@authly/sdk 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -20,9 +20,13 @@ declare class AuthlyClient {
|
|
|
20
20
|
*/
|
|
21
21
|
private readonly serviceId;
|
|
22
22
|
/**
|
|
23
|
-
* @summary The issuer of the client.
|
|
23
|
+
* @summary The issuer of the client (for validation).
|
|
24
24
|
*/
|
|
25
25
|
private readonly issuer;
|
|
26
|
+
/**
|
|
27
|
+
* @summary The base URL for relative paths.
|
|
28
|
+
*/
|
|
29
|
+
private readonly baseUrl;
|
|
26
30
|
/**
|
|
27
31
|
* @summary The resolved authorize endpoint URL.
|
|
28
32
|
*/
|
|
@@ -3,7 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.AuthlyClient = void 0;
|
|
4
4
|
const jose_1 = require("jose");
|
|
5
5
|
const JWTVerifier_1 = require("../internal/JWTVerifier");
|
|
6
|
-
const HttpClient_1 = require("../internal/HttpClient");
|
|
7
6
|
const PKCEUtils_1 = require("../internal/PKCEUtils");
|
|
8
7
|
const AuthlyConfiguration_1 = require("../configuration/AuthlyConfiguration");
|
|
9
8
|
/**
|
|
@@ -23,9 +22,13 @@ class AuthlyClient {
|
|
|
23
22
|
*/
|
|
24
23
|
serviceId;
|
|
25
24
|
/**
|
|
26
|
-
* @summary The issuer of the client.
|
|
25
|
+
* @summary The issuer of the client (for validation).
|
|
27
26
|
*/
|
|
28
27
|
issuer;
|
|
28
|
+
/**
|
|
29
|
+
* @summary The base URL for relative paths.
|
|
30
|
+
*/
|
|
31
|
+
baseUrl;
|
|
29
32
|
/**
|
|
30
33
|
* @summary The resolved authorize endpoint URL.
|
|
31
34
|
*/
|
|
@@ -56,6 +59,7 @@ class AuthlyClient {
|
|
|
56
59
|
*/
|
|
57
60
|
constructor(options) {
|
|
58
61
|
this.issuer = options.issuer.replace(/\/$/, "");
|
|
62
|
+
this.baseUrl = (options.baseUrl || this.issuer).replace(/\/$/, "");
|
|
59
63
|
this.serviceId = options.serviceId;
|
|
60
64
|
this.redirectUri = options.redirectUri;
|
|
61
65
|
this.storage = options.storage;
|
|
@@ -82,7 +86,7 @@ class AuthlyClient {
|
|
|
82
86
|
if (pathOrUrl.startsWith("http://") || pathOrUrl.startsWith("https://")) {
|
|
83
87
|
return pathOrUrl;
|
|
84
88
|
}
|
|
85
|
-
return `${this.
|
|
89
|
+
return `${this.baseUrl}${pathOrUrl}`;
|
|
86
90
|
}
|
|
87
91
|
/**
|
|
88
92
|
* @summary Prepares the authorization request, stores PKCE state, and returns the URL.
|
|
@@ -194,18 +198,26 @@ class AuthlyClient {
|
|
|
194
198
|
if (refreshToken) {
|
|
195
199
|
body.refresh_token = refreshToken;
|
|
196
200
|
}
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
201
|
+
try {
|
|
202
|
+
const response = await fetch(url, {
|
|
203
|
+
method: "POST",
|
|
204
|
+
headers: {
|
|
205
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
|
206
|
+
Accept: "application/json",
|
|
207
|
+
},
|
|
208
|
+
body: new URLSearchParams(body).toString(),
|
|
209
|
+
credentials: "include",
|
|
210
|
+
});
|
|
211
|
+
if (!response.ok) {
|
|
212
|
+
return null;
|
|
213
|
+
}
|
|
214
|
+
const data = (await response.json());
|
|
215
|
+
await this.setSession(data);
|
|
216
|
+
return data.access_token;
|
|
217
|
+
}
|
|
218
|
+
catch {
|
|
205
219
|
return null;
|
|
206
220
|
}
|
|
207
|
-
await this.setSession(response.data);
|
|
208
|
-
return response.data.access_token;
|
|
209
221
|
}
|
|
210
222
|
/**
|
|
211
223
|
* @summary Fetches the user profile from the userinfo endpoint.
|
|
@@ -217,12 +229,26 @@ class AuthlyClient {
|
|
|
217
229
|
if (!token)
|
|
218
230
|
return null;
|
|
219
231
|
const fetchInfo = async (currentBuffer) => {
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
232
|
+
try {
|
|
233
|
+
const response = await fetch(this.userInfoEndpoint, {
|
|
234
|
+
method: "GET",
|
|
235
|
+
headers: {
|
|
236
|
+
Authorization: `Bearer ${currentBuffer}`,
|
|
237
|
+
Accept: "application/json",
|
|
238
|
+
},
|
|
239
|
+
credentials: "include",
|
|
240
|
+
});
|
|
241
|
+
if (!response.ok)
|
|
242
|
+
return {
|
|
243
|
+
success: false,
|
|
244
|
+
error: { code: response.status === 401 ? "UNAUTHORIZED" : "ERROR", message: "Failed" },
|
|
245
|
+
};
|
|
246
|
+
const data = await response.json();
|
|
247
|
+
return { success: true, data: data, message: "OK" };
|
|
248
|
+
}
|
|
249
|
+
catch (e) {
|
|
250
|
+
return { success: false, error: { code: "ERROR", message: String(e) } };
|
|
251
|
+
}
|
|
226
252
|
};
|
|
227
253
|
let response = await fetchInfo(token);
|
|
228
254
|
// If unauthorized (401), try to refresh token once
|
|
@@ -288,17 +314,21 @@ class AuthlyClient {
|
|
|
288
314
|
if (codeVerifier) {
|
|
289
315
|
body.code_verifier = codeVerifier;
|
|
290
316
|
}
|
|
291
|
-
const response = await
|
|
317
|
+
const response = await fetch(url, {
|
|
318
|
+
method: "POST",
|
|
292
319
|
headers: {
|
|
293
320
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
321
|
+
Accept: "application/json",
|
|
294
322
|
},
|
|
295
323
|
body: new URLSearchParams(body).toString(),
|
|
296
324
|
credentials: "include",
|
|
297
325
|
});
|
|
298
|
-
if (!response.
|
|
299
|
-
|
|
326
|
+
if (!response.ok) {
|
|
327
|
+
const text = await response.text();
|
|
328
|
+
throw new Error(`Failed to exchange code for token: ${response.status} ${text}`);
|
|
300
329
|
}
|
|
301
|
-
|
|
330
|
+
const data = await response.json();
|
|
331
|
+
return data;
|
|
302
332
|
}
|
|
303
333
|
/**
|
|
304
334
|
* @summary Verify a JWT token and return its decoded claims.
|