npm - @logto/browser - Versions diffs - 0.1.3 → 0.1.4 - Mend

@logto/browser 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/lib/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { IdTokenClaims, OidcConfigResponse, Requester, UserInfoResponse } from '@logto/js';
+import { IdTokenClaims, Requester, UserInfoResponse } from '@logto/js';
 import { Nullable } from '@silverhand/essentials';
 import { Infer } from 'superstruct';
 export type { IdTokenClaims, UserInfoResponse } from '@logto/js';
@@ -26,11 +26,20 @@ export declare const LogtoSignInSessionItemSchema: import("superstruct").Struct<
 }>;
 export declare type LogtoSignInSessionItem = Infer<typeof LogtoSignInSessionItemSchema>;
 export default class LogtoClient {
-    protected logtoConfig: LogtoConfig;
-    protected oidcConfig?: OidcConfigResponse;
-    protected logtoStorageKey: string;
-    protected requester: Requester;
-    protected accessTokenMap: Map<string, AccessToken>;
+    protected readonly logtoConfig: LogtoConfig;
+    protected readonly getOidcConfig: () => Promise<import("@silverhand/essentials").KeysToCamelCase<{
+        authorization_endpoint: string;
+        token_endpoint: string;
+        userinfo_endpoint: string;
+        end_session_endpoint: string;
+        revocation_endpoint: string;
+        jwks_uri: string;
+        issuer: string;
+    }>>;
+    protected readonly getJwtVerifyGetKey: () => Promise<import("jose/dist/types/types").GetKeyFunction<import("jose").JWSHeaderParameters, import("jose").FlattenedJWSInput>>;
+    protected readonly logtoStorageKey: string;
+    protected readonly requester: Requester;
+    protected readonly accessTokenMap: Map<string, AccessToken>;
     private readonly getAccessTokenPromiseMap;
     private _refreshToken;
     private _idToken;
@@ -50,7 +59,8 @@ export default class LogtoClient {
     handleSignInCallback(callbackUri: string): Promise<void>;
     signOut(postLogoutRedirectUri?: string): Promise<void>;
     private getAccessTokenByRefreshToken;
-    private getOidcConfig;
+    private _getOidcConfig;
+    private _getJwtVerifyGetKey;
     private verifyIdToken;
     private saveCodeToken;
 }

package/lib/index.js CHANGED Viewed

@@ -9,10 +9,14 @@ var __createBinding = (this && this.__createBinding) || (Object.create ? (functi
 var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.LogtoSignInSessionItemSchema = void 0;
 const js_1 = require("@logto/js");
 const jose_1 = require("jose");
+const lodash_once_1 = __importDefault(require("lodash.once"));
 const superstruct_1 = require("superstruct");
 const errors_1 = require("./errors");
 const utils_1 = require("./utils");
@@ -24,6 +28,8 @@ exports.LogtoSignInSessionItemSchema = (0, superstruct_1.type)({
 });
 class LogtoClient {
     constructor(logtoConfig, requester = (0, js_1.createRequester)()) {
+        this.getOidcConfig = (0, lodash_once_1.default)(this._getOidcConfig);
+        this.getJwtVerifyGetKey = (0, lodash_once_1.default)(this._getJwtVerifyGetKey);
         this.accessTokenMap = new Map();
         this.getAccessTokenPromiseMap = new Map();
         this.logtoConfig = logtoConfig;
@@ -90,8 +96,12 @@ class LogtoClient {
         if (accessToken && accessToken.expiresAt > Date.now() / 1000) {
             return accessToken.token;
         }
+        // Since the access token has expired, delete it from the map.
+        if (accessToken) {
+            this.accessTokenMap.delete(accessTokenKey);
+        }
         /**
-         * Token has expired, need to fetch a new one using refresh token.
+         * Need to fetch a new access token using refresh token.
          * Reuse the cached promise if exists.
          */
         const cachedPromise = this.getAccessTokenPromiseMap.get(accessTokenKey);
@@ -195,17 +205,12 @@ class LogtoClient {
         window.location.assign(url);
     }
     async getAccessTokenByRefreshToken(resource) {
-        const accessTokenKey = (0, utils_1.buildAccessTokenKey)(resource);
-        // Token expired, remove it from the map
-        if (this.accessTokenMap.has(accessTokenKey)) {
-            this.accessTokenMap.delete(accessTokenKey);
-        }
-        // Fetch new access token by refresh token
-        const { clientId } = this.logtoConfig;
         if (!this.refreshToken) {
             throw new errors_1.LogtoClientError('not_authenticated');
         }
         try {
+            const accessTokenKey = (0, utils_1.buildAccessTokenKey)(resource);
+            const { clientId } = this.logtoConfig;
             const { tokenEndpoint } = await this.getOidcConfig();
             const { accessToken, refreshToken, idToken, scope, expiresIn } = await (0, js_1.fetchTokenByRefreshToken)({ clientId, tokenEndpoint, refreshToken: this.refreshToken, resource }, this.requester);
             this.accessTokenMap.set(accessTokenKey, {
@@ -224,19 +229,21 @@ class LogtoClient {
             throw new errors_1.LogtoClientError('get_access_token_by_refresh_token_failed', error);
         }
     }
-    async getOidcConfig() {
-        if (!this.oidcConfig) {
-            const { endpoint } = this.logtoConfig;
-            const discoveryEndpoint = (0, utils_1.getDiscoveryEndpoint)(endpoint);
-            this.oidcConfig = await (0, js_1.fetchOidcConfig)(discoveryEndpoint, this.requester);
-        }
-        return this.oidcConfig;
+    async _getOidcConfig() {
+        const { endpoint } = this.logtoConfig;
+        const discoveryEndpoint = (0, utils_1.getDiscoveryEndpoint)(endpoint);
+        return (0, js_1.fetchOidcConfig)(discoveryEndpoint, this.requester);
+    }
+    async _getJwtVerifyGetKey() {
+        const { jwksUri } = await this.getOidcConfig();
+        return (0, jose_1.createRemoteJWKSet)(new URL(jwksUri));
     }
     async verifyIdToken(idToken) {
         const { clientId } = this.logtoConfig;
-        const { issuer, jwksUri } = await this.getOidcConfig();
+        const { issuer } = await this.getOidcConfig();
+        const jwtVerifyGetKey = await this.getJwtVerifyGetKey();
         try {
-            await (0, js_1.verifyIdToken)(idToken, clientId, issuer, (0, jose_1.createRemoteJWKSet)(new URL(jwksUri)));
+            await (0, js_1.verifyIdToken)(idToken, clientId, issuer, jwtVerifyGetKey);
         }
         catch (error) {
             throw new errors_1.LogtoClientError('invalid_id_token', error);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@logto/browser",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "main": "./lib/index.js",
   "exports": "./lib/index.js",
   "typings": "./lib/index.d.ts",
@@ -28,6 +28,7 @@
     "@silverhand/essentials": "^1.1.6",
     "jose": "^4.5.0",
     "lodash.get": "^4.4.2",
+    "lodash.once": "^4.1.1",
     "superstruct": "^0.15.3"
   },
   "devDependencies": {
@@ -36,6 +37,7 @@
     "@silverhand/ts-config": "^0.9.1",
     "@types/jest": "^27.4.0",
     "@types/lodash.get": "^4.4.6",
+    "@types/lodash.once": "^4.1.6",
     "eslint": "^8.9.0",
     "jest": "^27.5.1",
     "jest-location-mock": "^1.0.9",
@@ -53,5 +55,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "2a59d35046744dd1284eb81804cf0ef9a35f41e6"
+  "gitHead": "a5eed81a3e3db3184a53f04f843db8ac707dd3ad"
 }