Added notification when the shibboleth authentication is failed (#732)

Author: milanmajchrak

src/app/shared/log-in/container/log-in-container.component.spec.ts

@@ -25,6 +25,8 @@ import { ConfigurationProperty } from '../../../core/shared/configuration-proper
 import { ActivatedRoute, Router } from '@angular/router';
 import { CookieService } from '../../../core/services/cookie.service';
 import { CookieServiceMock } from '../../mocks/cookie.service.mock';
+import { NotificationsServiceStub } from '../../testing/notifications-service.stub';
+import { NotificationsService } from '../../notifications/notifications.service';
 
 describe('LogInContainerComponent', () => {
 
@@ -36,6 +38,7 @@ describe('LogInContainerComponent', () => {
   let hardRedirectService: HardRedirectService;
   let configurationDataService: ConfigurationDataService;
   let authService: any;
+  let notificationService: NotificationsServiceStub;
 
   beforeEach(waitForAsync(() => {
     hardRedirectService = jasmine.createSpyObj('hardRedirectService', {
@@ -55,6 +58,7 @@ describe('LogInContainerComponent', () => {
         ]
       }))
     });
+    notificationService = new NotificationsServiceStub();
 
     // refine the test module by declaring the test component
     TestBed.configureTestingModule({
@@ -85,6 +89,7 @@ describe('LogInContainerComponent', () => {
           } },
         { provide: Router, useValue: new RouterMock() },
         { provide: CookieService, useClass: CookieServiceMock },
+        { provide: NotificationsService, useValue: notificationService },
         LogInContainerComponent
       ],
       schemas: [

src/app/shared/log-in/log-in.component.spec.ts

@@ -30,6 +30,8 @@ import { ConfigurationProperty } from '../../core/shared/configuration-property.
 import { RouterStub } from '../testing/router.stub';
 import { CookieService } from '../../core/services/cookie.service';
 import { CookieServiceMock } from '../mocks/cookie.service.mock';
+import { NotificationsService } from '../notifications/notifications.service';
+import { NotificationsServiceStub } from '../testing/notifications-service.stub';
 
 describe('LogInComponent', () => {
 
@@ -50,6 +52,7 @@ describe('LogInComponent', () => {
   let authorizationService: AuthorizationDataService;
   let authService: any;
   let configurationDataService: ConfigurationDataService;
+  let notificationService: NotificationsServiceStub;
 
   beforeEach(waitForAsync(() => {
     hardRedirectService = jasmine.createSpyObj('hardRedirectService', {
@@ -72,6 +75,7 @@ describe('LogInComponent', () => {
         ]
       }))
     });
+    notificationService = new NotificationsServiceStub();
 
     // refine the test module by declaring the test component
     void TestBed.configureTestingModule({
@@ -102,6 +106,7 @@ describe('LogInComponent', () => {
         provideMockStore({ initialState }),
         { provide: ThemeService, useValue: getMockThemeService() },
         { provide: CookieService, useClass: CookieServiceMock },
+        { provide: NotificationsService, useValue: notificationService },
         LogInComponent
       ],
       schemas: [

src/app/shared/log-in/methods/password/log-in-password.component.spec.ts

@@ -25,6 +25,8 @@ import { createSuccessfulRemoteDataObject$ } from '../../../remote-data.utils';
 import { ConfigurationProperty } from '../../../../core/shared/configuration-property.model';
 import { CookieService } from '../../../../core/services/cookie.service';
 import { CookieServiceMock } from '../../../mocks/cookie.service.mock';
+import { NotificationsService } from '../../../notifications/notifications.service';
+import { NotificationsServiceStub } from '../../../testing/notifications-service.stub';
 
 describe('LogInPasswordComponent', () => {
   const uiUrl = 'localhost:4000';
@@ -36,6 +38,7 @@ describe('LogInPasswordComponent', () => {
   let hardRedirectService: HardRedirectService;
   let authService: any;
   let configurationDataService: ConfigurationDataService;
+  let notificationService: NotificationsServiceStub;
 
   beforeEach(() => {
     hardRedirectService = jasmine.createSpyObj('hardRedirectService', {
@@ -68,6 +71,7 @@ describe('LogInPasswordComponent', () => {
         ]
       }))
     });
+    notificationService = new NotificationsServiceStub();
 
   });
 
@@ -102,6 +106,7 @@ describe('LogInPasswordComponent', () => {
           } },
         { provide: Router, useValue: new RouterMock() },
         { provide: CookieService, useClass: CookieServiceMock },
+        { provide: NotificationsService, useValue: notificationService },
         provideMockStore({ initialState }),
       ],
       schemas: [

src/app/shared/log-in/methods/password/log-in-password.component.ts

@@ -16,7 +16,6 @@ import { AuthMethodType } from '../../../../core/auth/models/auth.method-type';
 import { renderAuthMethodFor } from '../log-in.methods-decorator';
 import { AuthMethod } from '../../../../core/auth/models/auth.method';
 import { AuthService } from '../../../../core/auth/auth.service';
-import { HardRedirectService } from '../../../../core/services/hard-redirect.service';
 import { CoreState } from '../../../../core/core-state.model';
 import { getForgotPasswordRoute, getRegisterRoute } from '../../../../app-routing-paths';
 import { FeatureID } from '../../../../core/data/feature-authorization/feature-id';
@@ -26,6 +25,11 @@ import { getBaseUrl } from '../../../clarin-shared-util';
 import { ConfigurationProperty } from '../../../../core/shared/configuration-property.model';
 import { ConfigurationDataService } from '../../../../core/data/configuration-data.service';
 import { CookieService } from '../../../../core/services/cookie.service';
+import { NotificationsService } from '../../../notifications/notifications.service';
+import { TranslateService } from '@ngx-translate/core';
+import { NotificationOptions } from '../../../notifications/models/notification-options.model';
+import { HELP_DESK_PROPERTY } from '../../../../item-page/tombstone/tombstone.component';
+import { getFirstSucceededRemoteDataPayload } from '../../../../core/shared/operators';
 
 export const SHOW_DISCOJUICE_POPUP_CACHE_NAME = 'SHOW_DISCOJUICE_POPUP';
 /**
@@ -96,14 +100,15 @@ export class LogInPasswordComponent implements OnInit {
     @Inject('authMethodProvider') public injectedAuthMethodModel: AuthMethod,
     @Inject('isStandalonePage') public isStandalonePage: boolean,
     private authService: AuthService,
-    private hardRedirectService: HardRedirectService,
     private formBuilder: UntypedFormBuilder,
     protected store: Store<CoreState>,
     protected authorizationService: AuthorizationDataService,
     private route: ActivatedRoute,
     protected router: Router,
     protected configurationService: ConfigurationDataService,
     protected storage: CookieService,
+    private notificationService: NotificationsService,
+    private translateService: TranslateService
   ) {
     this.authMethod = injectedAuthMethodModel;
   }
@@ -113,6 +118,7 @@ export class LogInPasswordComponent implements OnInit {
    * @method ngOnInit
    */
   public async ngOnInit() {
+    this.checkIfHasLoginError();
     this.initializeDiscoJuiceCache();
     this.redirectUrl = '';
     // set formGroup
@@ -155,6 +161,23 @@ export class LogInPasswordComponent implements OnInit {
     return getForgotPasswordRoute();
   }
 
+  private checkIfHasLoginError() {
+    const loginError = this.route.snapshot.queryParams?.error;
+    if (loginError !== 'shibboleth-authentication-failed') {
+      return;
+    }
+
+    // It is a Shibboleth authentication error
+    // Load the help desk email from the server
+    const helpDeskEmail$ = this.configurationService.findByPropertyName(HELP_DESK_PROPERTY);
+    helpDeskEmail$.pipe(getFirstSucceededRemoteDataPayload())
+      .subscribe((helpDeskEmailCfg) => {
+        this.notificationService.error(this.translateService.instant('login.auth.failed.shibboleth.title'),
+          this.translateService.instant('login.auth.failed.shibboleth.message',
+            { email: helpDeskEmailCfg?.values?.[0] }), new NotificationOptions(-1, true));
+      });
+  }
+
   /**
    * Set up redirect URL. It could be loaded from the `authorizationService.getRedirectUrl()` or from the url.
    */

src/assets/i18n/cs.json5

@@ -3797,6 +3797,10 @@
   "login.form.new-user": "Jste nový uživatel? Klikněte zde pro registraci.",
   // "login.form.or-divider": "or",
   "login.form.or-divider": "nebo",
+  // "login.auth.failed.shibboleth.title": "Shibboleth authentication failed",
+  "login.auth.failed.shibboleth.title": "Přihlášení pomocí Shibboleth selhalo",
+  // "login.auth.failed.shibboleth.message": "Authentication failed because your IdP did not send the required Shibboleth headers. Please contact the Help Desk by email: {{ email }} .",
+  "login.auth.failed.shibboleth.message": "Přihlášení selhalo, protože vaše IDP neposlal požadované hlavičky Shibboleth. Kontaktujte prosím poradnu emailem: {{ email }} .",
   // "login.form.oidc": "Log in with OIDC",
   "login.form.oidc": "Přihlásit se pomocí OIDC",
   // "login.form.orcid": "Log in with ORCID",

src/assets/i18n/en.json5

@@ -3191,6 +3191,10 @@
 
   "login.form.or-divider": "or",
 
+  "login.auth.failed.shibboleth.title": "Shibboleth authentication failed",
+
+  "login.auth.failed.shibboleth.message": "Authentication failed because your IDP did not send the required Shibboleth headers. Please contact the Help Desk by email: {{ email }} .",
+
   "login.title": "Login",
 
   "login.breadcrumbs": "Login",