Merge remote-tracking branch 'origin/main'

Author: arcshiftsolutions

src/app/services/authorization.ts

@@ -1,4 +1,5 @@
 import { handleError } from "./helpers";
+import { jwtDecode } from "jwt-decode";
 
 interface openIdConfig {
   authorizationEndpoint?: string;
@@ -200,6 +201,8 @@ export default class AuthService {
   }
 
   private async requestTokens(authorizationCode: string) {
+    if (!authorizationCode || !this.tokenEndpoint?.trim()) return;
+
     const tokenRequestBody = new URLSearchParams({
       grant_type: "authorization_code",
       code: authorizationCode,
@@ -233,10 +236,20 @@ export default class AuthService {
     const tokens = await response.json();
 
     if (this.userinfoEndpoint && tokens?.access_token) {
-      const userinfoResponse = await fetch(this.userinfoEndpoint, {
+      const userinfo = await this.fetchUserInfo(tokens.access_token);
+      if (userinfo) {
+        tokens["userinfo_token"] = userinfo;
+      }
+    }
+    sessionStorage.setItem("tokens", JSON.stringify(tokens || {}));
+  }
+
+  private async fetchUserInfo(accessToken: string) {
+    try {
+      const userinfoResponse = await fetch(this.userinfoEndpoint!, {
         method: "GET",
         headers: {
-          Authorization: `Bearer ${tokens?.access_token}`,
+          Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/x-www-form-urlencoded",
         },
       });
@@ -247,11 +260,17 @@ export default class AuthService {
         return;
       }
 
-      const userinfo = await userinfoResponse.json();
-      tokens["userinfo_token"] = userinfo;
-    }
+      const response = await userinfoResponse.text();
 
-    sessionStorage.setItem("tokens", JSON.stringify(tokens || {}));
+      try {
+        return JSON.parse(response);
+      } catch {
+        return jwtDecode(response);
+      }
+    } catch (err) {
+      console.error("Failed to fetch userinfo:", err);
+      return null;
+    }
   }
 
   isAuthenticated() {