@hemia/auth-sdk 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -238,6 +238,46 @@ let AuthService = class AuthService {
|
|
|
238
238
|
throw new InvalidTokenFormatError();
|
|
239
239
|
}
|
|
240
240
|
}
|
|
241
|
+
/**
|
|
242
|
+
* Obtiene y valida los claims del access token de la sesión.
|
|
243
|
+
* @param sessionId Identificador de la sesión
|
|
244
|
+
* @returns Claims del access token o error si el token no es válido
|
|
245
|
+
*/
|
|
246
|
+
async getSessionAccess(sessionId) {
|
|
247
|
+
const key = `x-session:${sessionId}`;
|
|
248
|
+
let session = await this.storage.get(key);
|
|
249
|
+
if (!session) {
|
|
250
|
+
throw new SessionNotFoundError();
|
|
251
|
+
}
|
|
252
|
+
if (session.expiresAt < Date.now()) {
|
|
253
|
+
throw new SessionExpiredError();
|
|
254
|
+
}
|
|
255
|
+
const timeUntilExpiry = session.expiresAt - Date.now();
|
|
256
|
+
if (timeUntilExpiry < 2 * 60 * 1000) {
|
|
257
|
+
try {
|
|
258
|
+
session = await this.refreshTokens(session, sessionId);
|
|
259
|
+
}
|
|
260
|
+
catch (error) {
|
|
261
|
+
throw new TokenRefreshFailedError();
|
|
262
|
+
}
|
|
263
|
+
}
|
|
264
|
+
try {
|
|
265
|
+
const verify = this.jwtManager.verify(session.accessToken);
|
|
266
|
+
if (!verify) {
|
|
267
|
+
throw new SessionInvalidError();
|
|
268
|
+
}
|
|
269
|
+
const claims = this.jwtManager.decode(session.accessToken, true);
|
|
270
|
+
if (!claims) {
|
|
271
|
+
throw new SessionInvalidError();
|
|
272
|
+
}
|
|
273
|
+
return {
|
|
274
|
+
...claims
|
|
275
|
+
};
|
|
276
|
+
}
|
|
277
|
+
catch (e) {
|
|
278
|
+
throw new InvalidTokenFormatError();
|
|
279
|
+
}
|
|
280
|
+
}
|
|
241
281
|
/**
|
|
242
282
|
* Cierra la sesión del usuario tanto en el SSO como localmente.
|
|
243
283
|
* @param sessionId Identificador de la sesión
|
package/dist/hemia-auth-sdk.js
CHANGED
|
@@ -240,6 +240,46 @@ exports.AuthService = class AuthService {
|
|
|
240
240
|
throw new InvalidTokenFormatError();
|
|
241
241
|
}
|
|
242
242
|
}
|
|
243
|
+
/**
|
|
244
|
+
* Obtiene y valida los claims del access token de la sesión.
|
|
245
|
+
* @param sessionId Identificador de la sesión
|
|
246
|
+
* @returns Claims del access token o error si el token no es válido
|
|
247
|
+
*/
|
|
248
|
+
async getSessionAccess(sessionId) {
|
|
249
|
+
const key = `x-session:${sessionId}`;
|
|
250
|
+
let session = await this.storage.get(key);
|
|
251
|
+
if (!session) {
|
|
252
|
+
throw new SessionNotFoundError();
|
|
253
|
+
}
|
|
254
|
+
if (session.expiresAt < Date.now()) {
|
|
255
|
+
throw new SessionExpiredError();
|
|
256
|
+
}
|
|
257
|
+
const timeUntilExpiry = session.expiresAt - Date.now();
|
|
258
|
+
if (timeUntilExpiry < 2 * 60 * 1000) {
|
|
259
|
+
try {
|
|
260
|
+
session = await this.refreshTokens(session, sessionId);
|
|
261
|
+
}
|
|
262
|
+
catch (error) {
|
|
263
|
+
throw new TokenRefreshFailedError();
|
|
264
|
+
}
|
|
265
|
+
}
|
|
266
|
+
try {
|
|
267
|
+
const verify = this.jwtManager.verify(session.accessToken);
|
|
268
|
+
if (!verify) {
|
|
269
|
+
throw new SessionInvalidError();
|
|
270
|
+
}
|
|
271
|
+
const claims = this.jwtManager.decode(session.accessToken, true);
|
|
272
|
+
if (!claims) {
|
|
273
|
+
throw new SessionInvalidError();
|
|
274
|
+
}
|
|
275
|
+
return {
|
|
276
|
+
...claims
|
|
277
|
+
};
|
|
278
|
+
}
|
|
279
|
+
catch (e) {
|
|
280
|
+
throw new InvalidTokenFormatError();
|
|
281
|
+
}
|
|
282
|
+
}
|
|
243
283
|
/**
|
|
244
284
|
* Cierra la sesión del usuario tanto en el SSO como localmente.
|
|
245
285
|
* @param sessionId Identificador de la sesión
|
|
@@ -28,6 +28,12 @@ export declare class AuthService {
|
|
|
28
28
|
* @returns Información del usuario o error si la sesión no es válida
|
|
29
29
|
*/
|
|
30
30
|
getSessionUser(sessionId: string): Promise<ISessionUser>;
|
|
31
|
+
/**
|
|
32
|
+
* Obtiene y valida los claims del access token de la sesión.
|
|
33
|
+
* @param sessionId Identificador de la sesión
|
|
34
|
+
* @returns Claims del access token o error si el token no es válido
|
|
35
|
+
*/
|
|
36
|
+
getSessionAccess(sessionId: string): Promise<any>;
|
|
31
37
|
/**
|
|
32
38
|
* Cierra la sesión del usuario tanto en el SSO como localmente.
|
|
33
39
|
* @param sessionId Identificador de la sesión
|