    url.searchParams.append('code_verifier', codeVerifier)
    const response = await window.fetch(url.toString())
    const json = await response.json()

    if (json.error) {
      return json
    }

    const auth = api.getAuthFromTokenResponse(json)
    this.store.dispatch(setAuth(auth))

    const {user} = await this.get('/user')
    this.store.dispatch(setLogin(user))

    return true
  }

  async logout() {
    // 1. Tell the store to forget that we're logged in.
    this.store.dispatch(resetAuth())

    // 2. Log out session in API.
    const {tokenEndpoint} = await this.getAuthorizationServerMetadata()
    const url = new URL(tokenEndpoint.replace(/\/token$/, '/logout'))
    url.searchParams.append('redirectTo', window.location.href) // bring us back to the current page

    window.location.href = url.toString()
  }

  async makeLoginUrl() {
    const {authorizationEndpoint} = await this.getAuthorizationServerMetadata()
    const config = await configPromise

    const {codeVerifier, codeChallenge} = createPkce()
    localStorage.setItem('codeVerifier', codeVerifier)

    const loginUrl = new URL(authorizationEndpoint)
    loginUrl.searchParams.append('client_id', config.auth.clientId)
    loginUrl.searchParams.append('scope', config.auth.scope)
    loginUrl.searchParams.append('redirect_uri', config.auth.redirectUri)
    loginUrl.searchParams.append('response_type', 'code')
    loginUrl.searchParams.append('code_challenge', codeChallenge)
    loginUrl.searchParams.append('code_challenge_method', 'S256')

    // TODO: Implement PKCE

    return loginUrl.toString()
  }

  async fetch(url, options = {}) {
    const accessToken = await this.getValidAccessToken()
    const config = await configPromise

    const {returnResponse = false, ...fetchOptions} = options

    const response = await window.fetch(config.apiUrl + '/api' + url, {
      ...fetchOptions,
      headers: {
        ...(fetchOptions.headers || {}),
        Authorization: accessToken,
      },
    })

    if (response.status === 401) {
      // Unset login, since 401 means that we're not logged in. On the next
      // request with `getValidAccessToken()`, this will be detected and the
      // refresh token is used (if still valid).
      this.store.dispatch(invalidateAccessToken())

      throw new Error('401 Unauthorized')
    }

    if (returnResponse) {
      if (response.status === 200) {
        return response
      } else if (response.status === 204) {
        return null
      } else {
        throw new RequestError('Error code ' + response.status)
      }
    }

    let json
    try {
      json = await response.json()
    } catch (err) {
      json = null
    }

    if (response.status === 200) {
      return json
    } else if (response.status === 204) {
      return null
    } else {
      throw new RequestError('Error code ' + response.status, json?.errors)
    }
  }

  async post(url, {body: body_, ...options}) {
    let body = body_
    let headers = {...(options.headers || {})}

    if (!(typeof body === 'string' || body instanceof FormData)) {
      body = JSON.stringify(body)
      headers['Content-Type'] = 'application/json'
    }

    return await this.fetch(url, {
      method: 'post',
      ...options,
      body,
      headers,
    })
  }

  async get(url, {query, ...options} = {}) {
    const queryString = query ? stringifyParams(query) : null
    return await this.fetch(url + (queryString ? '?' + queryString : ''), {method: 'get', ...options})
  }

  async delete(url, options = {}) {
    return await this.get(url, {...options, method: 'delete'})
  }

  async put(url, options = {}) {
    return await this.post(url, {...options, method: 'put'})
  }

  getAuthFromTokenResponse(tokenResponse) {
    return {
      tokenType: tokenResponse.token_type,
      accessToken: tokenResponse.access_token,
      refreshToken: tokenResponse.refresh_token,
      expiresAt: new Date().getTime() + tokenResponse.expires_in * 1000,
      scope: tokenResponse.scope,
    }
  }

  async downloadFile(url, options = {}) {
    const res = await this.fetch(url, {returnResponse: true, ...options})
    const blob = await res.blob()
    const filename = getFileNameFromContentDispostionHeader(res.headers.get('content-disposition'))
    const contentType = res.headers.get('content-type')

    // Apparently this workaround is needed for some browsers
    const newBlob = new Blob([blob], {type: contentType})

    download(newBlob, filename, contentType)
  }
}

const api = new API(globalStore)

export default api
Cleanup API calls 2021-02-14 18:21:34 +00:00			`import {stringifyParams} from 'query'`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`import globalStore from 'store'`
			`import {setAuth, invalidateAccessToken, resetAuth} from 'reducers/auth'`
			`import {setLogin} from 'reducers/login'`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`import configPromise from 'config'`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`import {create as createPkce} from 'pkce'`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`import download from 'downloadjs'`

			`function getFileNameFromContentDispostionHeader(contentDisposition: string): string \| undefined {`
			`const standardPattern = /filename=(["']?)(.+)\1/i`
			`const wrongPattern = /filename=([^"'][^;"'\n]+)/i`

			`if (standardPattern.test(contentDisposition)) {`
			`return contentDisposition.match(standardPattern)[2]`
			`}`

			`if (wrongPattern.test(contentDisposition)) {`
			`return contentDisposition.match(wrongPattern)[1]`
			`}`
			`}`
Cleanup API calls 2021-02-14 18:21:34 +00:00
frontend: Settings page 2021-02-23 20:52:57 +00:00			`class RequestError extends Error {`
			`constructor(message, errors) {`
			`super(message)`
			`this.errors = errors`
			`}`
			`}`

First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`class API {`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`constructor(store) {`
			`this.store = store`
			`this._getValidAccessTokenPromise = null`
			`}`

frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`/**`
			`* Fetches or directly returns from cache the metadata information from the`
			`* authorization server, according to https://tools.ietf.org/html/rfc8414.`
			`* Also validates compatibility with this metadata server, i.e. checking that`
			`* it supports PKCE.`
			`*/`
			`async getAuthorizationServerMetadata() {`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`const config = await configPromise`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const url = new URL(config.auth.server)`
			`const pathSuffix = url.pathname.replace(/^\/+\|\/+$/, '')`
			`url.pathname = '/.well-known/oauth-authorization-server' + (pathSuffix ? '/' + pathSuffix : '')`

			`const response = await window.fetch(url.toString())`
			`const metadata = await response.json()`

Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`const {`
			`authorization_endpoint: authorizationEndpoint,`
			`token_endpoint: tokenEndpoint,`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`response_types_supported: responseTypesSupported,`
			`code_challenge_methods_supported: codeChallengeMethodsSupported,`
			`} = metadata`
			`if (!authorizationEndpoint) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('No authorization endpoint')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`if (!authorizationEndpoint.startsWith(config.auth.server)) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('Invalid authorization endpoint')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`if (!tokenEndpoint) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('No token endpoint')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`if (!tokenEndpoint.startsWith(config.auth.server)) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('Invalid token endpoint')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`if (!Array.isArray(responseTypesSupported) \|\| !responseTypesSupported.includes('code')) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('Authorization code flow not supported or no support advertised.')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`if (!Array.isArray(codeChallengeMethodsSupported) \|\| !codeChallengeMethodsSupported.includes('S256')) {`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`throw new Error('PKCE with S256 not supported or no support advertised.')`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`}`

			`return {authorizationEndpoint, tokenEndpoint}`
			`}`

Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`/**`
			`* Return an access token, if it is (still) valid. If not, and a refresh`
			`* token exists, use the refresh token to issue a new access token. If that`
			* fails, or neither is available, return `null`. This should usually result
			`* in a redirect to login.`
			`*/`
			`async getValidAccessToken() {`
			`// prevent multiple parallel refresh processes`
			`if (this._getValidAccessTokenPromise) {`
			`return await this._getValidAccessTokenPromise`
			`} else {`
			`this._getValidAccessTokenPromise = this._getValidAccessToken()`
			`const result = await this._getValidAccessTokenPromise`
			`this._getValidAccessTokenPromise = null`
			`return result`
			`}`
			`}`

			`async _getValidAccessToken() {`
			`let {auth} = this.store.getState()`

			`if (!auth) {`
			`return null`
			`}`

			`const {tokenType, accessToken, refreshToken, expiresAt} = auth`

			`// access token is valid`
			`if (accessToken && expiresAt > new Date().getTime()) {`
			return `${tokenType} ${accessToken}`
			`}`

			`if (!refreshToken) {`
			`return null`
			`}`

			`// Try to use the refresh token`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const {tokenEndpoint} = await this.getAuthorizationServerMetadata()`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`const config = await configPromise`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const url = new URL(tokenEndpoint)`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`url.searchParams.append('refresh_token', refreshToken)`
			`url.searchParams.append('grant_type', 'refresh_token')`
			`url.searchParams.append('scope', config.auth.scope)`
			`const response = await window.fetch(url.toString())`
			`const json = await response.json()`

			`if (response.status === 200 && json != null && json.error == null) {`
			`auth = this.getAuthFromTokenResponse(json)`
			`this.store.dispatch(setAuth(auth))`
			return `${auth.tokenType} ${auth.accessToken}`
			`} else {`
			`console.warn('Could not use refresh token, error response:', json)`
			`this.store.dispatch(resetAuth())`
			`return null`
			`}`
			`}`

			`async exchangeAuthorizationCode(code) {`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`const codeVerifier = localStorage.getItem('codeVerifier')`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`if (!codeVerifier) {`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`throw new Error('No code verifier found')`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`}`

frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const {tokenEndpoint} = await this.getAuthorizationServerMetadata()`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`const config = await configPromise`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const url = new URL(tokenEndpoint)`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`url.searchParams.append('code', code)`
			`url.searchParams.append('grant_type', 'authorization_code')`
			`url.searchParams.append('client_id', config.auth.clientId)`
			`url.searchParams.append('redirect_uri', config.auth.redirectUri)`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`url.searchParams.append('code_verifier', codeVerifier)`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`const response = await window.fetch(url.toString())`
			`const json = await response.json()`

			`if (json.error) {`
			`return json`
			`}`

			`const auth = api.getAuthFromTokenResponse(json)`
			`this.store.dispatch(setAuth(auth))`

			`const {user} = await this.get('/user')`
			`this.store.dispatch(setLogin(user))`

			`return true`
			`}`

Improve logout mechanism 2021-05-14 17:24:17 +00:00			`async logout() {`
			`// 1. Tell the store to forget that we're logged in.`
			`this.store.dispatch(resetAuth())`

			`// 2. Log out session in API.`
			`const {tokenEndpoint} = await this.getAuthorizationServerMetadata()`
			`const url = new URL(tokenEndpoint.replace(/\/token$/, '/logout'))`
			`url.searchParams.append('redirectTo', window.location.href) // bring us back to the current page`

			`window.location.href = url.toString()`
			`}`

frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`async makeLoginUrl() {`
			`const {authorizationEndpoint} = await this.getAuthorizationServerMetadata()`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`const config = await configPromise`
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`const {codeVerifier, codeChallenge} = createPkce()`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`localStorage.setItem('codeVerifier', codeVerifier)`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00
frontend,api: Expose authorization server metadata and use it 2021-02-23 17:26:37 +00:00			`const loginUrl = new URL(authorizationEndpoint)`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`loginUrl.searchParams.append('client_id', config.auth.clientId)`
			`loginUrl.searchParams.append('scope', config.auth.scope)`
			`loginUrl.searchParams.append('redirect_uri', config.auth.redirectUri)`
			`loginUrl.searchParams.append('response_type', 'code')`
Implement and enforce PKCE 2021-02-23 18:32:06 +00:00			`loginUrl.searchParams.append('code_challenge', codeChallenge)`
			`loginUrl.searchParams.append('code_challenge_method', 'S256')`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00
			`// TODO: Implement PKCE`

			`return loginUrl.toString()`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`}`

			`async fetch(url, options = {}) {`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`const accessToken = await this.getValidAccessToken()`
frontend: load config.json at runtime from public dir, to be overwritable 2021-09-14 20:02:57 +00:00			`const config = await configPromise`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`const {returnResponse = false, ...fetchOptions} = options`

frontend: Add API url config 2021-02-28 21:21:38 +00:00			`const response = await window.fetch(config.apiUrl + '/api' + url, {`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`...fetchOptions,`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`headers: {`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`...(fetchOptions.headers \|\| {}),`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`Authorization: accessToken,`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`},`
			`})`

Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`if (response.status === 401) {`
			`// Unset login, since 401 means that we're not logged in. On the next`
			// request with `getValidAccessToken()`, this will be detected and the
			`// refresh token is used (if still valid).`
			`this.store.dispatch(invalidateAccessToken())`

			`throw new Error('401 Unauthorized')`
			`}`

frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`if (returnResponse) {`
			`if (response.status === 200) {`
			`return response`
			`} else if (response.status === 204) {`
			`return null`
			`} else {`
			`throw new RequestError('Error code ' + response.status)`
frontend: Settings page 2021-02-23 20:52:57 +00:00			`}`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00			`}`

			`let json`
			`try {`
			`json = await response.json()`
			`} catch (err) {`
			`json = null`
			`}`
frontend: Settings page 2021-02-23 20:52:57 +00:00
Cleanup API calls 2021-02-14 18:21:34 +00:00			`if (response.status === 200) {`
frontend: Settings page 2021-02-23 20:52:57 +00:00			`return json`
frontend: Track editor and redirects on errors 2021-02-26 20:57:36 +00:00			`} else if (response.status === 204) {`
			`return null`
Cleanup API calls 2021-02-14 18:21:34 +00:00			`} else {`
frontend: Settings page 2021-02-23 20:52:57 +00:00			`throw new RequestError('Error code ' + response.status, json?.errors)`
Cleanup API calls 2021-02-14 18:21:34 +00:00			`}`
			`}`

			`async post(url, {body: body_, ...options}) {`
Multiupload 2021-02-17 20:50:18 +00:00			`let body = body_`
			`let headers = {...(options.headers \|\| {})}`

			`if (!(typeof body === 'string' \|\| body instanceof FormData)) {`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`body = JSON.stringify(body)`
			`headers['Content-Type'] = 'application/json'`
Multiupload 2021-02-17 20:50:18 +00:00			`}`

Prettier 2021-02-14 18:27:16 +00:00			`return await this.fetch(url, {`
frontend: Settings page 2021-02-23 20:52:57 +00:00			`method: 'post',`
Prettier 2021-02-14 18:27:16 +00:00			`...options,`
			`body,`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`headers,`
Cleanup API calls 2021-02-14 18:21:34 +00:00			`})`
			`}`

			`async get(url, {query, ...options} = {}) {`
			`const queryString = query ? stringifyParams(query) : null`
			`return await this.fetch(url + (queryString ? '?' + queryString : ''), {method: 'get', ...options})`
			`}`

			`async delete(url, options = {}) {`
Prettier 2021-02-14 18:27:16 +00:00			`return await this.get(url, {...options, method: 'delete'})`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`}`
Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00
frontend: Settings page 2021-02-23 20:52:57 +00:00			`async put(url, options = {}) {`
			`return await this.post(url, {...options, method: 'put'})`
			`}`

Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`getAuthFromTokenResponse(tokenResponse) {`
			`return {`
			`tokenType: tokenResponse.token_type,`
			`accessToken: tokenResponse.access_token,`
			`refreshToken: tokenResponse.refresh_token,`
			`expiresAt: new Date().getTime() + tokenResponse.expires_in * 1000,`
			`scope: tokenResponse.scope,`
			`}`
			`}`
frontend: Add download button for original file 2021-05-01 11:31:03 +00:00
			`async downloadFile(url, options = {}) {`
			`const res = await this.fetch(url, {returnResponse: true, ...options})`
			`const blob = await res.blob()`
			`const filename = getFileNameFromContentDispostionHeader(res.headers.get('content-disposition'))`
			`const contentType = res.headers.get('content-type')`

			`// Apparently this workaround is needed for some browsers`
			`const newBlob = new Blob([blob], {type: contentType})`

			`download(newBlob, filename, contentType)`
			`}`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00			`}`

Oauth code flow in API and frontend 2021-02-20 18:31:18 +00:00			`const api = new API(globalStore)`
First bit of work: * login * login state management * API baseline code * load tracks * show tracks * basic routing * basic styling * add react-semantic-ui * add typescript 2021-02-10 21:28:36 +00:00
			`export default api`