In my app, I need to only allow users with certain privileges to view certain "pages". I thought the best way to do this was to create a PrivilegeGuard. I currently have an AuthGuard (I'm utilizing https://www.npmjs.com/package/angular-oauth2-oidc) that runs first and if the user does not have a valid auth token, it returns this.oauthService.loadDiscoveryDocumentAndLogin(). I need to parse claims from the token and check them in the PrivilegeGuard. The issue I am having is that the claims are always null in the PrivilegeGuard (because they haven't been parsed yet). I was subscribed to oauth events in app.component.ts and parsing claims on success, but the guards are firing before this occurs.
It felt like a hack, but I tried parsing in the AuthGuard, but even after the user logs in, this.oauthService.hasValidAccessToken() is not yet true as it still has to load the discovery document.
I tried converting the promise to an observable and parsing in a pipe/map, but that seems to never be called.
return from(this.oauthService.loadDiscoveryDocumentAndLogin()).pipe(
map((result) => {
console.log('This is not called.');
return result;
})
);
Even if it was called, looking at the console, the discovery call completes after the PrivilegeGuard code runs.
Is there a way for the PrivilegeGuard to wait for the discovery call to complete so that I can parse the claims?
I ended up utilizing a
ReplaySubjectthat had a flag set when the claims were parsed. I then subscribed to it in the PrivilegeGuard.BehaviorSubjectdid not work as it had a default value would the PrivilegeGuard would immediately just take that value.Subjectdidn't work as it only sent out the flag once thatcanActivateheard, butcanActivateChildjust sat waiting. WithReplaySubject,canActivateChildwas able to just grab the last emitted value.