
673 lines
19 KiB
Raw Normal View History

import {
2021-11-24 06:17:37 +00:00
2021-10-05 15:44:14 +00:00
2021-11-24 06:17:37 +00:00
2022-04-01 21:38:47 +00:00
2021-11-24 06:17:37 +00:00
2021-11-24 06:17:37 +00:00
2021-10-05 15:44:14 +00:00
2021-10-05 15:44:14 +00:00
2021-11-24 06:17:37 +00:00
2021-11-12 12:46:25 +00:00
} from '@skolplattformen/api'
2021-11-24 06:17:37 +00:00
import { Language } from '@skolplattformen/curriculum'
import { EventEmitter } from 'events'
import { decode } from 'he'
import { DateTime } from 'luxon'
import * as html from 'node-html-parser'
import * as fake from './fakeData'
import { checkStatus, DummyStatusChecker } from './loginStatusChecker'
2022-04-01 21:38:47 +00:00
import { checkStatus as checkFrejaStatus } from './frejaLoginStatusChecker'
2021-11-24 06:17:37 +00:00
import * as parse from './parse/index'
2022-02-11 17:31:24 +00:00
import queueFetcherWrapper from './queueFetcherWrapper'
2021-11-24 06:17:37 +00:00
import * as routes from './routes'
2021-03-30 15:21:18 +00:00
const fakeResponse = <T>(data: T): Promise<T> =>
new Promise((res) => setTimeout(() => res(data), 200 + Math.random() * 800))
const s24Init = {
headers: {
accept: 'application/json, text/javascript, */*; q=0.01',
2021-10-05 15:44:14 +00:00
'accept-language': 'en-US,en;q=0.9,sv;q=0.8',
'cache-control': 'no-cache',
'content-type': 'application/json',
pragma: 'no-cache',
host: '',
'x-scope': '8a22163c-8662-4535-9050-bc5e1923df48',
interface SSOSystems {
[name: string]: boolean | undefined
export class ApiSkolplattformen extends EventEmitter implements Api {
private fetch: Fetcher
private personalNumber?: string
2021-11-12 12:46:25 +00:00
// eslint-disable-next-line @typescript-eslint/no-explicit-any
private headers: any
private cookieManager: CookieManager
2021-10-06 20:47:50 +00:00
public isLoggedIn = false
2021-10-06 20:47:50 +00:00
public isFake = false
private authorizedSystems: SSOSystems = {}
2021-03-30 15:21:18 +00:00
fetch: Fetch, // typeof global.fetch,
2021-03-30 15:21:18 +00:00
cookieManager: CookieManager,
options?: FetcherOptions
) {
this.fetch = wrap(fetch, options)
this.cookieManager = cookieManager
this.headers = {}
public getPersonalNumber(): string | undefined {
return this.personalNumber
private getRequestInit(options: RequestInit = {}): RequestInit {
return {
headers: {
public async getSessionHeaders(url: string): Promise<{ [index: string]: string }> {
const init = this.getRequestInit()
const cookie = await this.cookieManager.getCookieString(url)
return {
2021-03-30 15:21:18 +00:00
public async getSession(
url: string,
options?: RequestInit
): Promise<RequestInit> {
const init = this.getRequestInit(options)
const cookie = await this.cookieManager.getCookieString(url)
return {
headers: {
private async clearSession(): Promise<void> {
this.headers = {}
await this.cookieManager.clearAll()
private addHeader(name: string, value: string): void {
this.headers[name] = value
public async login(personalNumber?: string): Promise<LoginStatusChecker> {
2021-10-05 15:44:14 +00:00
if (personalNumber !== undefined && personalNumber.endsWith('1212121212'))
return this.fakeMode()
this.isFake = false
const ticketUrl = routes.login(personalNumber)
const ticketResponse = await this.fetch('auth-ticket', ticketUrl)
2021-03-01 17:31:47 +00:00
if (!ticketResponse.ok) {
2021-03-30 15:21:18 +00:00
throw new Error(
`Server Error [${ticketResponse.status}] [${ticketResponse.statusText}] [${ticketUrl}]`
2021-02-27 19:57:55 +00:00
const ticket: AuthTicket = await ticketResponse.json()
// login was initiated - store personal number
this.personalNumber = personalNumber
const status = checkStatus(this.fetch, ticket)
status.on('OK', async () => {
await this.retrieveSessionCookie()
await this.retrieveXsrfToken()
this.isLoggedIn = true
2021-03-30 15:21:18 +00:00
status.on('ERROR', () => {
this.personalNumber = undefined
return status
2022-04-01 21:38:47 +00:00
public async loginFreja(): Promise<FrejaLoginStatusChecker> {
2022-04-22 12:38:13 +00:00
// await this.clearSession()
2022-04-06 06:41:11 +00:00
2022-04-01 21:38:47 +00:00
const loginUrl = routes.frejaLogin
const loginResponse = await this.fetch('auth-ticket', loginUrl)
// if (!ticketResponse.ok) {
// throw new Error(
// `Server Error [${ticketResponse.status}] [${ticketResponse.statusText}] [${ticketUrl}]`
// )
// }
const appSwitchUrl: string = await loginResponse.text()
const cleanAppSwitchUrl = this.cleanFrejaAppSwitchUrl(appSwitchUrl)
console.log('getting freja login url: ' + cleanAppSwitchUrl)
2022-04-06 06:41:11 +00:00
const checkStatusSession = await this.getSession(loginUrl, {
redirect: 'manual',
const status = checkFrejaStatus(this.fetch, cleanAppSwitchUrl, checkStatusSession)
2022-04-01 21:38:47 +00:00
status.on('APPROVED', async () => {
2022-04-06 06:41:11 +00:00
await this.retrieveFrejaSessionCookie()
2022-04-01 21:38:47 +00:00
await this.retrieveXsrfToken()
this.isLoggedIn = true
2022-04-11 20:20:22 +00:00
2022-04-01 21:38:47 +00:00
return status
private cleanFrejaAppSwitchUrl(url: string): string {
const parts = url.split('&')
return parts[0]
2021-03-30 15:21:18 +00:00
public async setSessionCookie(sessionCookie: string): Promise<void> {
// Manually set cookie in this call and let the cookieManager
// handle it from here
// If we put it into the cookieManager manually, we get duplicate cookies
const url = routes.loginCookie
await this.fetch('login-cookie', url, {
headers: {
cookie: sessionCookie,
redirect: 'manual', // Important! Turn off redirect following. We can get into a redirect loop without this.
const user = await this.getUser()
if (!user.isAuthenticated) {
throw new Error('Session cookie is expired')
await this.retrieveXsrfToken()
this.isLoggedIn = true
private async retrieveSessionCookie(): Promise<void> {
2022-04-01 21:38:47 +00:00
const url = routes.loginCookie
await this.fetch('login-cookie', url)
2022-04-01 21:38:47 +00:00
private async retrieveFrejaSessionCookie(): Promise<void> {
2022-04-11 20:20:22 +00:00
const url = routes.frejaReturnUrl
2022-04-22 12:38:13 +00:00
await this.fetch('freja-login-return-url', url)
2022-04-11 20:20:22 +00:00
} catch(error){
const url2 = routes.frejaLoginCookie
const session = await this.getSession(url2, {
redirect: 'manual',
2022-04-22 12:38:13 +00:00
await this.fetch('freja-login-cookie', url2)
2022-04-11 20:20:22 +00:00
} catch(error2){
2022-04-01 21:38:47 +00:00
2022-04-22 12:38:13 +00:00
private async retrieveXsrfToken(): Promise<void> {
const url = routes.hemPage
const session = this.getRequestInit()
const response = await this.fetch('hemPage', url, session)
const text = await response.text()
const doc = html.parse(decode(text))
2021-03-30 15:21:18 +00:00
const xsrfToken =
?.getAttribute('value') || ''
this.addHeader('x-xsrf-token', xsrfToken)
private async fakeMode(): Promise<LoginStatusChecker> {
this.isFake = true
setTimeout(() => {
this.isLoggedIn = true
}, 50)
const emitter = new DummyStatusChecker()
emitter.token = 'fake'
return emitter
public async getUser(): Promise<User> {
if (this.isFake) return fakeResponse(fake.user())
const url = routes.user
const session = this.getRequestInit()
const response = await this.fetch('user', url, session)
const data = await response.json()
return parse.user(data)
2021-09-10 13:44:37 +00:00
public async getChildren(): Promise<EtjanstChild[]> {
if (this.isFake) return fakeResponse(fake.children())
const url = routes.children
const session = this.getRequestInit({
2021-02-27 13:34:17 +00:00
headers: {
2021-03-01 17:31:47 +00:00
Accept: 'application/json;odata=verbose',
Host: '',
2021-03-25 13:33:57 +00:00
Referer: '',
2021-03-01 17:31:47 +00:00
2021-02-26 23:01:03 +00:00
const response = await this.fetch('children', url, session)
2021-02-26 23:01:03 +00:00
if (!response.ok) {
2021-03-30 15:21:18 +00:00
throw new Error(
`Server Error [${response.status}] [${response.statusText}] [${url}]`
const data = await response.json()
const parsed = parse.children(data)
const useSpecialQueueModeForFSChildren = parsed.some((c) => (c.status || '').includes('FS'))
if(useSpecialQueueModeForFSChildren) {
this.fetch = queueFetcherWrapper(this.fetch, (childId) => this.selectChildById(childId))
return parsed
public async getCalendar(child: EtjanstChild): Promise<CalendarItem[]> {
if (this.isFake) return fakeResponse(fake.calendar(child))
const url = routes.calendar(
const session = this.getRequestInit()
const response = await this.fetch('calendar', url, session,
const data = await response.json()
return parse.calendar(data)
public async getClassmates(child: EtjanstChild): Promise<Classmate[]> {
if (this.isFake) return fakeResponse(fake.classmates(child))
const url = routes.classmates(child.sdsId)
const session = this.getRequestInit()
const response = await this.fetch('classmates', url, session)
const data = await response.json()
return parse.classmates(data)
public async getTeachers(child: EtjanstChild): Promise<Teacher[]> {
if (this.isFake) return fakeResponse(fake.teachers(child))
const session = this.getRequestInit()
const schoolForms = (child.status || '').split(';')
let teachers: Teacher[] = []
for(let i = 0; i< schoolForms.length; i+=1){
const url = routes.teachers(child.sdsId, schoolForms[i])
// eslint-disable-next-line no-await-in-loop
const response = await this.fetch(`teachers_${schoolForms[i]}`, url, session)
// eslint-disable-next-line no-await-in-loop
const data = await response.json()
teachers = [
return teachers
public async getSchoolContacts(child: EtjanstChild): Promise<SchoolContact[]> {
if(this.isFake) return fakeResponse(fake.schoolContacts(child))
const url = routes.schoolContacts(child.sdsId, child.schoolId || '')
const session = this.getRequestInit()
const response = await this.fetch('schoolContacts', url, session)
const data = await response.json()
return parse.schoolContacts(data)
2021-03-30 15:21:18 +00:00
public async getSchedule(
child: EtjanstChild,
2021-03-30 15:21:18 +00:00
from: DateTime,
2021-10-05 15:44:14 +00:00
to: DateTime
2021-03-30 15:21:18 +00:00
): Promise<ScheduleItem[]> {
if (this.isFake) return fakeResponse(fake.schedule(child))
const url = routes.schedule(, from.toISODate(), to.toISODate())
const session = this.getRequestInit()
const response = await this.fetch('schedule', url, session)
const data = await response.json()
return parse.schedule(data)
public async getNews(child: EtjanstChild): Promise<NewsItem[]> {
if (this.isFake) return fakeResponse(
const url =
const session = this.getRequestInit()
const response = await this.fetch('news', url, session,
this.CheckResponseForCorrectChildStatus(response, child)
const data = await response.json()
// eslint-disable-next-line class-methods-use-this
2021-11-24 06:17:37 +00:00
private CheckResponseForCorrectChildStatus(
response: Response,
child: EtjanstChild
) {
const setCookieResp = response.headers.get('Set-Cookie')
2021-11-24 06:17:37 +00:00
if (
child.status !== 'FS' &&
setCookieResp &&
) {
throw new Error('Wrong child in response')
2021-10-05 15:44:14 +00:00
public async getNewsDetails(
child: EtjanstChild,
item: NewsItem
2021-11-24 06:17:37 +00:00
): Promise<NewsItem | undefined> {
if (this.isFake) {
return fakeResponse( => === || {id: "", published: ""})
const url = routes.newsDetails(,
const session = this.getRequestInit()
const response = await this.fetch(`news_${}`, url, session,
this.CheckResponseForCorrectChildStatus(response, child)
const data = await response.json()
return parse.newsItemDetails(data)
public async getMenu(child: EtjanstChild): Promise<MenuItem[]> {
if (this.isFake) return fakeResponse(
const menuService = await this.getMenuChoice(child)
if (menuService === 'rss') {
const url = routes.menuRss(
const session = this.getRequestInit()
const response = await this.fetch('menu-rss', url, session,
this.CheckResponseForCorrectChildStatus(response, child)
const data = await response.json()
const url = routes.menuList(
const session = this.getRequestInit()
const response = await this.fetch('menu-list', url, session,
this.CheckResponseForCorrectChildStatus(response, child)
const data = await response.json()
return parse.menuList(data)
private async getMenuChoice(child: EtjanstChild): Promise<string> {
const url = routes.menuChoice(
const session = this.getRequestInit()
const response = await this.fetch('menu-choice', url, session,
this.CheckResponseForCorrectChildStatus(response, child)
const data = await response.json()
const etjanstResponse = parse.etjanst(data)
return etjanstResponse
public async getNotifications(child: EtjanstChild): Promise<Notification[]> {
if (this.isFake) return fakeResponse(fake.notifications(child))
const url = routes.notifications(child.sdsId)
const session = this.getRequestInit()
const response = await this.fetch('notifications', url, session)
const data = await response.json()
return parse.notifications(data)
private async readSAMLRequest(targetSystem: string): Promise<string> {
const url = routes.ssoRequestUrl(targetSystem)
const session = this.getRequestInit({
2021-10-05 15:44:14 +00:00
redirect: 'follow',
const response = await this.fetch('samlRequest', url, session)
const text = await response.text()
2021-10-05 15:44:14 +00:00
const samlRequest = /name="SAMLRequest" value="(\S+)">/gm.exec(
text || ''
if (!samlRequest) {
throw new Error('Could not parse SAML Request')
} else {
return samlRequest
private async submitSAMLRequest(samlRequest: string): Promise<string> {
const body = new URLSearchParams({ SAMLRequest: samlRequest }).toString()
const url = routes.ssoResponseUrl
const session = this.getRequestInit({
2021-10-05 15:44:14 +00:00
headers: {
'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
redirect: 'follow',
method: 'POST',
2021-10-05 15:44:14 +00:00
const response = await this.fetch('samlResponse', url, session)
const text = await response.text()
const samlResponse = /name="SAMLResponse" value="(\S+)">/gm.exec(text)?.[1]
if (!samlResponse) {
throw new Error('Could not parse SAML Response')
} else {
return samlResponse
private async ssoAuthorize(targetSystem: SSOSystem): Promise<string> {
if (this.authorizedSystems[targetSystem]) {
return ''
const samlRequest = await this.readSAMLRequest(targetSystem)
const samlResponse = await this.submitSAMLRequest(samlRequest)
2021-10-05 15:44:14 +00:00
const body = new URLSearchParams({ SAMLResponse: samlResponse }).toString()
const url = routes.samlResponseUrl
const session = this.getRequestInit({
headers: {
'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
2021-10-05 15:44:14 +00:00
redirect: 'follow',
method: 'POST',
const response = await this.fetch('samlAuthorize', url, session)
const text = await response.text()
this.authorizedSystems[targetSystem] = true
return text
2021-10-05 15:44:14 +00:00
public async getSkola24Children(): Promise<Skola24Child[]> {
if (this.isFake) return fakeResponse(fake.skola24Children())
await this.ssoAuthorize('TimetableViewer')
2021-10-05 15:44:14 +00:00
const body = {
getPersonalTimetablesRequest: {
hostName: '',
const session = this.getRequestInit({
body: JSON.stringify(body),
method: 'POST',
const url = routes.timetables
const response = await this.fetch('s24children', url, session)
const {
data: {
2021-10-05 15:44:14 +00:00
getPersonalTimetablesResponse: { childrenTimetables },
} = await response.json()
return childrenTimetables as Skola24Child[]
private async getRenderKey(): Promise<string> {
const url = routes.renderKey
const session = this.getRequestInit(s24Init)
const response = await this.fetch('renderKey', url, session)
2021-10-05 15:44:14 +00:00
const {
data: { key },
} = await response.json()
return key as string
2021-10-05 15:44:14 +00:00
public async getTimetable(
child: Skola24Child,
week: number,
year: number,
lang: Language
): Promise<TimetableEntry[]> {
if (this.isFake) return fakeResponse(fake.timetable(child))
2021-10-05 15:44:14 +00:00
if (!child.timetableID) {
return new Array<TimetableEntry>()
2021-10-05 15:44:14 +00:00
const url = routes.timetable
const renderKey = await this.getRenderKey()
const params = {
blackAndWhite: false,
customerKey: '',
endDate: null,
height: 1063,
host: '',
periodText: '',
privateFreeTextMode: null,
privateSelectionMode: true,
scheduleDay: 0,
selection: child.personGuid,
selectionType: 5,
showHeader: false,
startDate: null,
unitGuid: child.unitGuid,
width: 1227,
const session = this.getRequestInit({
method: 'POST',
body: JSON.stringify(params),
2021-10-05 15:44:14 +00:00
const response = await this.fetch(
const json = await response.json()
return parse.timetable(json, year, week, lang)
2022-02-11 17:31:24 +00:00
public async selectChild(child : EtjanstChild): Promise<EtjanstChild> {
const response = await this.selectChildById(
2022-02-11 17:31:24 +00:00
const data = await response.json()
return parse.child(parse.etjanst(data))
private async selectChildById(childId: string) {
const requestInit = this.getRequestInit({
method: 'POST',
headers: {
host: '',
accept: 'application/json, text/plain, */*',
'accept-Encoding': 'gzip, deflate',
'content-Type': 'application/json;charset=UTF-8',
origin: '',
referer: '',
body: JSON.stringify({
id: childId,
const response = await this.fetch('selectChild', routes.selectChild, requestInit)
return response
public async logout() {
this.isFake = false
this.personalNumber = undefined
this.isLoggedIn = false
this.authorizedSystems = {}
await this.clearSession()