@mimik/oauth-helper 2.0.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +29 -12
- package/package.json +9 -9
package/index.js
CHANGED
|
@@ -31,6 +31,8 @@ const CLAIMS_SEPARATOR = ',';
|
|
|
31
31
|
const RESOURCE_SEPARATOR = ':';
|
|
32
32
|
const SCOPE_CLAIMS_SEPARATOR = '::';
|
|
33
33
|
const CLAIMS_DEFINITION = 'Claims';
|
|
34
|
+
const CLIENT_CEDENTIALS = 'client_credentials';
|
|
35
|
+
const REFRESH_TOKEN = 'refresh_token';
|
|
34
36
|
|
|
35
37
|
const tokens = {};
|
|
36
38
|
|
|
@@ -143,7 +145,7 @@ module.exports = (config) => {
|
|
|
143
145
|
return { onBehalf, claims };
|
|
144
146
|
};
|
|
145
147
|
|
|
146
|
-
const getToken = (type, origin,
|
|
148
|
+
const getToken = (type, origin, correlationId, options) => {
|
|
147
149
|
const tokenOptions = {
|
|
148
150
|
method: 'POST',
|
|
149
151
|
url: server.issuer,
|
|
@@ -154,34 +156,49 @@ module.exports = (config) => {
|
|
|
154
156
|
client_id: server.id,
|
|
155
157
|
client_secret: server.secret,
|
|
156
158
|
audience: config.dependencies[type].audience,
|
|
157
|
-
grant_type:
|
|
159
|
+
grant_type: CLIENT_CEDENTIALS,
|
|
158
160
|
};
|
|
159
161
|
|
|
160
162
|
if (options) {
|
|
161
|
-
if (options.
|
|
162
|
-
|
|
163
|
-
|
|
163
|
+
if (options.token) {
|
|
164
|
+
const { token } = options;
|
|
165
|
+
if (token.customerName) getCredential.customer_name = token.customerName;
|
|
166
|
+
if (token.retry) tokenOptions.retry = token.retry;
|
|
167
|
+
if (token.cluster) getCredential.type = CLUSTER;
|
|
168
|
+
}
|
|
169
|
+
if (options.metrics) {
|
|
170
|
+
tokenOptions.metrics = { HTTPRequestDuration: options.metrics.HTTPRequestDuration, url: tokenOptions.url };
|
|
171
|
+
}
|
|
164
172
|
}
|
|
165
173
|
if (!tokens[type]) tokens[type] = {};
|
|
166
174
|
if (!tokens[type][origin]) tokens[type][origin] = {};
|
|
167
175
|
if (valid(tokens[type][origin].accessToken)) return Promise.resolve(tokens[type][origin].accessToken.value);
|
|
168
176
|
if (valid(tokens[type][origin].refreshToken)) {
|
|
169
|
-
logger.silly(
|
|
177
|
+
logger.silly(`valid ${REFRESH_TOKEN}`, { type, origin }, correlationId);
|
|
170
178
|
tokenOptions.body = {
|
|
171
179
|
refresh_token: tokens[type][origin].refreshToken.value,
|
|
172
|
-
grant_type:
|
|
180
|
+
grant_type: REFRESH_TOKEN,
|
|
173
181
|
};
|
|
182
|
+
if (tokenOptions.metrics) {
|
|
183
|
+
tokenOptions.metrics.url = `${tokenOptions.metrics.url}/${REFRESH_TOKEN}`;
|
|
184
|
+
}
|
|
174
185
|
}
|
|
175
186
|
else {
|
|
176
|
-
logger.silly(
|
|
187
|
+
logger.silly(`invalid ${REFRESH_TOKEN} trying ${CLIENT_CEDENTIALS}`, { type, origin }, correlationId);
|
|
177
188
|
tokenOptions.body = getCredential;
|
|
189
|
+
if (tokenOptions.metrics) {
|
|
190
|
+
tokenOptions.metrics.url = `${tokenOptions.metrics.url}/${CLIENT_CEDENTIALS}`;
|
|
191
|
+
}
|
|
178
192
|
}
|
|
179
193
|
return rpRetry(tokenOptions).catch((err) => {
|
|
180
|
-
if (err.statusCode !== 400 || tokenOptions.body.grant_type ===
|
|
194
|
+
if (err.statusCode !== 400 || tokenOptions.body.grant_type === CLIENT_CEDENTIALS) {
|
|
181
195
|
throw err;
|
|
182
196
|
}
|
|
183
|
-
logger.silly(
|
|
197
|
+
logger.silly(`moving from ${REFRESH_TOKEN} to ${CLIENT_CEDENTIALS}`, { error: err.message }, correlationId);
|
|
184
198
|
tokenOptions.body = getCredential;
|
|
199
|
+
if (tokenOptions.metrics) {
|
|
200
|
+
tokenOptions.metrics.url = `${tokenOptions.metrics.url}/${CLIENT_CEDENTIALS}`;
|
|
201
|
+
}
|
|
185
202
|
return rpRetry(tokenOptions);
|
|
186
203
|
}).then((response) => {
|
|
187
204
|
tokens[type][origin].accessToken = createToken(response.data.access_token);
|
|
@@ -241,7 +258,7 @@ module.exports = (config) => {
|
|
|
241
258
|
catch (err) { return Promise.reject(new Error(`invalid url address: ${enteredUrl}: ${err.message}`)); }
|
|
242
259
|
const correlationId = (options.headers && options.headers['x-correlation-id']);
|
|
243
260
|
|
|
244
|
-
return getToken(type, url.origin,
|
|
261
|
+
return getToken(type, url.origin, correlationId, options)
|
|
245
262
|
.then((token) => {
|
|
246
263
|
const opts = options;
|
|
247
264
|
|
|
@@ -256,7 +273,7 @@ module.exports = (config) => {
|
|
|
256
273
|
if (err.statusCode === 403) {
|
|
257
274
|
logger.warn('got a unauthorized request, retrying', { error: err.message, type }, correlationId);
|
|
258
275
|
tokens[type].accessToken = null;
|
|
259
|
-
return getToken(type, options.uri || options.url,
|
|
276
|
+
return getToken(type, options.uri || options.url, correlationId, options)
|
|
260
277
|
.then((newToken) => {
|
|
261
278
|
opts.headers.authorization = `Bearer ${newToken}`;
|
|
262
279
|
return rpRetry(opts)
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mimik/oauth-helper",
|
|
3
|
-
"version": "2.0
|
|
3
|
+
"version": "2.1.0",
|
|
4
4
|
"description": "Oauth helper for mimik microservices",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -29,10 +29,10 @@
|
|
|
29
29
|
"url": "https://bitbucket.org/mimiktech/oauth-helper"
|
|
30
30
|
},
|
|
31
31
|
"dependencies": {
|
|
32
|
-
"@mimik/request-retry": "^2.1.
|
|
32
|
+
"@mimik/request-retry": "^2.1.4",
|
|
33
33
|
"@mimik/response-helper": "^2.6.3",
|
|
34
34
|
"@mimik/sumologic-winston-logger": "^1.6.14",
|
|
35
|
-
"@mimik/swagger-helper": "^2.5.
|
|
35
|
+
"@mimik/swagger-helper": "^2.5.7",
|
|
36
36
|
"bluebird": "3.7.2",
|
|
37
37
|
"jsonwebtoken": "9.0.0",
|
|
38
38
|
"lodash": "4.17.21"
|
|
@@ -41,16 +41,16 @@
|
|
|
41
41
|
"@mimik/eslint-plugin-dependencies": "^2.4.5",
|
|
42
42
|
"@mimik/eslint-plugin-document-env": "^1.0.5",
|
|
43
43
|
"@mimik/request-helper": "^1.7.8",
|
|
44
|
-
"body-parser": "1.20.
|
|
44
|
+
"body-parser": "1.20.2",
|
|
45
45
|
"chai": "4.3.7",
|
|
46
|
-
"eslint": "8.
|
|
46
|
+
"eslint": "8.35.0",
|
|
47
47
|
"eslint-config-airbnb": "19.0.4",
|
|
48
|
-
"eslint-plugin-import": "2.
|
|
49
|
-
"eslint-plugin-jsx-a11y": "6.
|
|
50
|
-
"eslint-plugin-react": "7.
|
|
48
|
+
"eslint-plugin-import": "2.27.5",
|
|
49
|
+
"eslint-plugin-jsx-a11y": "6.7.1",
|
|
50
|
+
"eslint-plugin-react": "7.32.2",
|
|
51
51
|
"eslint-plugin-react-hooks": "4.6.0",
|
|
52
52
|
"express": "4.18.2",
|
|
53
|
-
"husky": "8.0.
|
|
53
|
+
"husky": "8.0.3",
|
|
54
54
|
"jsdoc-to-markdown": "8.0.0",
|
|
55
55
|
"mocha": "10.2.0",
|
|
56
56
|
"mochawesome": "7.1.3",
|