From cf3caf1a0ba3959e5f7aabe4576c112ebc443123 Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Mon, 2 Oct 2023 11:37:48 -0400
Subject: [PATCH 1/8] MiradorCanvas inspects annotation type and service
 profile to determine iiif images - jest specs for image service
 identification - jest specs for resource type filters - #3789

---
 .../fixtures/version-3/auth2-active.json      | 65 +++++++++++++++++
 __tests__/fixtures/version-3/auth2-kiosk.json | 69 +++++++++++++++++++
 __tests__/src/lib/MiradorCanvas.test.js       | 24 +++++++
 __tests__/src/lib/typeFilters.test.js         | 52 ++++++++++++++
 src/lib/MiradorCanvas.js                      | 23 +++----
 src/lib/canvasTypes.js                        | 37 ++++++++++
 src/lib/getServices.js                        | 44 ++++++++++++
 src/lib/typeFilters.js                        | 45 ++++++++++++
 8 files changed, 346 insertions(+), 13 deletions(-)
 create mode 100644 __tests__/fixtures/version-3/auth2-active.json
 create mode 100644 __tests__/fixtures/version-3/auth2-kiosk.json
 create mode 100644 __tests__/src/lib/typeFilters.test.js
 create mode 100644 src/lib/canvasTypes.js
 create mode 100644 src/lib/getServices.js
 create mode 100644 src/lib/typeFilters.js

diff --git a/__tests__/fixtures/version-3/auth2-active.json b/__tests__/fixtures/version-3/auth2-active.json
new file mode 100644
index 0000000000..cb459a6909
--- /dev/null
+++ b/__tests__/fixtures/version-3/auth2-active.json
@@ -0,0 +1,65 @@
+{
+  "@context": "http://iiif.io/api/presentation/3/context.json",
+  "id": "https://iiif.io/api/cookbook/recipe/0005-image-service/manifest.json",
+  "type": "Manifest",
+  "label": {
+    "en": [
+      "An actively authorized video"
+    ]
+  },
+  "items": [
+    {
+      "id": "https://auth.example.org/my-video1",
+      "type": "Canvas",
+      "label": {
+        "en": [
+          "Canvas with a single IIIF video"
+        ]
+      },
+      "height": 3024,
+      "width": 4032,
+      "items": [        
+        {
+          "id": "https://auth.example.org/my-video/page",
+          "type": "AnnotationPage",
+          "items": [
+            {
+              "id": "https://auth.example.org/my-video/annotation",
+              "type": "Annotation",
+              "motivation": "painting",
+              "body": {
+                "id": "https://auth.example.org/my-video.mp4",
+                "type": "Video",
+                "service": [
+                  {
+                    "id": "https://auth.example.org/probe/my-video",
+                    "type": "AuthProbeService2",
+                    "service" : [
+                      {
+                        "id": "https://auth.example.org/login",
+                        "type": "AuthAccessService2",
+                        "profile": "active",
+                        "label": { "en": [ "Login to Example Institution" ] },
+                        "service" : [
+                          {
+                            "id": "https://auth.example.org/token",
+                            "type": "AuthAccessTokenService2"
+                          },
+                          {
+                            "id": "https://auth.example.org/logout",
+                            "type": "AuthLogoutService2",
+                            "label": { "en": [ "Logout from Example Institution" ] }
+                          }
+                        ]
+                      }
+                    ]
+                  }
+                ]
+              }
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
diff --git a/__tests__/fixtures/version-3/auth2-kiosk.json b/__tests__/fixtures/version-3/auth2-kiosk.json
new file mode 100644
index 0000000000..9187902447
--- /dev/null
+++ b/__tests__/fixtures/version-3/auth2-kiosk.json
@@ -0,0 +1,69 @@
+{
+  "@context": "http://iiif.io/api/presentation/3/context.json",
+  "id": "https://iiif.io/api/cookbook/recipe/0005-image-service/manifest.json",
+  "type": "Manifest",
+  "label": {
+    "en": [
+      "A kiosk-authorized image"
+    ]
+  },
+  "items": [
+    {
+      "id": "https://iiif.io/api/cookbook/recipe/0005-image-service/canvas/p1",
+      "type": "Canvas",
+      "label": {
+        "en": [
+          "Canvas with a single IIIF image"
+        ]
+      },
+      "height": 3024,
+      "width": 4032,
+      "items": [        
+        {
+          "id": "https://iiif.io/api/cookbook/recipe/0005-image-service/page/p1/1",
+          "type": "AnnotationPage",
+          "items": [
+            {
+              "id": "https://iiif.io/api/cookbook/recipe/0005-image-service/annotation/p0001-image",
+              "type": "Annotation",
+              "motivation": "painting",
+              "body": {
+                "id": "https://iiif.io/api/image/3.0/example/reference/918ecd18c2592080851777620de9bcb5-gottingen/full/max/0/default.jpg",
+                "type": "Image",
+                "format": "image/jpeg",
+                "height": 3024,
+                "width": 4032,
+                "service": [
+                  {
+                    "id": "https://auth.example.org/probe/918ecd18c2592080851777620de9bcb5-gottingen",
+                    "type": "AuthProbeService2",
+                    "service" : [
+                      {
+                        "id": "https://auth.example.org/kiosk",
+                        "type": "AuthAccessService2",
+                        "profile": "kiosk",
+                        "label": { "en": [ "Kiosk Login" ] },
+                        "service" : [
+                          {
+                            "id": "https://auth.example.org/token/918ecd18c2592080851777620de9bcb5-gottingen",
+                            "type": "AuthAccessTokenService2"
+                          }
+                        ]
+                      }
+                    ]
+                  },
+                  {
+                    "id": "https://iiif.io/api/image/3.0/example/reference/918ecd18c2592080851777620de9bcb5-gottingen",
+                    "profile": "level1",
+                    "type": "ImageService3"
+                  }
+                ]
+              },
+              "target": "https://iiif.io/api/cookbook/recipe/0005-image-service/canvas/p1"
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
diff --git a/__tests__/src/lib/MiradorCanvas.test.js b/__tests__/src/lib/MiradorCanvas.test.js
index 5502c67746..26f4ce6b00 100644
--- a/__tests__/src/lib/MiradorCanvas.test.js
+++ b/__tests__/src/lib/MiradorCanvas.test.js
@@ -9,6 +9,8 @@ import fragmentFixtureV3 from '../../fixtures/version-3/hamilton.json';
 import audioFixture from '../../fixtures/version-3/0002-mvm-audio.json';
 import videoFixture from '../../fixtures/version-3/0015-start.json';
 import videoWithAnnoCaptions from '../../fixtures/version-3/video_with_annotation_captions.json';
+import auth2WithImage from '../../fixtures/version-3/auth2-kiosk.json';
+import auth2WithVideo from '../../fixtures/version-3/auth2-active.json';
 
 describe('MiradorCanvas', () => {
   let instance;
@@ -133,4 +135,26 @@ describe('MiradorCanvas', () => {
       expect(instance.v3VttContent.length).toEqual(1);
     });
   });
+  describe('iiifImageResources', () => {
+    it('returns image resources', () => {
+      instance = new MiradorCanvas(
+        Utils.parseManifest(auth2WithImage).getSequences()[0].getCanvases()[0],
+      );
+      expect(instance.iiifImageResources.length).toEqual(1);
+    });
+    it('returns only image resources', () => {
+      instance = new MiradorCanvas(
+        Utils.parseManifest(auth2WithVideo).getSequences()[0].getCanvases()[0],
+      );
+      expect(instance.iiifImageResources.length).toEqual(0);
+    });
+  });
+  describe('imageServiceIds', () => {
+    it('returns image service IDs', () => {
+      instance = new MiradorCanvas(
+        Utils.parseManifest(auth2WithImage).getSequences()[0].getCanvases()[0],
+      );
+      expect(instance.imageServiceIds[0]).toEqual('https://iiif.io/api/image/3.0/example/reference/918ecd18c2592080851777620de9bcb5-gottingen');
+    });
+  });
 });
diff --git a/__tests__/src/lib/typeFilters.test.js b/__tests__/src/lib/typeFilters.test.js
new file mode 100644
index 0000000000..854712d785
--- /dev/null
+++ b/__tests__/src/lib/typeFilters.test.js
@@ -0,0 +1,52 @@
+import { JSONLDResource } from 'manifesto.js';
+import { v4 as uuid } from 'uuid';
+import {
+  filterByTypes, audioResourcesFrom, anyImageServices, hasImageService,
+  iiifImageResourcesFrom, textResourcesFrom, videoResourcesFrom,
+} from '../../../src/lib/typeFilters';
+
+/**
+ */
+function resourceFixtureForProps(props) {
+  return new JSONLDResource({
+    id: uuid(),
+    ...props,
+  });
+}
+
+describe('filterByTypes', () => {
+  it('returns a resource of one type', () => {
+    const typeFixture = 'someType';
+    const resourceFixture = resourceFixtureForProps({ '@type': typeFixture });
+    expect(filterByTypes([resourceFixture], typeFixture)).toEqual([resourceFixture]);
+  });
+  it('returns a resource of any given types', () => {
+    const typeFixture = 'someType';
+    const resourceFixture = resourceFixtureForProps({ '@type': typeFixture });
+    expect(filterByTypes([resourceFixture], ['anotherType', typeFixture])).toEqual([resourceFixture]);
+  });
+});
+
+describe('audioResourcesFrom', () => {
+  it('returns a resource of audio type', () => {
+    const typeFixture = 'Audio';
+    const resourceFixture = resourceFixtureForProps({ '@type': typeFixture });
+    expect(audioResourcesFrom([resourceFixture])).toEqual([resourceFixture]);
+  });
+});
+
+describe('videoResourcesFrom', () => {
+  it('returns a resource of audio type', () => {
+    const typeFixture = 'Video';
+    const resourceFixture = resourceFixtureForProps({ '@type': typeFixture });
+    expect(videoResourcesFrom([resourceFixture])).toEqual([resourceFixture]);
+  });
+});
+
+describe('textResourcesFrom', () => {
+  it('returns a resource of audio type', () => {
+    const typeFixture = 'Document';
+    const resourceFixture = resourceFixtureForProps({ '@type': typeFixture });
+    expect(textResourcesFrom([resourceFixture])).toEqual([resourceFixture]);
+  });
+});
diff --git a/src/lib/MiradorCanvas.js b/src/lib/MiradorCanvas.js
index 6e17fad668..64ee20cecd 100644
--- a/src/lib/MiradorCanvas.js
+++ b/src/lib/MiradorCanvas.js
@@ -1,6 +1,9 @@
 import flatten from 'lodash/flatten';
 import flattenDeep from 'lodash/flattenDeep';
 import { Canvas, AnnotationPage, Annotation } from 'manifesto.js';
+import { audioResourcesFrom, iiifImageResourcesFrom, videoResourcesFrom } from './typeFilters';
+import canvasTypes from './canvasTypes';
+
 /**
  * MiradorCanvas - adds additional, testable logic around Manifesto's Canvas
  * https://iiif-commons.github.io/manifesto/classes/_canvas_.manifesto.canvas.html
@@ -64,7 +67,7 @@ export default class MiradorCanvas {
     return this.imageResources[0];
   }
 
-  /** */
+  /** Despite name, this method returns paintable resources, not just images */
   get imageResources() {
     const resources = flattenDeep([
       this.canvas.getImages().map(i => i.getResource()),
@@ -83,19 +86,12 @@ export default class MiradorCanvas {
 
   /** */
   get videoResources() {
-    const resources = flattenDeep([
-      this.canvas.getContent().map(i => i.getBody()),
-    ]);
-    return flatten(resources.filter((resource) => resource.getProperty('type') === 'Video'));
+    return videoResourcesFrom(this.imageResources);
   }
 
   /** */
   get audioResources() {
-    const resources = flattenDeep([
-      this.canvas.getContent().map(i => i.getBody()),
-    ]);
-
-    return flatten(resources.filter((resource) => resource.getProperty('type') === 'Sound'));
+    return audioResourcesFrom(this.imageResources);
   }
 
   /** */
@@ -158,13 +154,14 @@ export default class MiradorCanvas {
 
   /** */
   get iiifImageResources() {
-    return this.imageResources
-      .filter(r => r && r.getServices()[0] && r.getServices()[0].id);
+    return iiifImageResourcesFrom(this.imageResources);
   }
 
   /** */
   get imageServiceIds() {
-    return this.iiifImageResources.map(r => r.getServices()[0].id);
+    /** filter services by profile for IIIF images services */
+    const imageServiceFilter = s => canvasTypes.imageServiceProfiles.includes(s.getProfile());
+    return this.iiifImageResources.map(r => r.getServices().filter(imageServiceFilter)[0].id);
   }
 
   /**
diff --git a/src/lib/canvasTypes.js b/src/lib/canvasTypes.js
new file mode 100644
index 0000000000..2b5f3b8972
--- /dev/null
+++ b/src/lib/canvasTypes.js
@@ -0,0 +1,37 @@
+/** values for type/@type that indicate an image content resource */
+const imageTypes = ['Image', 'StillImage', 'dctypes:Image', 'dctypes:StillImage'];
+Object.freeze(imageTypes);
+
+/** values for type/@type that indicate a sound content resource */
+const audioTypes = ['Audio', 'Sound', 'dctypes:Audio', 'dctypes:Sound'];
+Object.freeze(audioTypes);
+
+/** values for type/@type that indicate a text content resource */
+const textTypes = ['Document', 'Text', 'dctypes:Document', 'dctypes:Text'];
+Object.freeze(textTypes);
+
+/** values for type/@type that indicate a video content resource */
+const videoTypes = ['Video', 'MovingImage', 'dctypes:Video', 'dctypes:MovingImage'];
+Object.freeze(videoTypes);
+
+/** values for profile that indicate an image service */
+const imageServiceProfiles = [
+  'level2',
+  'level1',
+  'level0',
+  'http://iiif.io/api/image/2/level2.json',
+  'http://iiif.io/api/image/2/level1.json',
+  'http://iiif.io/api/image/2/level0.json',
+];
+
+Object.freeze(imageServiceProfiles);
+
+const canvasTypes = {
+  audioTypes,
+  imageServiceProfiles,
+  imageTypes,
+  textTypes,
+  videoTypes,
+};
+
+export default canvasTypes;
diff --git a/src/lib/getServices.js b/src/lib/getServices.js
new file mode 100644
index 0000000000..3abf75d8fb
--- /dev/null
+++ b/src/lib/getServices.js
@@ -0,0 +1,44 @@
+import { Utils } from 'manifesto.js';
+import { filterByTypes } from './typeFilters';
+
+/**
+ */
+export function anyAuthServices(resource) {
+  return resource
+  && Utils.getServices(resource).filter(s => (s.getProfile()
+    && s.getProfile().match(/http:\/\/iiif.io\/api\/auth\//))
+      || (s.getProperty('type')
+        && s.getProperty('type').match(/^Auth.*2$/)));
+}
+
+/**
+ */
+export function getProbeService(resource) {
+  return resource
+  && (
+    Utils.getService(resource, 'http://iiif.io/api/auth/1/probe')
+    || filterByTypes(Utils.getServices(resource), 'AuthProbeService2')[0]
+  );
+}
+
+/**
+ */
+export function getTokenService(resource) {
+  return resource
+  && (
+    Utils.getService(resource, 'http://iiif.io/api/auth/1/token')
+    || Utils.getService(resource, 'http://iiif.io/api/auth/0/token')
+    || filterByTypes(Utils.getServices(resource), 'AuthAccessTokenService2')[0]
+  );
+}
+
+/**
+ */
+export function getLogoutService(resource) {
+  return resource
+  && (
+    Utils.getService(resource, 'http://iiif.io/api/auth/1/logout')
+    || Utils.getService(resource, 'http://iiif.io/api/auth/0/logout')
+    || filterByTypes(Utils.getServices(resource), 'AuthLogoutService2')[0]
+  );
+}
diff --git a/src/lib/typeFilters.js b/src/lib/typeFilters.js
new file mode 100644
index 0000000000..5a7a70ea27
--- /dev/null
+++ b/src/lib/typeFilters.js
@@ -0,0 +1,45 @@
+import canvasTypes from './canvasTypes';
+/**
+ */
+export function filterByTypes(resources, types) {
+  if (types === undefined || resources === undefined) return [];
+
+  if (!Array.isArray(types)) {
+    return resources.filter((resource) => types === resource.getProperty('type'));
+  }
+
+  return resources.filter((resource) => types.includes(resource.getProperty('type')));
+}
+
+/** */
+export function audioResourcesFrom(resources) {
+  return filterByTypes(resources, canvasTypes.audioTypes);
+}
+
+/**
+ */
+export function anyImageServices(resource) {
+  const services = resource ? resource.getServices() : [];
+  return services.filter(s => canvasTypes.imageServiceProfiles.includes(s.getProfile()));
+}
+
+/** */
+export function hasImageService(resource) {
+  const imageServices = anyImageServices(resource);
+  return imageServices[0] && imageServices[0].id;
+}
+
+/** */
+export function iiifImageResourcesFrom(resources) {
+  return filterByTypes(resources, canvasTypes.imageTypes).filter((r) => hasImageService(r));
+}
+
+/** */
+export function textResourcesFrom(resources) {
+  return filterByTypes(resources, canvasTypes.textTypes);
+}
+
+/** */
+export function videoResourcesFrom(resources) {
+  return filterByTypes(resources, canvasTypes.videoTypes);
+}

From 2ca78c728b987c7552acd9618e706df0375df2c9 Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Mon, 2 Oct 2023 13:31:19 -0400
Subject: [PATCH 2/8] add IIIF Auth2 authentication profiles to settings
 (#3789)

---
 src/config/settings.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/config/settings.js b/src/config/settings.js
index 5aa08c8f99..079ee0a598 100644
--- a/src/config/settings.js
+++ b/src/config/settings.js
@@ -374,7 +374,10 @@ export default {
       { profile: 'http://iiif.io/api/auth/0/external', external: true },
       { profile: 'http://iiif.io/api/auth/0/kiosk', kiosk: true },
       { profile: 'http://iiif.io/api/auth/0/clickthrough' },
-      { profile: 'http://iiif.io/api/auth/0/login' }
+      { profile: 'http://iiif.io/api/auth/0/login' },
+      { profile: 'external', external: true },
+      { profile: 'kiosk', kiosk: true },
+      { profile: 'active' }
     ]
   }
 };

From 9262a070a3e880b954ae9351e8385072952e3447 Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Mon, 2 Oct 2023 13:32:01 -0400
Subject: [PATCH 3/8] auth state selector should check non-image resources -
 IIIF Auth2 services will be members of a probe service - #3789

---
 __tests__/src/selectors/auth.test.js | 11 +++++++++++
 src/state/selectors/auth.js          | 19 +++++++++++++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/__tests__/src/selectors/auth.test.js b/__tests__/src/selectors/auth.test.js
index 2071e99317..b06c3f740f 100644
--- a/__tests__/src/selectors/auth.test.js
+++ b/__tests__/src/selectors/auth.test.js
@@ -1,5 +1,6 @@
 import manifestFixture001 from '../../fixtures/version-2/001.json';
 import manifestFixture019 from '../../fixtures/version-2/019.json';
+import manifestFixtureAuth2ActiveVideo from '../../fixtures/version-3/auth2-active.json';
 import settings from '../../../src/config/settings';
 import {
   getAccessTokens,
@@ -61,6 +62,9 @@ describe('selectCurrentAuthServices', () => {
       b: {
         json: manifestFixture019,
       },
+      c: {
+        json: manifestFixtureAuth2ActiveVideo,
+      },
     },
     windows: {
       noCanvas: {
@@ -84,6 +88,12 @@ describe('selectCurrentAuthServices', () => {
           'https://purl.stanford.edu/fr426cg9537/iiif/canvas/fr426cg9537_1',
         ],
       },
+      z: {
+        manifestId: 'c',
+        visibleCanvases: [
+          'https://auth.example.org/my-video1',
+        ],
+      },
     },
   };
 
@@ -93,6 +103,7 @@ describe('selectCurrentAuthServices', () => {
 
   it('returns the next auth service to try', () => {
     expect(selectCurrentAuthServices(state, { windowId: 'w' })[0].id).toEqual('external');
+    expect(selectCurrentAuthServices(state, { windowId: 'z' })[0].id).toEqual('https://auth.example.org/login');
   });
 
   it('returns the service if the next auth service is interactive', () => {
diff --git a/src/state/selectors/auth.js b/src/state/selectors/auth.js
index 7c290bfca4..d38ab255b3 100644
--- a/src/state/selectors/auth.js
+++ b/src/state/selectors/auth.js
@@ -1,6 +1,9 @@
 import { createSelector } from 'reselect';
 import { Utils } from 'manifesto.js';
 import flatten from 'lodash/flatten';
+import {
+  audioResourcesFrom, filterByTypes, textResourcesFrom, videoResourcesFrom,
+} from '../../lib/typeFilters';
 import MiradorCanvas from '../../lib/MiradorCanvas';
 import { miradorSlice } from './utils';
 import { getConfig } from './config';
@@ -48,15 +51,27 @@ export const selectCurrentAuthServices = createSelector(
       }));
     }
 
+    if (currentAuthResources.length === 0 && canvases) {
+      currentAuthResources = flatten(canvases.map(c => {
+        const miradorCanvas = new MiradorCanvas(c);
+        const canvasResources = miradorCanvas.imageResources;
+        return videoResourcesFrom(canvasResources)
+          .concat(audioResourcesFrom(canvasResources))
+          .concat(textResourcesFrom(canvasResources));
+      }));
+    }
+
     if (!currentAuthResources) return [];
     if (currentAuthResources.length === 0) return [];
 
     const currentAuthServices = currentAuthResources.map(resource => {
       let lastAttemptedService;
-      const services = Utils.getServices(resource);
+      const resourceServices = Utils.getServices(resource);
+      const probeServices = filterByTypes(resourceServices, 'AuthProbeService2');
+      const probeServiceServices = flatten(probeServices.map(p => Utils.getServices(p)));
 
       for (const authProfile of serviceProfiles) {
-        const profiledAuthServices = services.filter(
+        const profiledAuthServices = resourceServices.concat(probeServiceServices).filter(
           p => authProfile.profile === p.getProfile(),
         );
 

From 45a42fed4398e9be251b4a003849f83944637c9c Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Mon, 2 Oct 2023 14:57:59 -0400
Subject: [PATCH 4/8] look for typed services providing Auth2 token/logout
 (#3789) - DRY search routines into functions defined in getServices - all
 routines should look for Auth2 types and Auth1 profiles - include search for
 uncoducmented Auth1 implementation of explicit probe service

---
 __tests__/src/lib/getServices.test.js | 90 +++++++++++++++++++++++++++
 src/containers/IIIFAuthentication.js  | 12 +---
 src/state/sagas/auth.js               | 10 ++-
 src/state/sagas/iiif.js               |  4 +-
 4 files changed, 99 insertions(+), 17 deletions(-)
 create mode 100644 __tests__/src/lib/getServices.test.js

diff --git a/__tests__/src/lib/getServices.test.js b/__tests__/src/lib/getServices.test.js
new file mode 100644
index 0000000000..d7f4a15e99
--- /dev/null
+++ b/__tests__/src/lib/getServices.test.js
@@ -0,0 +1,90 @@
+import { v4 as uuid } from 'uuid';
+import {
+  anyAuthServices, getLogoutService, getProbeService, getTokenService,
+} from '../../../src/lib/getServices';
+
+/**
+ */
+function resourceFixtureWithService(props) {
+  return {
+    id: uuid(),
+    services: [
+      { ...props },
+    ],
+    type: 'Dataset',
+  };
+}
+
+/**
+ */
+function actualLogoutServiceId(resource) {
+  const service = getLogoutService(resource);
+  return service
+  && service.id;
+}
+
+/**
+ */
+function actualTokenServiceId(resource) {
+  const service = getTokenService(resource);
+  return service
+  && service.id;
+}
+
+/**
+ */
+function actualProbeServiceId(resource) {
+  const service = getProbeService(resource);
+  return service
+  && service.id;
+}
+
+describe('anyAuthServices', () => {
+  it('returns a filtered list', () => {
+    const serviceId = uuid();
+    const auth0 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/0/anyService' });
+    expect(anyAuthServices(auth0).length).toEqual(1);
+    const auth1 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/1/anyService' });
+    expect(anyAuthServices(auth1).length).toEqual(1);
+    const auth2 = resourceFixtureWithService({ id: serviceId, type: 'AuthAnyService2' });
+    expect(anyAuthServices(auth2).length).toEqual(1);
+    const notAuthProfile = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/not-auth/1/anyService' });
+    expect(anyAuthServices(notAuthProfile).length).toEqual(0);
+    const notAuthType = resourceFixtureWithService({ id: serviceId, type: 'NotAuthAnyService2' });
+    expect(anyAuthServices(notAuthType).length).toEqual(0);
+  });
+});
+
+describe('getLogoutService', () => {
+  it('returns a Service', () => {
+    const serviceId = uuid();
+    const auth0 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/0/logout' });
+    expect(actualLogoutServiceId(auth0)).toEqual(serviceId);
+    const auth1 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/1/logout' });
+    expect(actualLogoutServiceId(auth1)).toEqual(serviceId);
+    const auth2 = resourceFixtureWithService({ id: serviceId, type: 'AuthLogoutService2' });
+    expect(actualLogoutServiceId(auth2)).toEqual(serviceId);
+  });
+});
+
+describe('getProbeService', () => {
+  it('returns a Service', () => {
+    const serviceId = uuid();
+    const auth1 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/1/probe' });
+    expect(actualProbeServiceId(auth1)).toEqual(serviceId);
+    const auth2 = resourceFixtureWithService({ id: serviceId, type: 'AuthProbeService2' });
+    expect(actualProbeServiceId(auth2)).toEqual(serviceId);
+  });
+});
+
+describe('getTokenService', () => {
+  it('returns a Service', () => {
+    const serviceId = uuid();
+    const auth0 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/0/token' });
+    expect(actualTokenServiceId(auth0)).toEqual(serviceId);
+    const auth1 = resourceFixtureWithService({ id: serviceId, profile: 'http://iiif.io/api/auth/1/token' });
+    expect(actualTokenServiceId(auth1)).toEqual(serviceId);
+    const auth2 = resourceFixtureWithService({ id: serviceId, type: 'AuthAccessTokenService2' });
+    expect(actualTokenServiceId(auth2)).toEqual(serviceId);
+  });
+});
diff --git a/src/containers/IIIFAuthentication.js b/src/containers/IIIFAuthentication.js
index 7d51087168..bfeb27461f 100644
--- a/src/containers/IIIFAuthentication.js
+++ b/src/containers/IIIFAuthentication.js
@@ -1,8 +1,8 @@
 import { connect } from 'react-redux';
 import { compose } from 'redux';
 import { withTranslation } from 'react-i18next';
-import { Utils } from 'manifesto.js';
 import { withPlugins } from '../extend/withPlugins';
+import { getLogoutService, getTokenService } from '../lib/getServices';
 import * as actions from '../state/actions';
 import {
   getAuth,
@@ -23,14 +23,8 @@ const mapStateToProps = (state, { windowId }) => {
   // TODO: get the most actionable auth service...
   const service = services[0];
 
-  const accessTokenService = service && (
-    Utils.getService(service, 'http://iiif.io/api/auth/1/token')
-    || Utils.getService(service, 'http://iiif.io/api/auth/0/token')
-  );
-  const logoutService = service && (
-    Utils.getService(service, 'http://iiif.io/api/auth/1/logout')
-    || Utils.getService(service, 'http://iiif.io/api/auth/0/logout')
-  );
+  const accessTokenService = getTokenService(service);
+  const logoutService = getLogoutService(service);
 
   const authStatuses = getAuth(state);
   const authStatus = service && authStatuses[service.id];
diff --git a/src/state/sagas/auth.js b/src/state/sagas/auth.js
index 732a482368..7cd2eafd37 100644
--- a/src/state/sagas/auth.js
+++ b/src/state/sagas/auth.js
@@ -5,6 +5,7 @@ import { Utils } from 'manifesto.js';
 import flatten from 'lodash/flatten';
 import ActionTypes from '../actions/action-types';
 import MiradorCanvas from '../../lib/MiradorCanvas';
+import { getTokenService } from '../../lib/getServices';
 import {
   addAuthenticationRequest,
   resolveAuthenticationRequest,
@@ -52,8 +53,7 @@ export function* refetchInfoResponses({ serviceId }) {
   const haveThisTokenService = infoResponse => {
     const services = Utils.getServices(infoResponse);
     return services.some(e => {
-      const infoTokenService = Utils.getService(e, 'http://iiif.io/api/auth/1/token')
-        || Utils.getService(e, 'http://iiif.io/api/auth/0/token');
+      const infoTokenService = getTokenService(e);
       return infoTokenService && infoTokenService.id === serviceId;
     });
   };
@@ -90,8 +90,7 @@ export function* doAuthWorkflow({ infoJson, windowId }) {
     // start the auth
     yield put(addAuthenticationRequest(windowId, authService.id, authService.getProfile()));
   } else if (profileConfig.external) {
-    const tokenService = Utils.getService(authService, 'http://iiif.io/api/auth/1/token')
-      || Utils.getService(authService, 'http://iiif.io/api/auth/0/token');
+    const tokenService = getTokenService(authService);
 
     if (!tokenService) return;
     // resolve the auth
@@ -107,8 +106,7 @@ export function* rerequestOnAccessTokenFailure({ infoJson, windowId, tokenServic
 
   // make sure we have an auth service to try
   const authService = Utils.getServices(infoJson).find(service => {
-    const tokenService = Utils.getService(service, 'http://iiif.io/api/auth/1/token')
-      || Utils.getService(service, 'http://iiif.io/api/auth/0/token');
+    const tokenService = getTokenService(service);
 
     return tokenService && tokenService.id === tokenServiceId;
   });
diff --git a/src/state/sagas/iiif.js b/src/state/sagas/iiif.js
index 3a613ee934..d7a1f7115d 100644
--- a/src/state/sagas/iiif.js
+++ b/src/state/sagas/iiif.js
@@ -10,6 +10,7 @@ import {
   receiveSearch, receiveSearchFailure,
   receiveAnnotation, receiveAnnotationFailure,
 } from '../actions';
+import { getTokenService } from '../../lib/getServices';
 import {
   getManifests,
   getRequestsConfig,
@@ -128,8 +129,7 @@ function* getAccessTokenService(resource) {
 
   for (let i = 0; i < services.length; i += 1) {
     const authService = services[i];
-    const accessTokenService = Utils.getService(authService, 'http://iiif.io/api/auth/1/token')
-      || Utils.getService(authService, 'http://iiif.io/api/auth/0/token');
+    const accessTokenService = getTokenService(authService);
     const token = accessTokenService && accessTokens[accessTokenService.id];
     if (token && token.json) return token;
   }

From fc73784a54ecf36ec60de1a508b788d13e8b5c78 Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Wed, 25 Oct 2023 15:05:16 -0400
Subject: [PATCH 5/8] VideoViewer component skips resources without an id
 attribute

---
 src/components/VideoViewer.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/components/VideoViewer.js b/src/components/VideoViewer.js
index e8a3d617df..bf9ef76779 100644
--- a/src/components/VideoViewer.js
+++ b/src/components/VideoViewer.js
@@ -9,15 +9,16 @@ export class VideoViewer extends Component {
     const {
       captions, classes, videoOptions, videoResources,
     } = this.props;
+
     return (
       <div className={classes.container}>
         <video className={classes.video} {...videoOptions}>
-          {videoResources.map(video => (
+          {videoResources.filter(video => video.id).map(video => (
             <Fragment key={video.id}>
               <source src={video.id} type={video.getFormat()} />
             </Fragment>
           ))}
-          {captions.map(caption => (
+          {captions.filter(caption => caption.id).map(caption => (
             <Fragment key={caption.id}>
               <track src={caption.id} label={caption.getDefaultLabel()} srcLang={caption.getProperty('language')} />
             </Fragment>

From 477a7e09bed3010e19f67baa411eddefcfab7873 Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Wed, 25 Oct 2023 15:08:17 -0400
Subject: [PATCH 6/8] squash getServices

---
 src/lib/getServices.js | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/lib/getServices.js b/src/lib/getServices.js
index 3abf75d8fb..28ba82779d 100644
--- a/src/lib/getServices.js
+++ b/src/lib/getServices.js
@@ -11,14 +11,19 @@ export function anyAuthServices(resource) {
         && s.getProperty('type').match(/^Auth.*2$/)));
 }
 
+/**
+ */
+export function anyProbeServices(resource) {
+  return resource
+  && Utils.getServices(resource).filter(s => (s.getProfile() === 'http://iiif.io/api/auth/1/probe')
+    || (s.getProperty('type') === 'AuthProbeService2'));
+}
+
 /**
  */
 export function getProbeService(resource) {
   return resource
-  && (
-    Utils.getService(resource, 'http://iiif.io/api/auth/1/probe')
-    || filterByTypes(Utils.getServices(resource), 'AuthProbeService2')[0]
-  );
+  && anyProbeServices(resource)[0];
 }
 
 /**

From bc166cbf23e8cba755e19d28103e411de9bd368b Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Wed, 25 Oct 2023 17:19:18 -0400
Subject: [PATCH 7/8] add reducers and actions for auth2 probe responses -
 correct a spec name in accessTokens.test.js - stop refetching accessTokens if
 state has an ok true/false attribute - #3789

---
 __tests__/src/actions/probeResponse.test.js  | 52 +++++++++++
 __tests__/src/reducers/accessTokens.test.js  | 47 +++++++++-
 __tests__/src/reducers/probeResponse.test.js | 95 ++++++++++++++++++++
 src/state/actions/action-types.js            |  6 ++
 src/state/actions/index.js                   |  1 +
 src/state/actions/probeResponse.js           | 90 +++++++++++++++++++
 src/state/reducers/accessTokens.js           | 15 +++-
 src/state/reducers/index.js                  |  1 +
 src/state/reducers/probeResponses.js         | 59 ++++++++++++
 src/state/reducers/rootReducer.js            |  2 +
 10 files changed, 365 insertions(+), 3 deletions(-)
 create mode 100644 __tests__/src/actions/probeResponse.test.js
 create mode 100644 __tests__/src/reducers/probeResponse.test.js
 create mode 100644 src/state/actions/probeResponse.js
 create mode 100644 src/state/reducers/probeResponses.js

diff --git a/__tests__/src/actions/probeResponse.test.js b/__tests__/src/actions/probeResponse.test.js
new file mode 100644
index 0000000000..7c157ab35a
--- /dev/null
+++ b/__tests__/src/actions/probeResponse.test.js
@@ -0,0 +1,52 @@
+import { JSONLDResource } from 'manifesto.js';
+import * as actions from '../../../src/state/actions';
+import ActionTypes from '../../../src/state/actions/action-types';
+
+describe('probeResponse actions', () => {
+  describe('requestProbeResponse', () => {
+    it('requests a probeResponse from given a url', () => {
+      const id = 'abc123';
+      const expectedAction = {
+        probeId: id,
+        type: ActionTypes.REQUEST_PROBE_RESPONSE,
+      };
+      expect(actions.requestProbeResponse(id)).toEqual(expectedAction);
+    });
+  });
+  describe('receiveProbeResponse', () => {
+    it('receives a probeResponse', () => {
+      const id = 'abc123';
+      const json = {
+        content: 'probe service request',
+        id,
+      };
+      const expectedAction = {
+        probeId: id,
+        probeJson: json,
+        type: ActionTypes.RECEIVE_PROBE_RESPONSE,
+      };
+      expect(actions.receiveProbeResponse(id, json)).toEqual(expectedAction);
+    });
+  });
+  describe('fetchProbeResponse', () => {
+    describe('success response', () => {
+      it('dispatches the REQUEST_PROBE_RESPONSE action', () => {
+        const resource = new JSONLDResource({ services: [{ id: 'someUrl', type: 'AuthProbeService2' }] });
+        expect(actions.fetchProbeResponse({ resource })).toEqual({
+          probeId: 'someUrl',
+          resource,
+          type: 'mirador/REQUEST_PROBE_RESPONSE',
+        });
+      });
+    });
+  });
+  describe('removeProbeResponse', () => {
+    it('removes an existing probeResponse', () => {
+      const expectedAction = {
+        probeId: 'foo',
+        type: ActionTypes.REMOVE_PROBE_RESPONSE,
+      };
+      expect(actions.removeProbeResponse('foo')).toEqual(expectedAction);
+    });
+  });
+});
diff --git a/__tests__/src/reducers/accessTokens.test.js b/__tests__/src/reducers/accessTokens.test.js
index 020c450f64..03b88c924f 100644
--- a/__tests__/src/reducers/accessTokens.test.js
+++ b/__tests__/src/reducers/accessTokens.test.js
@@ -36,7 +36,7 @@ describe('access tokens response reducer', () => {
       },
     });
   });
-  it('should handle RECEIVE_INFO_RESPONSE_FAILURE', () => {
+  it('should handle RECEIVE_ACCESS_TOKEN_FAILURE', () => {
     expect(accessTokensReducer(
       {
         abc123: {
@@ -73,4 +73,49 @@ describe('access tokens response reducer', () => {
       })).toEqual({});
     });
   });
+  it('should handle RECEIVE_INFO_RESPONSE', () => {
+    expect(accessTokensReducer(
+      {
+        efg456: {
+          id: 'efg456',
+          isFetching: true,
+        },
+      },
+      {
+        infoId: 'abc123',
+        infoJson: {
+          '@type': 'sc:Manifest',
+          content: 'lots of canvases and metadata and such',
+          id: 'abc123',
+        },
+        tokenServiceId: 'efg456',
+        type: ActionTypes.RECEIVE_INFO_RESPONSE,
+      },
+    )).toMatchObject({
+      efg456: {
+        id: 'efg456',
+        success: true,
+      },
+    });
+  });
+  it('should handle RECEIVE_PROBE_RESPONSE', () => {
+    expect(accessTokensReducer(
+      {
+        efg456: {
+          id: 'efg456',
+          isFetching: true,
+        },
+      },
+      {
+        infoId: 'abc123',
+        tokenServiceId: 'efg456',
+        type: ActionTypes.RECEIVE_PROBE_RESPONSE,
+      },
+    )).toMatchObject({
+      efg456: {
+        id: 'efg456',
+        success: true,
+      },
+    });
+  });
 });
diff --git a/__tests__/src/reducers/probeResponse.test.js b/__tests__/src/reducers/probeResponse.test.js
new file mode 100644
index 0000000000..14dafe6a6b
--- /dev/null
+++ b/__tests__/src/reducers/probeResponse.test.js
@@ -0,0 +1,95 @@
+import { probeResponsesReducer } from '../../../src/state/reducers/probeResponses';
+import ActionTypes from '../../../src/state/actions/action-types';
+
+describe('probe response reducer', () => {
+  it('should handle REQUEST_PROBE_RESPONSE', () => {
+    expect(probeResponsesReducer({}, {
+      probeId: 'abc123',
+      type: ActionTypes.REQUEST_PROBE_RESPONSE,
+    })).toEqual({
+      abc123: {
+        id: 'abc123',
+        isFetching: true,
+      },
+    });
+  });
+  it('should handle RECEIVE_PROBE_RESPONSE', () => {
+    expect(probeResponsesReducer(
+      {
+        abc123: {
+          id: 'abc123',
+          isFetching: true,
+        },
+      },
+      {
+        probeId: 'abc123',
+        probeJson: {
+          '@type': 'sc:Manifest',
+          content: 'lots of canvases and metadata and such',
+          id: 'abc123',
+        },
+        tokenServiceId: 'efg456',
+        type: ActionTypes.RECEIVE_PROBE_RESPONSE,
+      },
+    )).toMatchObject({
+      abc123: {
+        id: 'abc123',
+        isFetching: false,
+        json: {},
+        tokenServiceId: 'efg456',
+      },
+    });
+  });
+  it('should handle RECEIVE_PROBE_RESPONSE_FAILURE', () => {
+    expect(probeResponsesReducer(
+      {
+        abc123: {
+          id: 'abc123',
+          isFetching: true,
+        },
+      },
+      {
+        error: "This institution didn't enable CORS.",
+        probeId: 'abc123',
+        tokenServiceId: 'efg456',
+        type: ActionTypes.RECEIVE_PROBE_RESPONSE_FAILURE,
+      },
+    )).toEqual({
+      abc123: {
+        error: "This institution didn't enable CORS.",
+        id: 'abc123',
+        isFetching: false,
+        tokenServiceId: 'efg456',
+      },
+    });
+  });
+  it('should handle REMOVE_PROBE_RESPONSE', () => {
+    expect(probeResponsesReducer(
+      {
+        abc123: {
+          id: 'abc123',
+          stuff: 'foo',
+        },
+        def456: {
+          id: 'def456',
+          stuff: 'foo',
+        },
+      },
+      {
+        probeId: 'abc123',
+        type: ActionTypes.REMOVE_PROBE_RESPONSE,
+      },
+    )).toEqual({
+      def456: {
+        id: 'def456',
+        stuff: 'foo',
+      },
+    });
+  });
+  it('should handle IMPORT_MIRADOR_STATE setting to clean state', () => {
+    expect(probeResponsesReducer({}, {
+      state: { probeResponses: { new: 'stuff' } },
+      type: ActionTypes.IMPORT_MIRADOR_STATE,
+    })).toEqual({});
+  });
+});
diff --git a/src/state/actions/action-types.js b/src/state/actions/action-types.js
index c1f1244727..1d018ef1e5 100644
--- a/src/state/actions/action-types.js
+++ b/src/state/actions/action-types.js
@@ -48,6 +48,12 @@ const ActionTypes = {
   RECEIVE_DEGRADED_INFO_RESPONSE: 'mirador/RECEIVE_DEGRADED_INFO_RESPONSE',
   RECEIVE_INFO_RESPONSE_FAILURE: 'mirador/RECEIVE_INFO_RESPONSE_FAILURE',
   REMOVE_INFO_RESPONSE: 'mirador/REMOVE_INFO_RESPONSE',
+
+  REQUEST_PROBE_RESPONSE: 'mirador/REQUEST_PROBE_RESPONSE',
+  RECEIVE_PROBE_RESPONSE: 'mirador/RECEIVE_PROBE_RESPONSE',
+  RECEIVE_DEGRADED_PROBE_RESPONSE: 'mirador/RECEIVE_DEGRADED_PROBE_RESPONSE',
+  RECEIVE_PROBE_RESPONSE_FAILURE: 'mirador/RECEIVE_PROBE_RESPONSE_FAILURE',
+  REMOVE_PROBE_RESPONSE: 'mirador/REMOVE_PROBE_RESPONSE',
   UPDATE_WORKSPACE_MOSAIC_LAYOUT: 'mirador/UPDATE_WORKSPACE_MOSAIC_LAYOUT',
   UPDATE_VIEWPORT: 'mirador/UPDATE_VIEWPORT',
   UPDATE_ELASTIC_WINDOW_LAYOUT: 'mirador/UPDATE_ELASTIC_WINDOW_LAYOUT',
diff --git a/src/state/actions/index.js b/src/state/actions/index.js
index 3526f4da1b..7bd56f4e86 100644
--- a/src/state/actions/index.js
+++ b/src/state/actions/index.js
@@ -16,3 +16,4 @@ export * from './elasticLayout';
 export * from './search';
 export * from './layers';
 export * from './catalog';
+export * from './probeResponse';
diff --git a/src/state/actions/probeResponse.js b/src/state/actions/probeResponse.js
new file mode 100644
index 0000000000..acf3592a73
--- /dev/null
+++ b/src/state/actions/probeResponse.js
@@ -0,0 +1,90 @@
+import ActionTypes from './action-types';
+import { getProbeService } from '../../lib/getServices';
+
+/**
+ * requestProbeResponse - action creator
+ *
+ * @param  {String} infoId
+ * @memberof ActionCreators
+ */
+export function requestProbeResponse(probeId, resource, windowId) {
+  return {
+    probeId,
+    resource,
+    type: ActionTypes.REQUEST_PROBE_RESPONSE,
+    windowId,
+  };
+}
+
+/**
+ * receiveProbeResponse - action creator
+ *
+ * @param  {String} infoId
+ * @param  {Object} manifestJson
+ * @memberof ActionCreators
+ */
+export function receiveProbeResponse(probeId, probeJson, ok, tokenServiceId) {
+  return {
+    ok,
+    probeId,
+    probeJson,
+    tokenServiceId,
+    type: ActionTypes.RECEIVE_PROBE_RESPONSE,
+  };
+}
+
+/**
+ * receiveDegradedProbeResponse - action creator
+ *
+ * @param  {String} infoId
+ * @param  {Object} manifestJson
+ * @memberof ActionCreators
+ */
+export function receiveDegradedProbeResponse(probeId, probeJson, ok, tokenServiceId, windowId) {
+  return {
+    ok,
+    probeId,
+    probeJson,
+    tokenServiceId,
+    type: ActionTypes.RECEIVE_DEGRADED_PROBE_RESPONSE,
+    windowId,
+  };
+}
+
+/**
+ * receiveProbeResponseFailure - action creator
+ *
+ * @param  {String} infoId
+ * @param  {String} error
+ * @memberof ActionCreators
+ */
+export function receiveProbeResponseFailure(probeId, error, tokenServiceId) {
+  return {
+    error,
+    probeId,
+    tokenServiceId,
+    type: ActionTypes.RECEIVE_PROBE_RESPONSE_FAILURE,
+  };
+}
+
+/**
+ * fetchProbeResponse - action creator
+ *
+ * @param  {String} infoId
+ * @memberof ActionCreators
+ */
+export function fetchProbeResponse({ resource, resourceId, windowId }) {
+  const probeService = resource && getProbeService(resource);
+  const probeId = (resourceId || probeService.id);
+  return requestProbeResponse(probeId, resource, windowId);
+}
+
+/**
+ * removeProbeResponse - action creator
+ *
+ * @param  {String} probeId
+ * @memberof ActionCreators
+ */
+export function removeProbeResponse(probeId) {
+  return { probeId, type: ActionTypes.REMOVE_PROBE_RESPONSE };
+}
diff --git a/src/state/reducers/accessTokens.js b/src/state/reducers/accessTokens.js
index 45f7f6ad36..d6ffde54bf 100644
--- a/src/state/reducers/accessTokens.js
+++ b/src/state/reducers/accessTokens.js
@@ -10,7 +10,7 @@ export function accessTokensReducer(state = {}, action) {
         [action.tokenServiceId]: {
           authId: action.id,
           id: action.tokenServiceId,
-          isFetching: true,
+          isFetching: !Object.hasOwn(action, 'ok'), // do not attempt to refetch resolved actions that were rejected
         },
       };
     case ActionTypes.REQUEST_ACCESS_TOKEN:
@@ -44,7 +44,18 @@ export function accessTokensReducer(state = {}, action) {
       return omit(state, action.tokenServiceId);
     case ActionTypes.RECEIVE_INFO_RESPONSE:
       if (!action.tokenServiceId) return state;
-      if (state[action.tokenServiceId].success) return state;
+      if (state[action.tokenServiceId]?.success) return state;
+
+      return {
+        ...state,
+        [action.tokenServiceId]: {
+          ...state[action.tokenServiceId],
+          success: true,
+        },
+      };
+    case ActionTypes.RECEIVE_PROBE_RESPONSE:
+      if (!action.tokenServiceId) return state;
+      if (state[action.tokenServiceId]?.success) return state;
 
       return {
         ...state,
diff --git a/src/state/reducers/index.js b/src/state/reducers/index.js
index 7e361c2203..f6ce0ae6e8 100644
--- a/src/state/reducers/index.js
+++ b/src/state/reducers/index.js
@@ -13,3 +13,4 @@ export * from './elasticLayout';
 export * from './search';
 export * from './layers';
 export * from './catalog';
+export * from './probeResponses';
diff --git a/src/state/reducers/probeResponses.js b/src/state/reducers/probeResponses.js
new file mode 100644
index 0000000000..1ceef07a8e
--- /dev/null
+++ b/src/state/reducers/probeResponses.js
@@ -0,0 +1,59 @@
+import ActionTypes from '../actions/action-types';
+
+/**
+ * probeResponsesReducer
+ */
+export const probeResponsesReducer = (state = {}, action) => {
+  switch (action.type) {
+    case ActionTypes.REQUEST_PROBE_RESPONSE:
+      return {
+        ...state,
+        [action.probeId]: {
+          id: action.probeId,
+          isFetching: true,
+        },
+      };
+    case ActionTypes.RECEIVE_PROBE_RESPONSE:
+      return {
+        ...state,
+        [action.probeId]: {
+          degraded: false,
+          id: action.probeId,
+          isFetching: false,
+          json: action.probeJson,
+          tokenServiceId: action.tokenServiceId,
+        },
+      };
+    case ActionTypes.RECEIVE_DEGRADED_PROBE_RESPONSE:
+      return {
+        ...state,
+        [action.probeId]: {
+          degraded: true,
+          id: action.probeId,
+          isFetching: false,
+          json: action.probeJson,
+          tokenServiceId: action.tokenServiceId,
+        },
+      };
+    case ActionTypes.RECEIVE_PROBE_RESPONSE_FAILURE:
+      return {
+        ...state,
+        [action.probeId]: {
+          error: action.error,
+          id: action.probeId,
+          isFetching: false,
+          tokenServiceId: action.tokenServiceId,
+        },
+      };
+    case ActionTypes.REMOVE_PROBE_RESPONSE:
+      return Object.keys(state).reduce((object, key) => {
+        if (key !== action.probeId) {
+          object[key] = state[key]; // eslint-disable-line no-param-reassign
+        }
+        return object;
+      }, {});
+    case ActionTypes.IMPORT_MIRADOR_STATE:
+      return {};
+    default: return state;
+  }
+};
diff --git a/src/state/reducers/rootReducer.js b/src/state/reducers/rootReducer.js
index c1f808ac8e..0edbe575cc 100644
--- a/src/state/reducers/rootReducer.js
+++ b/src/state/reducers/rootReducer.js
@@ -15,6 +15,7 @@ import {
   searchesReducer,
   layersReducer,
   catalogReducer,
+  probeResponsesReducer,
 } from '.';
 
 /**
@@ -35,6 +36,7 @@ export default function createRootReducer(pluginReducers) {
     infoResponses: infoResponsesReducer,
     layers: layersReducer,
     manifests: manifestsReducer,
+    probeResponses: probeResponsesReducer,
     searches: searchesReducer,
     viewers: viewersReducer,
     windows: windowsReducer,

From 0231d8e729b2dd97a7ac5e4dc1f310eea672040e Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Wed, 25 Oct 2023 17:58:21 -0400
Subject: [PATCH 8/8] Auth2 Probe responses WIP - needs specs for: -
 src/state/sagas/auth.js - src/state/sagas/iiif.js -
 src/state/sagas/windows.js - src/state/selectors/auth.js -
 src/state/selectors/canvases.js

---
 src/state/sagas/auth.js         | 57 ++++++++++++++++++++++++++++--
 src/state/sagas/iiif.js         | 42 +++++++++++++++++++----
 src/state/sagas/windows.js      | 19 ++++++++++
 src/state/selectors/auth.js     | 25 +++++---------
 src/state/selectors/canvases.js | 61 ++++++++++++++++++++++++++++++---
 5 files changed, 175 insertions(+), 29 deletions(-)

diff --git a/src/state/sagas/auth.js b/src/state/sagas/auth.js
index 7cd2eafd37..3fe5dd81d2 100644
--- a/src/state/sagas/auth.js
+++ b/src/state/sagas/auth.js
@@ -5,7 +5,7 @@ import { Utils } from 'manifesto.js';
 import flatten from 'lodash/flatten';
 import ActionTypes from '../actions/action-types';
 import MiradorCanvas from '../../lib/MiradorCanvas';
-import { getTokenService } from '../../lib/getServices';
+import { getTokenService, getProbeService } from '../../lib/getServices';
 import {
   addAuthenticationRequest,
   resolveAuthenticationRequest,
@@ -14,13 +14,14 @@ import {
 } from '../actions';
 import {
   selectInfoResponses,
+  selectProbeResponses,
   getVisibleCanvases,
   getWindows,
   getConfig,
   getAuth,
   getAccessTokens,
 } from '../selectors';
-import { fetchInfoResponse } from './iiif';
+import { fetchInfoResponse, fetchProbeResponse } from './iiif';
 
 /** */
 export function* refetchInfoResponsesOnLogout({ tokenServiceId }) {
@@ -70,6 +71,54 @@ export function* refetchInfoResponses({ serviceId }) {
   }));
 }
 
+/** */
+export function* refetchProbeResponsesOnLogout({ tokenServiceId }) {
+  // delay logout actions to give the cookie service a chance to invalidate our cookies
+  // before we reinitialize openseadragon and rerequest images.
+
+  yield delay(2000);
+  yield call(refetchProbeResponses, { serviceId: tokenServiceId });
+}
+
+/**
+ * Figure out what probe responses could have used the access token service and:
+ *   - refetch, if they are currently visible
+ *   - throw them out (and lazy re-fetch) otherwise
+ */
+export function* refetchProbeResponses({ serviceId }) {
+  const windows = yield select(getWindows);
+
+  const canvases = yield all(
+    Object.keys(windows).map(windowId => select(getVisibleCanvases, { windowId })),
+  );
+
+  const visibleProbeServiceIds = flatten(flatten(canvases).map((canvas) => {
+    const miradorCanvas = new MiradorCanvas(canvas);
+    return miradorCanvas.imageResources.filter((r) => getProbeService(r)).map((r) => getProbeService(r));
+  }));
+
+  const probeResponses = yield select(selectProbeResponses);
+  /** */
+  const haveThisTokenService = probeResponse => {
+    const services = Utils.getServices(probeResponse);
+    return services.some(e => {
+      const probeTokenService = getTokenService(e);
+      return probeTokenService && probeTokenService.id === serviceId;
+    });
+  };
+
+  const obsoleteProbeResponses = Object.values(probeResponses).filter(
+    i => i.json && haveThisTokenService(i.json),
+  );
+
+  yield all(obsoleteProbeResponses.map(({ id: probeId }) => {
+    if (visibleProbeServiceIds.includes(probeId)) {
+      return call(fetchProbeResponse, { probeId });
+    }
+    return put({ probeId, type: ActionTypes.REMOVE_PROBE_RESPONSE });
+  }));
+}
+
 /** try to start any non-interactive auth flows */
 export function* doAuthWorkflow({ infoJson, windowId }) {
   const auths = yield select(getAuth);
@@ -152,9 +201,13 @@ export function* invalidateInvalidAuth({ serviceId }) {
 export default function* authSaga() {
   yield all([
     takeEvery(ActionTypes.RECEIVE_DEGRADED_INFO_RESPONSE, rerequestOnAccessTokenFailure),
+    takeEvery(ActionTypes.RECEIVE_DEGRADED_PROBE_RESPONSE, rerequestOnAccessTokenFailure),
     takeEvery(ActionTypes.RECEIVE_ACCESS_TOKEN_FAILURE, invalidateInvalidAuth),
     takeEvery(ActionTypes.RECEIVE_DEGRADED_INFO_RESPONSE, doAuthWorkflow),
+    takeEvery(ActionTypes.RECEIVE_DEGRADED_PROBE_RESPONSE, doAuthWorkflow),
     takeEvery(ActionTypes.RECEIVE_ACCESS_TOKEN, refetchInfoResponses),
+    takeEvery(ActionTypes.RECEIVE_ACCESS_TOKEN, refetchProbeResponses),
     takeEvery(ActionTypes.RESET_AUTHENTICATION_STATE, refetchInfoResponsesOnLogout),
+    takeEvery(ActionTypes.RESET_AUTHENTICATION_STATE, refetchProbeResponsesOnLogout),
   ]);
 }
diff --git a/src/state/sagas/iiif.js b/src/state/sagas/iiif.js
index d7a1f7115d..59d44ba4c5 100644
--- a/src/state/sagas/iiif.js
+++ b/src/state/sagas/iiif.js
@@ -1,7 +1,6 @@
 import {
   all, call, put, select, takeEvery,
 } from 'redux-saga/effects';
-import { Utils } from 'manifesto.js';
 import normalizeUrl from 'normalize-url';
 import ActionTypes from '../actions/action-types';
 import {
@@ -9,13 +8,16 @@ import {
   receiveInfoResponseFailure, receiveDegradedInfoResponse,
   receiveSearch, receiveSearchFailure,
   receiveAnnotation, receiveAnnotationFailure,
+  receiveProbeResponse, receiveProbeResponseFailure,
+  receiveDegradedProbeResponse,
 } from '../actions';
-import { getTokenService } from '../../lib/getServices';
+import { anyAuthServices, getTokenService } from '../../lib/getServices';
 import {
   getManifests,
   getRequestsConfig,
   getAccessTokens,
   selectInfoResponse,
+  selectProbeResponse,
 } from '../selectors';
 
 /** */
@@ -80,10 +82,13 @@ function* fetchIiifResourceWithAuth(url, iiifResource, options, { degraded, fail
 
   const id = json['@id'] || json.id;
   if (response.ok) {
-    if (normalizeUrl(id, { stripAuthentication: false })
+    if (id && normalizeUrl(id, { stripAuthentication: false })
       === normalizeUrl(url.replace(/info\.json$/, ''), { stripAuthentication: false })) {
-      yield put(success({ json, response, tokenServiceId }));
-      return;
+      if (!json.substitute) {
+        // substitute indicates the Auth2 equivalent of a degraded response, should fall through
+        yield put(success({ json, response, tokenServiceId }));
+        return;
+      }
     }
   } else if (response.status !== 401) {
     yield put(failure({
@@ -121,7 +126,7 @@ function* getAccessTokenService(resource) {
   const manifestoCompatibleResource = resource && resource.__jsonld
     ? resource
     : { ...resource, options: {} };
-  const services = Utils.getServices(manifestoCompatibleResource).filter(s => s.getProfile().match(/http:\/\/iiif.io\/api\/auth\//));
+  const services = anyAuthServices(manifestoCompatibleResource);
   if (services.length === 0) return undefined;
 
   const accessTokens = yield select(getAccessTokens);
@@ -161,6 +166,30 @@ export function* fetchInfoResponse({ imageResource, infoId, windowId }) {
   yield call(fetchIiifResourceWithAuth, `${infoId.replace(/\/$/, '')}/info.json`, iiifResource, {}, callbacks);
 }
 
+/** @private */
+export function* fetchProbeResponse({ resource, probeId, windowId }) {
+  let iiifResource = resource;
+  if (!iiifResource) {
+    iiifResource = yield select(selectProbeResponse, { probeId });
+  }
+
+  const callbacks = {
+    degraded: ({
+      json, response, tokenServiceId,
+    }) => receiveDegradedProbeResponse(probeId, json, response.ok, tokenServiceId, windowId),
+    failure: ({
+      error, json, response, tokenServiceId,
+    }) => (
+      receiveProbeResponseFailure(probeId, error, tokenServiceId)
+    ),
+    success: ({
+      json, response, tokenServiceId,
+    }) => receiveProbeResponse(probeId, json, response.ok, tokenServiceId),
+  };
+
+  yield call(fetchIiifResourceWithAuth, probeId, iiifResource, {}, callbacks);
+}
+
 /** @private */
 export function* fetchSearchResponse({
   windowId, companionWindowId, query, searchId,
@@ -215,6 +244,7 @@ export default function* iiifSaga() {
   yield all([
     takeEvery(ActionTypes.REQUEST_MANIFEST, fetchManifest),
     takeEvery(ActionTypes.REQUEST_INFO_RESPONSE, fetchInfoResponse),
+    takeEvery(ActionTypes.REQUEST_PROBE_RESPONSE, fetchProbeResponse),
     takeEvery(ActionTypes.REQUEST_SEARCH, fetchSearchResponse),
     takeEvery(ActionTypes.REQUEST_ANNOTATION, fetchAnnotation),
     takeEvery(ActionTypes.ADD_RESOURCE, fetchResourceManifest),
diff --git a/src/state/sagas/windows.js b/src/state/sagas/windows.js
index bfcd275aaa..f0468d5609 100644
--- a/src/state/sagas/windows.js
+++ b/src/state/sagas/windows.js
@@ -4,6 +4,7 @@ import {
 import ActionTypes from '../actions/action-types';
 import MiradorManifest from '../../lib/MiradorManifest';
 import MiradorCanvas from '../../lib/MiradorCanvas';
+import { getProbeService } from '../../lib/getServices';
 import {
   setContentSearchCurrentAnnotation,
   selectAnnotation,
@@ -13,6 +14,7 @@ import {
   fetchSearch,
   receiveManifest,
   fetchInfoResponse,
+  fetchProbeResponse,
   showCollectionDialog,
 } from '../actions';
 import {
@@ -27,6 +29,7 @@ import {
   getElasticLayout,
   getCanvases,
   selectInfoResponses,
+  selectProbeResponses,
   getWindowConfig,
 } from '../selectors';
 import { fetchManifests } from './iiif';
@@ -250,6 +253,21 @@ export function* fetchInfoResponses({ visibleCanvases: visibleCanvasIds, windowI
   }));
 }
 
+/** Fetch probe responses for the visible canvases */
+export function* fetchProbeResponses({ visibleCanvases: visibleCanvasIds, windowId }) {
+  const canvases = yield select(getCanvases, { windowId });
+  const probeResponses = yield select(selectProbeResponses);
+  const visibleCanvases = (canvases || []).filter(c => visibleCanvasIds.includes(c.id));
+
+  yield all(visibleCanvases.map((canvas) => {
+    const miradorCanvas = new MiradorCanvas(canvas);
+    return all(miradorCanvas.imageResources.filter((r) => getProbeService(r)).map(resource => (
+      !probeResponses[getProbeService(resource).id]
+        && put(fetchProbeResponse({ resource, windowId }))
+    )).filter(Boolean));
+  }));
+}
+
 /** */
 export function* determineAndShowCollectionDialog(manifestId, windowId) {
   const manifestoInstance = yield select(getManifestoInstance, { manifestId });
@@ -266,6 +284,7 @@ export default function* windowsSaga() {
     takeEvery(ActionTypes.UPDATE_WINDOW, setCanvasOnNewSequence),
     takeEvery(ActionTypes.SET_CANVAS, setCurrentAnnotationsOnCurrentCanvas),
     takeEvery(ActionTypes.SET_CANVAS, fetchInfoResponses),
+    takeEvery(ActionTypes.SET_CANVAS, fetchProbeResponses),
     takeEvery(ActionTypes.UPDATE_COMPANION_WINDOW, fetchCollectionManifests),
     takeEvery(ActionTypes.SET_WINDOW_VIEW_TYPE, updateVisibleCanvases),
     takeEvery(ActionTypes.RECEIVE_SEARCH, setCanvasOfFirstSearchResult),
diff --git a/src/state/selectors/auth.js b/src/state/selectors/auth.js
index d38ab255b3..2fde29e4c4 100644
--- a/src/state/selectors/auth.js
+++ b/src/state/selectors/auth.js
@@ -1,13 +1,14 @@
 import { createSelector } from 'reselect';
 import { Utils } from 'manifesto.js';
 import flatten from 'lodash/flatten';
+import { anyProbeServices } from '../../lib/getServices';
 import {
-  audioResourcesFrom, filterByTypes, textResourcesFrom, videoResourcesFrom,
+  audioResourcesFrom, iiifImageResourcesFrom, textResourcesFrom, videoResourcesFrom,
 } from '../../lib/typeFilters';
 import MiradorCanvas from '../../lib/MiradorCanvas';
 import { miradorSlice } from './utils';
 import { getConfig } from './config';
-import { getVisibleCanvases, selectInfoResponses } from './canvases';
+import { getVisibleCanvases, selectInfoResponses, selectProbeResponses } from './canvases';
 
 export const getAuthProfiles = createSelector(
   [
@@ -26,19 +27,19 @@ export const selectCurrentAuthServices = createSelector(
   [
     getVisibleCanvases,
     selectInfoResponses,
+    selectProbeResponses,
     getAuthProfiles,
     getAuth,
     (state, { iiifResources }) => iiifResources,
   ],
-  (canvases, infoResponses = {}, serviceProfiles, auth, iiifResources) => {
+  (canvases, infoResponses = {}, probeResponses = {}, serviceProfiles, auth, iiifResources) => {
     let currentAuthResources = iiifResources;
 
     if (!currentAuthResources && canvases) {
       currentAuthResources = flatten(canvases.map(c => {
         const miradorCanvas = new MiradorCanvas(c);
-        const images = miradorCanvas.iiifImageResources;
-
-        return images.map(i => {
+        const canvasResources = miradorCanvas.imageResources;
+        const authResources = iiifImageResourcesFrom(canvasResources).map(i => {
           const iiifImageService = i.getServices()[0];
 
           const infoResponse = infoResponses[iiifImageService.id];
@@ -48,14 +49,7 @@ export const selectCurrentAuthServices = createSelector(
 
           return iiifImageService;
         });
-      }));
-    }
-
-    if (currentAuthResources.length === 0 && canvases) {
-      currentAuthResources = flatten(canvases.map(c => {
-        const miradorCanvas = new MiradorCanvas(c);
-        const canvasResources = miradorCanvas.imageResources;
-        return videoResourcesFrom(canvasResources)
+        return authResources.concat(videoResourcesFrom(canvasResources))
           .concat(audioResourcesFrom(canvasResources))
           .concat(textResourcesFrom(canvasResources));
       }));
@@ -67,7 +61,7 @@ export const selectCurrentAuthServices = createSelector(
     const currentAuthServices = currentAuthResources.map(resource => {
       let lastAttemptedService;
       const resourceServices = Utils.getServices(resource);
-      const probeServices = filterByTypes(resourceServices, 'AuthProbeService2');
+      const probeServices = anyProbeServices(resource);
       const probeServiceServices = flatten(probeServices.map(p => Utils.getServices(p)));
 
       for (const authProfile of serviceProfiles) {
@@ -91,7 +85,6 @@ export const selectCurrentAuthServices = createSelector(
       if (service && !h[service.id]) {
         h[service.id] = service; // eslint-disable-line no-param-reassign
       }
-
       return h;
     }, {}));
   },
diff --git a/src/state/selectors/canvases.js b/src/state/selectors/canvases.js
index 7cfa0c044c..f7751687ac 100644
--- a/src/state/selectors/canvases.js
+++ b/src/state/selectors/canvases.js
@@ -1,15 +1,21 @@
 import { createSelector } from 'reselect';
 import flatten from 'lodash/flatten';
+import { Resource } from 'manifesto.js';
 import CanvasGroupings from '../../lib/CanvasGroupings';
 import MiradorCanvas from '../../lib/MiradorCanvas';
 import { miradorSlice } from './utils';
 import { getWindow } from './getters';
 import { getSequence } from './sequences';
 import { getWindowViewType } from './windows';
+import { getProbeService } from '../../lib/getServices';
+import { anyImageServices } from '../../lib/typeFilters';
 
 /** */
 export const selectInfoResponses = state => miradorSlice(state).infoResponses;
 
+/** */
+export const selectProbeResponses = state => miradorSlice(state).probeResponses;
+
 export const getCanvases = createSelector(
   [getSequence],
   sequence => (sequence && sequence.getCanvases()) || [],
@@ -175,21 +181,42 @@ export const getCanvasDescription = createSelector(
   canvas => canvas && canvas.getProperty('description'),
 );
 
+/** */
+const probeReplacements = (resources, probeResponses) => {
+  if (!probeResponses) return resources;
+
+  return resources.map((r) => {
+    const probeService = getProbeService(r);
+    const probeServiceId = probeService && probeService.id;
+    const probeResponse = probeServiceId && probeResponses[probeServiceId];
+    if (!probeResponse || probeResponse.isFetching) return r;
+
+    const probeContentUrl = probeResponse.json && (probeResponse.json.location || probeResponse.json.substitute);
+    const probeReplacedProperties = {};
+    if (probeContentUrl) {
+      probeReplacedProperties.id = probeContentUrl;
+      if (probeResponse.json.format) probeReplacedProperties.format = probeResponse.json.format;
+    }
+    return new Resource({ ...r.__jsonld, ...probeReplacedProperties }, r.options);
+  });
+};
+
 export const getVisibleCanvasNonTiledResources = createSelector(
   [
     getVisibleCanvases,
   ],
   canvases => flatten(canvases
     .map(canvas => new MiradorCanvas(canvas).imageResources))
-    .filter(resource => resource.getServices().length < 1),
+    .filter(resource => anyImageServices(resource).length < 1),
 );
 
 export const getVisibleCanvasVideoResources = createSelector(
   [
     getVisibleCanvases,
+    selectProbeResponses,
   ],
-  canvases => flatten(canvases
-    .map(canvas => new MiradorCanvas(canvas).videoResources)),
+  (canvases, probeResponses) => flatten(canvases
+    .map(canvas => probeReplacements(new MiradorCanvas(canvas).videoResources, probeResponses))),
 );
 
 export const getVisibleCanvasCaptions = createSelector(
@@ -207,9 +234,10 @@ export const getVisibleCanvasCaptions = createSelector(
 export const getVisibleCanvasAudioResources = createSelector(
   [
     getVisibleCanvases,
+    selectProbeResponses,
   ],
-  canvases => flatten(canvases
-    .map(canvas => new MiradorCanvas(canvas).audioResources)),
+  (canvases, probeResponses) => flatten(canvases
+    .map(canvas => probeReplacements(new MiradorCanvas(canvas).audioResources, probeResponses))),
 );
 
 export const selectInfoResponse = createSelector(
@@ -233,3 +261,26 @@ export const selectInfoResponse = createSelector(
     && infoResponses[iiifServiceId];
   },
 );
+
+export const selectProbeResponse = createSelector(
+  [
+    (state, { probeId }) => probeId,
+    getCanvas,
+    selectProbeResponses,
+  ],
+  (probeId, canvas, probeResponses) => {
+    let probeServiceId = probeId;
+
+    if (!probeServiceId) {
+      if (!canvas) return undefined;
+      const miradorCanvas = new MiradorCanvas(canvas);
+      const contentResource = miradorCanvas.imageResources[0];
+      const probeService = getProbeService(contentResource);
+      probeServiceId = probeService && probeService.id;
+    }
+
+    return probeServiceId && probeResponses[probeServiceId]
+    && !probeResponses[probeServiceId].isFetching
+    && probeResponses[probeServiceId];
+  },
+);