Merged in feat/SW-3549-pass-scandic-token (pull request #2989)

Feat/SW-3549 pass scandic token * WIP pass scandic token * pass scandic token when booking * Merge branch 'master' of bitbucket.org:scandic-swap/web into feat/SW-3549-pass-scandic-token * pass user token when doing availability search * undo changes * merge * Merged in fix/sw-3551-rsc-bookingflowconfig (pull request #2988) fix(SW-3551): Fix issue with BookingConfigProvider in RSC * wip move config to pages * Move config providing to pages * Merged in fix/update-promo-error-modal-text (pull request #2990) fix: update promo error modal text * fix: update promo error modal text Approved-by: Emma Zettervall * Merged in fix/sw-3514-missing-membership-input-for-multiroom (pull request #2991) fix(SW-3514): Show join Scandic Friends card for SAS multiroom * Show join card for room 2+ Approved-by: Hrishikesh Vaipurkar * Merged in feat/lokalise-rebuild (pull request #2993) Feat/lokalise rebuild * chore(lokalise): update translation ids * chore(lokalise): easier to switch between projects * chore(lokalise): update translation ids * . * . * . * . * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * . * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * chore(lokalise): new translations * merge * switch to errors for missing id's * merge * sync translations Approved-by: Linus Flood * Merged in feat/SW-3552-logout-from-social-session-when- (pull request #2994) feat(SW-3552): Removed scandic session on logout Approved-by: Joakim Jäderberg * merge * replace getRedemptionTokenSafely() with context based instead * Refactor user verification and error handling across multiple components; implement safeTry utility for safer async calls * Refactor user verification and error handling across multiple components; implement safeTry utility for safer async calls * merge * Merge branch 'master' of bitbucket.org:scandic-swap/web into feat/SW-3549-pass-scandic-token * add booking scope remove unused getMembershipNumber() Approved-by: Anton Gunnarsson Approved-by: Hrishikesh Vaipurkar
2025-10-24 13:17:02 +00:00
parent c473bbc8b0
commit 3b3e7308cc
36 changed files with 558 additions and 503 deletions
--- a/apps/partner-sas/auth/scandic/config.ts
+++ b/apps/partner-sas/auth/scandic/config.ts
@@ -8,6 +8,6 @@ export const config = {
  client_secret: env.CURITY_CLIENT_SECRET_USER,
  redirect_uri: new URL("/api/web/auth/callback/curity", env.PUBLIC_URL).href,
  acr_values: "urn:com:scandichotels:sas-eb",
-  scope: "openid profile availability availability_whitelabel_get",
+  scope: "openid profile booking availability availability_whitelabel_get",
  response_type: "code",
 } as const
--- a/apps/partner-sas/lib/trpc/index.ts
+++ b/apps/partner-sas/lib/trpc/index.ts
@@ -1,12 +1,16 @@
 import { headers } from "next/headers"

+import { dt } from "@scandic-hotels/common/dt"
 import { createContext } from "@scandic-hotels/trpc/context"
+import { getEuroBonusProfileData } from "@scandic-hotels/trpc/routers/partners/sas/getEuroBonusProfile"
+import { getVerifiedUser } from "@scandic-hotels/trpc/routers/user/utils/getVerifiedUser"
 import {
  appServerClient,
  configureServerClient,
 } from "@scandic-hotels/trpc/serverClient"

 import { auth } from "@/auth"
+import { getSession } from "@/auth/scandic/session"

 import type { Lang } from "@scandic-hotels/common/constants/language"

@@ -24,6 +28,34 @@ export async function createAppContext() {
      const session = await auth()
      return session
    },
+    getScandicUserToken: async () => {
+      const session = await getSession()
+      return session?.access_token ?? null
+    },
+    getUserPointsBalance: async () => {
+      const session = await auth()
+      if (!session) return null
+
+      const euroBonusProfile = await getEuroBonusProfileData({
+        accessToken: session.token.access_token,
+        loginType: session.token.loginType,
+      })
+
+      if (!euroBonusProfile) return null
+
+      return euroBonusProfile.points.total
+    },
+    getScandicUser: async () => {
+      const session = await getSession()
+      if (!session) return null
+
+      return await getVerifiedUser({
+        token: {
+          expires_at: dt(session.expires_at).unix() * 1000,
+          access_token: session.access_token,
+        },
+      })
+    },
  })

  return ctx
--- a/apps/scandic-web/actions/editProfile.ts
+++ b/apps/scandic-web/actions/editProfile.ts
@@ -105,17 +105,17 @@ export const editProfile = protectedServerActionProcedure

      if (typedKey === "address") {
        if (
-          (payload.data.address.city === profile.address.city ||
-            (!payload.data.address.city && !profile.address.city)) &&
-          (payload.data.address.countryCode === profile.address.countryCode ||
+          (payload.data.address.city === profile.address?.city ||
+            (!payload.data.address.city && !profile.address?.city)) &&
+          (payload.data.address.countryCode === profile.address?.countryCode ||
            (!payload.data.address.countryCode &&
-              !profile.address.countryCode)) &&
+              !profile.address?.countryCode)) &&
          (payload.data.address.streetAddress ===
-            profile.address.streetAddress ||
+            profile.address?.streetAddress ||
            (!payload.data.address.streetAddress &&
-              !profile.address.streetAddress)) &&
-          (payload.data.address.zipCode === profile.address.zipCode ||
-            (!payload.data.address.zipCode && !profile.address.zipCode))
+              !profile.address?.streetAddress)) &&
+          (payload.data.address.zipCode === profile.address?.zipCode ||
+            (!payload.data.address.zipCode && !profile.address?.zipCode))
        ) {
          // untouched - noop
        } else {
--- a/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/otp/OneTimePasswordForm.tsx
+++ b/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/otp/OneTimePasswordForm.tsx
@@ -53,7 +53,7 @@ export default function OneTimePasswordForm({
  }

  if (requestOtp.isError) {
-    const cause = requestOtp.error?.data?.cause as RequestOtpError
+    const cause = requestOtp.error?.data?.cause as unknown as RequestOtpError

    const title = intl.formatMessage({
      id: "linkEuroBonusAccount.oneTimePasswordGenericError",
--- a/apps/scandic-web/app/[lang]/webview/(views)/layout.tsx
+++ b/apps/scandic-web/app/[lang]/webview/(views)/layout.tsx
@@ -1,8 +1,10 @@
 import * as Sentry from "@sentry/nextjs"
+import { TRPCError } from "@trpc/server"
 import { headers } from "next/headers"
 import { redirect } from "next/navigation"

 import { logger } from "@scandic-hotels/common/logger"
+import { safeTry } from "@scandic-hotels/common/utils/safeTry"

 import { getProfile } from "@/lib/trpc/memoizedRequests"

@@ -17,9 +19,9 @@ export default async function Layout(

  const { children } = props
  const intl = await getIntl()
-  const user = await getProfile()
+  const [user, error] = await safeTry(getProfile())

-  if (!user) {
+  if (!user && !error) {
    logger.debug(`[webview:page] unable to load user`)
    return (
      <p>
@@ -31,19 +33,21 @@ export default async function Layout(
    )
  }

-  if ("error" in user) {
-    switch (user.cause) {
-      case "unauthorized": // fall through
-      case "forbidden": // fall through
-      case "token_expired":
-        const headersList = await headers()
-        const returnURL = `/${params.lang}/webview${headersList.get("x-pathname")!}`
-        const redirectURL = `/${params.lang}/webview/refresh?returnUrl=${encodeURIComponent(returnURL)}`
-        logger.debug(
-          `[webview:page] user error, redirecting to: ${redirectURL}`
-        )
-        redirect(redirectURL)
-      case "notfound":
+  const notValidSession =
+    error instanceof TRPCError &&
+    (error.code === "UNAUTHORIZED" || error.code === "FORBIDDEN")
+
+  if (notValidSession) {
+    const headersList = await headers()
+    const returnURL = `/${params.lang}/webview${headersList.get("x-pathname")!}`
+    const redirectURL = `/${params.lang}/webview/refresh?returnUrl=${encodeURIComponent(returnURL)}`
+    logger.debug(`[webview:page] user error, redirecting to: ${redirectURL}`)
+    redirect(redirectURL)
+  }
+
+  if (error instanceof TRPCError) {
+    switch (error.code) {
+      case "NOT_FOUND":
        return (
          <p>
            {intl.formatMessage({
@@ -52,7 +56,15 @@ export default async function Layout(
            })}
          </p>
        )
-      case "unknown":
+      default:
+        logger.error("[webview:page] unexpected error code loading user", error)
+        Sentry.captureException(error, {
+          data: {
+            errorCode: error.code,
+            message: "[webview:page] unexpected error code loading user",
+          },
+        })
+
        return (
          <p>
            {intl.formatMessage({
@@ -61,10 +73,6 @@ export default async function Layout(
            })}
          </p>
        )
-      default:
-        const u: never = user
-        logger.error("[webview:page] unhandled user loading error", u)
-        Sentry.captureMessage("[webview:page] unhandled user loading error", u)
    }
  }

--- a/apps/scandic-web/components/MyPages/Profile/index.tsx
+++ b/apps/scandic-web/components/MyPages/Profile/index.tsx
@@ -30,11 +30,11 @@ export default async function Profile() {
  const lang = await getLang()

  const addressParts = []
-  if (user.address.streetAddress) {
+  if (user.address?.streetAddress) {
    addressParts.push(user.address.streetAddress)
  }

-  if (user.address.city) {
+  if (user.address?.city) {
    addressParts.push(user.address.city)
  }

@@ -43,8 +43,8 @@ export default async function Profile() {
    region: new Intl.DisplayNames([lang], { type: "region" }),
  }

-  if (user.address.country) {
-    const countryCode = isValidCountry(user.address.country)
+  if (user.address?.country) {
+    const countryCode = isValidCountry(user.address?.country)
      ? countriesMap[user.address.country]
      : null
    const localizedCountry = countryCode
--- a/apps/scandic-web/components/ProtectedLayout.tsx
+++ b/apps/scandic-web/components/ProtectedLayout.tsx
@@ -1,8 +1,10 @@
+import { TRPCError } from "@trpc/server"
 import { headers } from "next/headers"
 import { redirect } from "next/navigation"

 import { overview } from "@scandic-hotels/common/constants/routes/myPages"
 import { logger } from "@scandic-hotels/common/logger"
+import { safeTry } from "@scandic-hotels/common/utils/safeTry"
 import { isValidSession } from "@scandic-hotels/trpc/utils/session"

 import { getProfile } from "@/lib/trpc/memoizedRequests"
@@ -33,29 +35,9 @@ export async function ProtectedLayout({ children }: React.PropsWithChildren) {
    redirect(redirectURL)
  }

-  const user = await getProfile()
+  const [user, error] = await safeTry(getProfile())

-  if (user && "error" in user) {
-    // redirect(redirectURL)
-    logger.error("[layout:protected] error in user", user)
-    switch (user.cause) {
-      case "unauthorized": // fall through
-      case "forbidden": // fall through
-      case "token_expired":
-        logger.error(
-          `[layout:protected] user error, redirecting to: ${redirectURL}`
-        )
-        redirect(redirectURL)
-      case "notfound":
-        logger.error(`[layout:protected] notfound user loading error`)
-        break
-      case "unknown":
-        logger.error(`[layout:protected] unknown user loading error`)
-        break
-      default:
-        logger.error(`[layout:protected] unhandled user loading error`)
-        break
-    }
+  if (error instanceof TRPCError && error.code === "INTERNAL_SERVER_ERROR") {
    return (
      <p>
        {intl.formatMessage({
--- a/apps/scandic-web/components/UserExists.tsx
+++ b/apps/scandic-web/components/UserExists.tsx
@@ -16,9 +16,12 @@ export function UserExists() {
  const isUserLoggedIn = isValidClientSession(session)
  const lang = useLang()

-  const { data, isLoading: isLoadingUser } = trpc.user.get.useQuery(undefined, {
-    enabled: isUserLoggedIn,
-  })
+  const { isLoading: isLoadingUser, error } = trpc.user.get.useQuery(
+    undefined,
+    {
+      enabled: isUserLoggedIn,
+    }
+  )

  if (!isUserLoggedIn) {
    return null
@@ -28,16 +31,12 @@ export function UserExists() {
    return null
  }

-  if (data && "error" in data && data.error) {
-    switch (data.cause) {
-      case "notfound":
-        redirect(
-          `${logoutSafely[lang]}?redirectTo=${encodeURIComponent(userNotFound[lang])}`
-        )
-      default:
-        break
-    }
+  switch (error?.data?.code) {
+    case "NOT_FOUND":
+      redirect(
+        `${logoutSafely[lang]}?redirectTo=${encodeURIComponent(userNotFound[lang])}`
+      )
+    default:
+      return null
  }
-
-  return null
 }
--- a/apps/scandic-web/lib/trpc/server.ts
+++ b/apps/scandic-web/lib/trpc/server.ts
@@ -6,6 +6,7 @@ import { Lang } from "@scandic-hotels/common/constants/language"
 import { login } from "@scandic-hotels/common/constants/routes/handleAuth"
 import { createLogger } from "@scandic-hotels/common/logger/createLogger"
 import { createContext } from "@scandic-hotels/trpc/context"
+import { getVerifiedUser } from "@scandic-hotels/trpc/routers/user/utils/getVerifiedUser"
 import {
  appServerClient,
  configureServerClient,
@@ -23,6 +24,21 @@ export async function createAppContext() {
  const webviewTokenCookie = cookie.get("webviewToken")
  const loginType = headersList.get("loginType")

+  async function getUserSession(): Promise<Session | null> {
+    const session = await auth()
+    const webToken = webviewTokenCookie?.value
+    if (!session?.token && !webToken) {
+      return null
+    }
+
+    return (
+      session ||
+      ({
+        token: { access_token: webToken, loginType },
+      } as Session)
+    )
+  }
+
  const ctx = createContext({
    app: "scandic-web",
    lang: headersList.get("x-lang") as Lang,
@@ -31,19 +47,38 @@ export async function createAppContext() {
    url: headersList.get("x-url")!,
    webToken: webviewTokenCookie?.value,
    contentType: headersList.get("x-contenttype")!,
-    auth: async () => {
-      const session = await auth()
-      const webToken = webviewTokenCookie?.value
-      if (!session?.token && !webToken) {
+    auth: async () => await getUserSession(),
+    getScandicUserToken: async () => {
+      const session = await getUserSession()
+      return session?.token?.access_token ?? null
+    },
+    getUserPointsBalance: async () => {
+      const session = await getUserSession()
+      if (!session) return null
+
+      const user = await getVerifiedUser({
+        token: {
+          expires_at: session.token.expires_at ?? 0,
+          access_token: session.token.access_token,
+        },
+      })
+
+      if (!user) {
        return null
      }

-      return (
-        session ||
-        ({
-          token: { access_token: webToken, loginType },
-        } as Session)
-      )
+      return user.membership?.currentPoints ?? 0
+    },
+    getScandicUser: async () => {
+      const session = await getUserSession()
+      if (!session) return null
+
+      return await getVerifiedUser({
+        token: {
+          expires_at: session.token.expires_at ?? 0,
+          access_token: session.token.access_token,
+        },
+      })
    },
  })