From 1dcfb52e47a5b3ae4bb90cc39c895a8bb80faf9d Mon Sep 17 00:00:00 2001
From: Tiago Salvado <tiagosalvado10@gmail.com>
Date: Fri, 28 Jun 2024 11:16:45 +0100
Subject: [PATCH 1/2] [MNT-24449] Validate ticket on config initialization

---
 lib/js-api/src/alfrescoApi.ts | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/lib/js-api/src/alfrescoApi.ts b/lib/js-api/src/alfrescoApi.ts
index c50a6e605f2..f94f5141bfc 100644
--- a/lib/js-api/src/alfrescoApi.ts
+++ b/lib/js-api/src/alfrescoApi.ts
@@ -69,6 +69,11 @@ export class AlfrescoApi implements Emitter, AlfrescoApiType {
         this.storage = Storage.getInstance();
         this.storage.setDomainPrefix(config.domainPrefix);
 
+        this.initConfig(config);
+        this.validateTicket(config);
+    }
+
+    private initConfig(config: AlfrescoApiConfig) {
         this.config = new AlfrescoApiConfig(config);
 
         this.clientsFactory();
@@ -81,8 +86,22 @@ export class AlfrescoApi implements Emitter, AlfrescoApiType {
                 this.emitBuffer('logged-in');
             }
         }
+    }
 
-        return config;
+    private validateTicket(config: AlfrescoApiConfig) {
+        if (config.ticketEcm && !this.isOauthConfiguration()) {
+            if (!this.contentAuth) {
+                this.contentAuth = new ContentAuth(this.config, this, this.httpClient);
+            }
+
+            this.contentAuth.validateTicket().then((ticket) => {
+                config.ticketEcm = ticket;
+            })
+            .catch(() => {
+                config.ticketEcm = null;
+                this.initConfig(config);
+            });
+        }
     }
 
     private initAuth(config: AlfrescoApiConfig): void {

From acbe3723feac99cc8786c8b737d7fe6698bec495 Mon Sep 17 00:00:00 2001
From: Tiago Salvado <tiagosalvado10@gmail.com>
Date: Mon, 8 Jul 2024 16:53:26 +0100
Subject: [PATCH 2/2] [MNT-24449] Added unit test

---
 lib/js-api/src/alfrescoApi.ts                 | 20 +++++++++++--------
 lib/js-api/test/alfrescoApi.spec.ts           | 20 +++++++++++++++++++
 .../content-services/ecm-auth.mock.ts         | 14 +++++++++++++
 3 files changed, 46 insertions(+), 8 deletions(-)

diff --git a/lib/js-api/src/alfrescoApi.ts b/lib/js-api/src/alfrescoApi.ts
index f94f5141bfc..bee57b4e3e2 100644
--- a/lib/js-api/src/alfrescoApi.ts
+++ b/lib/js-api/src/alfrescoApi.ts
@@ -93,14 +93,18 @@ export class AlfrescoApi implements Emitter, AlfrescoApiType {
             if (!this.contentAuth) {
                 this.contentAuth = new ContentAuth(this.config, this, this.httpClient);
             }
-
-            this.contentAuth.validateTicket().then((ticket) => {
-                config.ticketEcm = ticket;
-            })
-            .catch(() => {
-                config.ticketEcm = null;
-                this.initConfig(config);
-            });
+            this.contentAuth
+                .validateTicket()
+                .then((ticket) => {
+                    config.ticketEcm = ticket;
+                })
+                .catch((error) => {
+                    if (error.status === 401) {
+                        config.ticketEcm = null;
+                        this.initConfig(config);
+                        this.emitBuffer('ticket_invalidated');
+                    }
+                });
         }
     }
 
diff --git a/lib/js-api/test/alfrescoApi.spec.ts b/lib/js-api/test/alfrescoApi.spec.ts
index ff45f607eca..20e3a88273b 100644
--- a/lib/js-api/test/alfrescoApi.spec.ts
+++ b/lib/js-api/test/alfrescoApi.spec.ts
@@ -40,6 +40,26 @@ describe('Basic configuration test', () => {
                 'https://testServer.com:1616/strangeContextRoot/api/-default-/public/alfresco/versions/1'
             );
         });
+
+        it('should detect invalid ticket and unset it', (done) => {
+            const hostEcm = 'https://127.0.0.1:8080';
+            const authEcmMock = new EcmAuthMock(hostEcm);
+
+            const config = {
+                hostEcm,
+                authType: 'BASIC',
+                ticketEcm: 'wrong-ticket'
+            };
+
+            authEcmMock.get401InvalidTicket();
+
+            const alfrescoApi = new AlfrescoApi(config);
+
+            alfrescoApi.on('ticket_invalidated', () => {
+                assert.equal(alfrescoApi.config.ticketEcm, null);
+                done();
+            });
+        });
     });
 
     describe('setconfig parameter ', () => {
diff --git a/lib/js-api/test/mockObjects/content-services/ecm-auth.mock.ts b/lib/js-api/test/mockObjects/content-services/ecm-auth.mock.ts
index 198616f368c..0ae59a8f69a 100644
--- a/lib/js-api/test/mockObjects/content-services/ecm-auth.mock.ts
+++ b/lib/js-api/test/mockObjects/content-services/ecm-auth.mock.ts
@@ -47,6 +47,20 @@ export class EcmAuthMock extends BaseMock {
             .reply(200, { entry: { id: returnMockTicket } });
     }
 
+    get401InvalidTicket(): void {
+        nock(this.host, { encodedQueryParams: true })
+            .get('/alfresco/api/-default-/public/authentication/versions/1/tickets/-me-')
+            .reply(401, {
+                error: {
+                    errorKey: 'framework.exception.ApiDefault',
+                    statusCode: 401,
+                    briefSummary: '05210059 Authentication failed for Web Script org/alfresco/api/ResourceWebScript.get',
+                    stackTrace: 'For security reasons the stack trace is no longer displayed, but the property is kept for previous versions.',
+                    descriptionURL: 'https://api-explorer.alfresco.com'
+                }
+            });
+    }
+
     get403Response(): void {
         nock(this.host, { encodedQueryParams: true })
             .post('/alfresco/api/-default-/public/authentication/versions/1/tickets', {