From 48fe6f781661653dd5ff05653d2fa156d2562679 Mon Sep 17 00:00:00 2001
From: Ryan Liang <109499885+RyanL1997@users.noreply.github.com>
Date: Wed, 14 Sep 2022 16:34:43 -0400
Subject: [PATCH] Fixed the tenant switching after timeout (#1090)

Signed-off-by: Ryan Liang <jiallian@amazon.com>
(cherry picked from commit 5d018b0130d311be625ad5dd00466054607a907b)
---
 public/apps/account/test/plugin.test.tsx | 48 ++++++++++++++++++++++++
 public/plugin.ts                         | 19 +---------
 public/utils/logout-utils.tsx            | 43 +++++++++++++++++++++
 3 files changed, 93 insertions(+), 17 deletions(-)
 create mode 100644 public/apps/account/test/plugin.test.tsx
 create mode 100644 public/utils/logout-utils.tsx

diff --git a/public/apps/account/test/plugin.test.tsx b/public/apps/account/test/plugin.test.tsx
new file mode 100644
index 0000000..a792eea
--- /dev/null
+++ b/public/apps/account/test/plugin.test.tsx
@@ -0,0 +1,48 @@
+/*
+ *   Copyright OpenSearch Contributors
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License").
+ *   You may not use this file except in compliance with the License.
+ *   A copy of the License is located at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   or in the "license" file accompanying this file. This file is distributed
+ *   on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ *   express or implied. See the License for the specific language governing
+ *   permissions and limitations under the License.
+ */
+
+import { interceptError } from '../../../utils/logout-utils';
+import { setShouldShowTenantPopup } from '../../../utils/storage-utils';
+import { LOGIN_PAGE_URI } from '../../../../common';
+
+jest.mock('../../../utils/storage-utils', () => ({
+  setShouldShowTenantPopup: jest.fn(),
+}));
+
+describe('Intercept error handler', () => {
+  const fakeError401 = {
+    response: {
+      status: 401,
+    },
+  };
+
+  const fakeError400 = {
+    response: {
+      status: 400,
+    },
+  };
+
+  it('Intercept error handler Should call setShouldShowTenantPopup on session timeout', () => {
+    const sessionTimeoutFn = interceptError(LOGIN_PAGE_URI, window);
+    sessionTimeoutFn(fakeError401, null);
+    expect(setShouldShowTenantPopup).toBeCalledTimes(1);
+  });
+
+  it('Intercept error handler Should not call setShouldShowTenantPopup on session timeout', () => {
+    const sessionTimeoutFn = interceptError(LOGIN_PAGE_URI, window);
+    sessionTimeoutFn(fakeError400, null);
+    expect(setShouldShowTenantPopup).toBeCalledTimes(0);
+  });
+});
diff --git a/public/plugin.ts b/public/plugin.ts
index 27a7b77..1ecf452 100644
--- a/public/plugin.ts
+++ b/public/plugin.ts
@@ -43,6 +43,7 @@ import {
   SecurityPluginStart,
 } from './types';
 import { addTenantToShareURL } from './services/shared-link';
+import { interceptError } from './utils/logout-utils';
 
 async function hasApiPermission(core: CoreSetup): Promise<boolean | undefined> {
   try {
@@ -149,23 +150,7 @@ export class SecurityPlugin implements Plugin<SecurityPluginSetup, SecurityPlugi
     if (config.ui.autologout) {
       // logout the user when getting 401 unauthorized, e.g. when session timed out.
       core.http.intercept({
-        responseError: (httpErrorResponse, controller) => {
-          if (
-            httpErrorResponse.response?.status === 401 &&
-            !(
-              window.location.pathname.toLowerCase().includes(LOGIN_PAGE_URI) ||
-              window.location.pathname.toLowerCase().includes(CUSTOM_ERROR_PAGE_URI)
-            )
-          ) {
-            if (config.auth.logout_url) {
-              window.location.href = config.auth.logout_url;
-            } else {
-              // when session timed out, user credentials in cookie are wiped out
-              // refres the page will direct the user to go through login process
-              window.location.reload();
-            }
-          }
-        },
+        responseError: interceptError(config.auth.logout_url, window),
       });
     }
 
diff --git a/public/utils/logout-utils.tsx b/public/utils/logout-utils.tsx
new file mode 100644
index 0000000..57c4adf
--- /dev/null
+++ b/public/utils/logout-utils.tsx
@@ -0,0 +1,43 @@
+/*
+ *   Copyright OpenSearch Contributors
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License").
+ *   You may not use this file except in compliance with the License.
+ *   A copy of the License is located at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   or in the "license" file accompanying this file. This file is distributed
+ *   on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ *   express or implied. See the License for the specific language governing
+ *   permissions and limitations under the License.
+ */
+
+import { setShouldShowTenantPopup } from './storage-utils';
+import {
+  HttpInterceptorResponseError,
+  IHttpInterceptController,
+} from '../../../../src/core/public';
+import { CUSTOM_ERROR_PAGE_URI, LOGIN_PAGE_URI } from '../../common';
+
+export function interceptError(logoutUrl: string, thisWindow: Window): any {
+  return (httpErrorResponse: HttpInterceptorResponseError, _: IHttpInterceptController) => {
+    if (httpErrorResponse.response?.status === 401) {
+      setShouldShowTenantPopup(null);
+      if (
+        !(
+          thisWindow.location.pathname.toLowerCase().includes(LOGIN_PAGE_URI) ||
+          thisWindow.location.pathname.toLowerCase().includes(CUSTOM_ERROR_PAGE_URI)
+        )
+      ) {
+        if (logoutUrl) {
+          thisWindow.location.href = logoutUrl;
+        } else {
+          // when session timed out, user credentials in cookie are wiped out
+          // refres the page will direct the user to go through login process
+          thisWindow.location.reload();
+        }
+      }
+    }
+  };
+}