npm - @deque/axe-auth - Versions diffs - 1.1.0-next.721c7626 → 1.1.0-next.7469dec9 - Mend

@deque/axe-auth 1.1.0-next.721c7626 → 1.1.0-next.7469dec9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/oauth/refreshTokens.js +3 -2
package/dist/oauth/retry.d.ts +1 -0
package/dist/oauth/retry.js +49 -0
package/dist/oauth/revokeToken.js +3 -2
package/dist/oauth/tokenExchange.js +3 -2
package/package.json +1 -1

package/dist/oauth/refreshTokens.js CHANGED Viewed

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.refreshTokens = refreshTokens;
 const errors_1 = require("./errors");
+const retry_1 = require("./retry");
 const tokenResponse_1 = require("./tokenResponse");
 const userAgent_1 = require("../userAgent");
 /**
@@ -31,11 +32,11 @@ async function refreshTokens(options) {
         grant_type: "refresh_token",
         client_id: options.clientId,
         refresh_token: options.refreshToken,
-    });
+    }).toString();
     const issuedAt = now();
     let response;
     try {
-        response = await fetch(options.tokenEndpoint, {
+        response = await (0, retry_1.fetchWithRetry)(options.tokenEndpoint, {
             method: "POST",
             headers: {
                 "Content-Type": "application/x-www-form-urlencoded",

package/dist/oauth/retry.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare function fetchWithRetry(input: RequestInfo \| URL, init?: RequestInit): Promise<Response>;

package/dist/oauth/retry.js ADDED Viewed

@@ -0,0 +1,49 @@
+"use strict";
+// undici's `RetryAgent` cannot retry POSTs through `fetch()` — its retry
+// handler aborts once the fetch ReadableStream body is consumed. Re-invoking
+// `fetch()` per attempt with a string body sidesteps that. POST replay is
+// safe for our OAuth endpoints by spec: single-use codes (RFC 6749 §4.1.2),
+// refresh requests that never reached the server (§6), no-op revocation
+// (RFC 7009 §2.2).
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchWithRetry = fetchWithRetry;
+const promises_1 = require("node:timers/promises");
+const MAX_RETRIES = 3;
+const CONNECTION_ERROR_CODES = new Set([
+    "ECONNRESET",
+    "ECONNREFUSED",
+    "ENOTFOUND",
+    "ENETDOWN",
+    "ENETUNREACH",
+    "EHOSTDOWN",
+    "UND_ERR_SOCKET",
+]);
+function isConnectionError(err) {
+    const seen = new Set();
+    let current = err;
+    while (current && typeof current === "object" && !seen.has(current)) {
+        seen.add(current);
+        const e = current;
+        if (typeof e.code === "string" && CONNECTION_ERROR_CODES.has(e.code)) {
+            return true;
+        }
+        current = e.cause;
+    }
+    return false;
+}
+async function fetchWithRetry(input, init) {
+    for (let attempt = 0;; attempt++) {
+        try {
+            return await fetch(input, init);
+        }
+        catch (err) {
+            if (attempt >= MAX_RETRIES || !isConnectionError(err)) {
+                throw err;
+            }
+            // Exponential backoff: 500ms, 1s, 2s, capped at 30s.
+            // `sleep` honors `init.signal` so an aborted request interrupts the wait.
+            const delay = Math.min(500 * Math.pow(2, attempt), 30_000);
+            await (0, promises_1.setTimeout)(delay, undefined, { signal: init?.signal ?? undefined });
+        }
+    }
+}

package/dist/oauth/revokeToken.js CHANGED Viewed

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.revokeRefreshToken = revokeRefreshToken;
+const retry_1 = require("./retry");
 const userAgent_1 = require("../userAgent");
 /**
  * Revokes a refresh token via RFC 7009. Servers SHOULD return 200
@@ -23,10 +24,10 @@ async function revokeRefreshToken(options) {
         token: options.refreshToken,
         token_type_hint: "refresh_token",
         client_id: options.clientId,
-    });
+    }).toString();
     let response;
     try {
-        response = await fetch(options.revocationEndpoint, {
+        response = await (0, retry_1.fetchWithRetry)(options.revocationEndpoint, {
             method: "POST",
             headers: {
                 "Content-Type": "application/x-www-form-urlencoded",

package/dist/oauth/tokenExchange.js CHANGED Viewed

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.exchangeCodeForTokens = exchangeCodeForTokens;
 const errors_1 = require("./errors");
+const retry_1 = require("./retry");
 const tokenResponse_1 = require("./tokenResponse");
 const userAgent_1 = require("../userAgent");
 /**
@@ -19,11 +20,11 @@ async function exchangeCodeForTokens(options) {
         code: options.code,
         code_verifier: options.codeVerifier,
         redirect_uri: options.redirectUri,
-    });
+    }).toString();
     const issuedAt = now();
     let response;
     try {
-        response = await fetch(options.tokenEndpoint, {
+        response = await (0, retry_1.fetchWithRetry)(options.tokenEndpoint, {
             method: "POST",
             headers: {
                 "Content-Type": "application/x-www-form-urlencoded",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@deque/axe-auth",
-  "version": "1.1.0-next.721c7626",
+  "version": "1.1.0-next.7469dec9",
   "description": "CLI authentication utility for Deque services",
   "license": "SEE LICENSE IN LICENSE",
   "repository": {