@ahoo-wang/fetcher-cosec 3.4.6 → 3.5.1

package/dist/index.es.js

@@ -1,11 +1,11 @@
 import { REQUEST_BODY_INTERCEPTOR_ORDER as w, FetcherError as D, ResultExtractors as U } from "@ahoo-wang/fetcher";
 import { nanoid as y } from "nanoid";
 import { KeyStorage as f, typedIdentitySerializer as C } from "@ahoo-wang/fetcher-storage";
-import { BroadcastTypedEventBus as O, SerialTypedEventBus as _ } from "@ahoo-wang/fetcher-eventbus";
+import { BroadcastTypedEventBus as O, SerialTypedEventBus as g } from "@ahoo-wang/fetcher-eventbus";
 const a = class a {
 };
 a.DEVICE_ID = "CoSec-Device-Id", a.APP_ID = "CoSec-App-Id", a.AUTHORIZATION = "Authorization", a.REQUEST_ID = "CoSec-Request-Id";
-let n = a;
+let o = a;
 const u = class u {
 };
 u.UNAUTHORIZED = 401, u.FORBIDDEN = 403;
@@ -27,14 +27,14 @@ class m {
     return y();
   }
 }
-const N = new m(), b = "CoSecRequestInterceptor", g = w + 1e3, k = "Ignore-Refresh-Token";
+const _ = new m(), b = "CoSecRequestInterceptor", N = w + 1e3, k = "Ignore-Refresh-Token";
 class M {
   /**
    * Creates a new CoSecRequestInterceptor instance.
    * @param options - The CoSec configuration options including appId, deviceIdStorage, and tokenManager
    */
   constructor(e) {
-    this.name = b, this.order = g, this.options = e;
+    this.name = b, this.order = N, this.options = e;
   }
   /**
    * Intercept requests to add CoSec authentication headers.
@@ -59,11 +59,11 @@ class M {
    * It will attempt to refresh the token before adding the Authorization header to the request.
    */
   async intercept(e) {
-    const t = N.generateId(), r = this.options.deviceIdStorage.getOrCreate(), o = e.ensureRequestHeaders();
-    o[n.APP_ID] = this.options.appId, o[n.DEVICE_ID] = r, o[n.REQUEST_ID] = t;
+    const t = _.generateId(), r = this.options.deviceIdStorage.getOrCreate(), n = e.ensureRequestHeaders();
+    n[o.APP_ID] = this.options.appId, n[o.DEVICE_ID] = r, n[o.REQUEST_ID] = t;
   }
 }
-const z = "AuthorizationRequestInterceptor", q = g + 1e3;
+const z = "AuthorizationRequestInterceptor", q = N + 1e3;
 class v {
   /**
    * Creates an AuthorizationRequestInterceptor instance.
@@ -87,7 +87,7 @@ class v {
   async intercept(e) {
     let t = this.options.tokenManager.currentToken;
     const r = e.ensureRequestHeaders();
-    !t || r[n.AUTHORIZATION] || (!e.attributes.has(k) && t.isRefreshNeeded && t.isRefreshable && await this.options.tokenManager.refresh(), t = this.options.tokenManager.currentToken, t && (r[n.AUTHORIZATION] = `Bearer ${t.access.token}`));
+    !t || r[o.AUTHORIZATION] || (!e.attributes.has(k) && t.isRefreshNeeded && t.isRefreshable && await this.options.tokenManager.refresh(), t = this.options.tokenManager.currentToken, t && (r[o.AUTHORIZATION] = `Bearer ${t.access.token}`));
   }
 }
 const F = "AuthorizationResponseInterceptor", K = Number.MIN_SAFE_INTEGER + 1e3;
@@ -118,7 +118,7 @@ class H extends f {
   constructor({
     key: e = p,
     eventBus: t = new O({
-      delegate: new _(p)
+      delegate: new g(p)
     }),
     ...r
   } = {}) {
@@ -130,7 +130,7 @@ class H extends f {
    * @returns A newly generated device ID
    */
   generateDeviceId() {
-    return N.generateId();
+    return _.generateId();
   }
   /**
    * Get or create a device ID.
@@ -142,8 +142,8 @@ class H extends f {
     return e || (e = this.generateDeviceId(), this.set(e)), e;
   }
 }
-const Z = "ForbiddenErrorInterceptor", J = 0;
-class Q {
+const Z = "ForbiddenErrorInterceptor", x = 0;
+class J {
   /**
    * Creates a new ForbiddenErrorInterceptor instance.
    *
@@ -162,7 +162,7 @@ class Q {
    * ```
    */
   constructor(e) {
-    this.options = e, this.name = Z, this.order = J;
+    this.options = e, this.name = Z, this.order = x;
   }
   /**
    * Intercepts fetch exchanges to detect and handle forbidden (403) responses.
@@ -209,7 +209,7 @@ class E extends D {
     super("Refresh token failed.", t), this.token = e, this.name = "RefreshTokenError", Object.setPrototypeOf(this, E.prototype);
   }
 }
-class x {
+class Q {
   /**
    * Creates a new JwtTokenManager instance
    * @param tokenStorage The storage used to persist tokens
@@ -282,12 +282,12 @@ class V {
     const r = t.access.payload;
     if (!r || !r.tenantId && !r.sub)
       return;
-    const o = e.fetcher.urlBuilder.urlTemplateResolver.extractPathParams(
+    const n = e.fetcher.urlBuilder.urlTemplateResolver.extractPathParams(
       e.request.url
-    ), c = this.tenantIdPathKey, i = e.ensureRequestUrlParams().path, d = r.tenantId;
-    d && o.includes(c) && !i[c] && (i[c] = d);
-    const R = this.ownerIdPathKey, I = r.sub;
-    I && o.includes(R) && !i[R] && (i[R] = I);
+    ), c = this.tenantIdPathKey, i = e.ensureRequestUrlParams().path, R = r.tenantId;
+    R && n.includes(c) && !i[c] && (i[c] = R);
+    const d = this.ownerIdPathKey, I = r.sub;
+    I && n.includes(d) && !i[d] && (i[d] = I);
   }
 }
 function S(s) {
@@ -297,11 +297,11 @@ function S(s) {
     const e = s.split(".");
     if (e.length !== 3)
       return null;
-    const r = e[1].replace(/-/g, "+").replace(/_/g, "/"), o = r.padEnd(
+    const r = e[1].replace(/-/g, "+").replace(/_/g, "/"), n = r.padEnd(
       r.length + (4 - r.length % 4) % 4,
       "="
     ), c = decodeURIComponent(
-      atob(o).split("").map(function(i) {
+      atob(n).split("").map(function(i) {
         return "%" + ("00" + i.charCodeAt(0).toString(16)).slice(-2);
       }).join("")
     );
@@ -319,14 +319,27 @@ function W(s, e = 0) {
 }
 class T {
   /**
-   * Creates a new JwtToken instance
+   * Creates a new JwtToken instance.
+   *
+   * Parses the JWT token string to extract the payload and stores the early period
+   * for expiration checks.
+   *
+   * @param token The raw JWT token string to parse
+   * @param earlyPeriod The early expiration period in milliseconds (default: 0).
+   *                   Tokens are considered expired this many milliseconds before their actual expiration time.
+   *
+   * @throws Will not throw but payload will be null if token parsing fails
    */
   constructor(e, t = 0) {
     this.token = e, this.earlyPeriod = t, this.payload = S(e);
   }
   /**
-   * Checks if the token is expired
-   * @returns true if the token is expired, false otherwise
+   * Checks if the token is expired.
+   *
+   * Considers both the token's expiration time and the early period.
+   * Returns true if the payload is null (parsing failed) or if the token is expired.
+   *
+   * @returns true if the token is expired or invalid, false otherwise
    */
   get isExpired() {
     return this.payload ? W(this.payload, this.earlyPeriod) : !0;
@@ -334,41 +347,69 @@ class T {
 }
 class A {
   /**
-   * Creates a new JwtCompositeToken instance
+   * Creates a new JwtCompositeToken instance.
+   *
+   * Initializes both access and refresh token instances with the provided early period.
+   *
+   * @param token The composite token containing access and refresh token strings
+   * @param earlyPeriod The early expiration period in milliseconds (default: 0)
    */
   constructor(e, t = 0) {
     this.token = e, this.earlyPeriod = t, this.access = new T(e.accessToken, t), this.refresh = new T(e.refreshToken, t);
   }
   /**
-   * Checks if the access token needs to be refreshed
+   * Checks if the access token needs to be refreshed.
+   *
    * @returns true if the access token is expired, false otherwise
    */
   get isRefreshNeeded() {
     return this.access.isExpired;
   }
   /**
-   * Checks if the refresh token is still valid and can be used to refresh the access token
+   * Checks if the refresh token is still valid and can be used to refresh the access token.
+   *
    * @returns true if the refresh token is not expired, false otherwise
    */
   get isRefreshable() {
     return !this.refresh.isExpired;
   }
+  /**
+   * Checks if the user is currently authenticated (access token is valid).
+   *
+   * @returns true if the access token is not expired, false otherwise
+   */
+  get authenticated() {
+    return !this.access.isExpired;
+  }
 }
 class P {
+  /**
+   * Creates a new JwtCompositeTokenSerializer instance.
+   *
+   * @param earlyPeriod The early expiration period in milliseconds to use for deserialized tokens (default: 0)
+   */
   constructor(e = 0) {
     this.earlyPeriod = e;
   }
   /**
-   * Deserializes a JSON string to a JwtCompositeToken
+   * Deserializes a JSON string to a JwtCompositeToken.
+   *
+   * Parses the JSON string and creates a new JwtCompositeToken instance with the stored tokens.
+   *
    * @param value The JSON string representation of a composite token
    * @returns A JwtCompositeToken instance
+   * @throws SyntaxError if the JSON string is invalid
+   * @throws Error if the parsed object doesn't match the expected CompositeToken structure
    */
   deserialize(e) {
     const t = JSON.parse(e);
     return new A(t, this.earlyPeriod);
   }
   /**
-   * Serializes a JwtCompositeToken to a JSON string
+   * Serializes a JwtCompositeToken to a JSON string.
+   *
+   * Converts the composite token to a JSON string for storage.
+   *
    * @param value The JwtCompositeToken to serialize
    * @returns A JSON string representation of the composite token
    */
@@ -378,24 +419,66 @@ class P {
 }
 const ae = new P(), l = "cosec-token";
 class X extends f {
+  /**
+   * Creates a new TokenStorage instance.
+   * @param options - Configuration options for the token storage.
+   * @param options.key - The storage key for tokens. Defaults to DEFAULT_COSEC_TOKEN_KEY.
+   * @param options.eventBus - Event bus for token change notifications. Defaults to a BroadcastTypedEventBus with SerialTypedEventBus delegate.
+   * @param options.earlyPeriod - Early period for token refresh in milliseconds. Defaults to 0.
+   * @param reset - Additional options passed to KeyStorage.
+   */
   constructor({
     key: e = l,
     eventBus: t = new O({
-      delegate: new _(l)
+      delegate: new g(l)
     }),
     earlyPeriod: r = 0,
-    ...o
+    ...n
   } = {}) {
     super({
       key: e,
       eventBus: t,
-      ...o,
+      ...n,
       serializer: new P(r)
     }), this.earlyPeriod = r;
   }
+  /**
+   * Sets a composite token in storage.
+   * Converts the composite token to a JwtCompositeToken and stores it.
+   * @deprecated Use signIn() instead for better semantic clarity.
+   * @param compositeToken - The composite token containing access and refresh tokens.
+   */
   setCompositeToken(e) {
+    this.signIn(e);
+  }
+  /**
+   * Signs in by storing the composite token.
+   * @param compositeToken - The composite token to store for authentication.
+   */
+  signIn(e) {
     this.set(new A(e, this.earlyPeriod));
   }
+  /**
+   * Signs out by removing the stored token.
+   * Clears the token from storage.
+   */
+  signOut() {
+    this.remove();
+  }
+  /**
+   * Checks if the user is authenticated.
+   * @returns true if a valid token is present and authenticated, false otherwise.
+   */
+  get authenticated() {
+    return this.get()?.authenticated === !0;
+  }
+  /**
+   * Gets the current user's JWT payload.
+   * @returns The JWT payload of the current user if authenticated, null otherwise.
+   */
+  get currentUser() {
+    return this.authenticated ? this.get()?.access.payload ?? null : null;
+  }
 }
 const $ = "UnauthorizedErrorInterceptor", ee = 0;
 class te {
@@ -461,7 +544,7 @@ class ce {
    * ```
    */
   constructor(e) {
-    this.config = e, this.tokenStorage = e.tokenStorage ?? new X(), this.deviceIdStorage = e.deviceIdStorage ?? new H(), e.tokenRefresher && (this.tokenManager = new x(
+    this.config = e, this.tokenStorage = e.tokenStorage ?? new X(), this.deviceIdStorage = e.deviceIdStorage ?? new H(), e.tokenRefresher && (this.tokenManager = new Q(
       this.tokenStorage,
       e.tokenRefresher
     ));
@@ -522,7 +605,7 @@ class ce {
         onUnauthorized: this.config.onUnauthorized
       })
     ), this.config.onForbidden && e.interceptors.error.use(
-      new Q({
+      new J({
         onForbidden: this.config.onForbidden
       })
     );
@@ -602,22 +685,22 @@ export {
   B as AuthorizationResponseInterceptor,
   ie as AuthorizeResults,
   b as COSEC_REQUEST_INTERCEPTOR_NAME,
-  g as COSEC_REQUEST_INTERCEPTOR_ORDER,
+  N as COSEC_REQUEST_INTERCEPTOR_ORDER,
   ce as CoSecConfigurer,
-  n as CoSecHeaders,
+  o as CoSecHeaders,
   M as CoSecRequestInterceptor,
   he as CoSecTokenRefresher,
   p as DEFAULT_COSEC_DEVICE_ID_KEY,
   l as DEFAULT_COSEC_TOKEN_KEY,
   H as DeviceIdStorage,
   Z as FORBIDDEN_ERROR_INTERCEPTOR_NAME,
-  J as FORBIDDEN_ERROR_INTERCEPTOR_ORDER,
-  Q as ForbiddenErrorInterceptor,
+  x as FORBIDDEN_ERROR_INTERCEPTOR_ORDER,
+  J as ForbiddenErrorInterceptor,
   k as IGNORE_REFRESH_TOKEN_ATTRIBUTE_KEY,
   A as JwtCompositeToken,
   P as JwtCompositeTokenSerializer,
   T as JwtToken,
-  x as JwtTokenManager,
+  Q as JwtTokenManager,
   m as NanoIdGenerator,
   j as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_NAME,
   G as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_ORDER,
@@ -628,7 +711,7 @@ export {
   $ as UNAUTHORIZED_ERROR_INTERCEPTOR_NAME,
   ee as UNAUTHORIZED_ERROR_INTERCEPTOR_ORDER,
   te as UnauthorizedErrorInterceptor,
-  N as idGenerator,
+  _ as idGenerator,
   W as isTokenExpired,
   ae as jwtCompositeTokenSerializer,
   S as parseJwtPayload