@supabase/gotrue-js 2.40.0 → 2.41.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/main/GoTrueClient.d.ts +13 -0
- package/dist/main/GoTrueClient.d.ts.map +1 -1
- package/dist/main/GoTrueClient.js +229 -180
- package/dist/main/GoTrueClient.js.map +1 -1
- package/dist/main/lib/helpers.d.ts +23 -0
- package/dist/main/lib/helpers.d.ts.map +1 -1
- package/dist/main/lib/helpers.js +94 -1
- package/dist/main/lib/helpers.js.map +1 -1
- package/dist/main/lib/version.d.ts +1 -1
- package/dist/main/lib/version.js +1 -1
- package/dist/module/GoTrueClient.d.ts +13 -0
- package/dist/module/GoTrueClient.d.ts.map +1 -1
- package/dist/module/GoTrueClient.js +230 -181
- package/dist/module/GoTrueClient.js.map +1 -1
- package/dist/module/lib/helpers.d.ts +23 -0
- package/dist/module/lib/helpers.d.ts.map +1 -1
- package/dist/module/lib/helpers.js +91 -0
- package/dist/module/lib/helpers.js.map +1 -1
- package/dist/module/lib/version.d.ts +1 -1
- package/dist/module/lib/version.js +1 -1
- package/package.json +3 -3
- package/src/GoTrueClient.ts +280 -205
- package/src/lib/helpers.ts +111 -0
- package/src/lib/version.ts +1 -1
|
@@ -2,7 +2,7 @@ import GoTrueAdminApi from './GoTrueAdminApi';
|
|
|
2
2
|
import { DEFAULT_HEADERS, EXPIRY_MARGIN, GOTRUE_URL, STORAGE_KEY } from './lib/constants';
|
|
3
3
|
import { AuthImplicitGrantRedirectError, AuthPKCEGrantCodeExchangeError, AuthInvalidCredentialsError, AuthSessionMissingError, AuthInvalidTokenResponseError, AuthUnknownError, isAuthApiError, isAuthError, isAuthRetryableFetchError, } from './lib/errors';
|
|
4
4
|
import { _request, _sessionResponse, _userResponse, _ssoResponse } from './lib/fetch';
|
|
5
|
-
import { decodeJWTPayload, Deferred, getItemAsync, getParameterByName, isBrowser, removeItemAsync, resolveFetch, setItemAsync, uuid, retryable, sleep, generatePKCEVerifier, generatePKCEChallenge, supportsLocalStorage, } from './lib/helpers';
|
|
5
|
+
import { decodeJWTPayload, Deferred, getItemAsync, getParameterByName, isBrowser, removeItemAsync, resolveFetch, setItemAsync, uuid, retryable, sleep, generatePKCEVerifier, generatePKCEChallenge, supportsLocalStorage, stackGuard, isInStackGuard, } from './lib/helpers';
|
|
6
6
|
import localStorageAdapter from './lib/local-storage';
|
|
7
7
|
import { polyfillGlobalThis } from './lib/polyfills';
|
|
8
8
|
polyfillGlobalThis(); // Make "globalThis" available
|
|
@@ -133,7 +133,6 @@ export default class GoTrueClient {
|
|
|
133
133
|
}
|
|
134
134
|
const { session, redirectType } = data;
|
|
135
135
|
this._debug('#_initialize()', 'detected session in URL', session, 'redirect type', redirectType);
|
|
136
|
-
await this._saveSession(session);
|
|
137
136
|
setTimeout(async () => {
|
|
138
137
|
if (redirectType === 'recovery') {
|
|
139
138
|
await this._notifyAllSubscribers('PASSWORD_RECOVERY', session);
|
|
@@ -521,16 +520,18 @@ export default class GoTrueClient {
|
|
|
521
520
|
*/
|
|
522
521
|
async reauthenticate() {
|
|
523
522
|
try {
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
|
|
531
|
-
|
|
523
|
+
return await this._useSession(async (result) => {
|
|
524
|
+
const { data: { session }, error: sessionError, } = result;
|
|
525
|
+
if (sessionError)
|
|
526
|
+
throw sessionError;
|
|
527
|
+
if (!session)
|
|
528
|
+
throw new AuthSessionMissingError();
|
|
529
|
+
const { error } = await _request(this.fetch, 'GET', `${this.url}/reauthenticate`, {
|
|
530
|
+
headers: this.headers,
|
|
531
|
+
jwt: session.access_token,
|
|
532
|
+
});
|
|
533
|
+
return { data: { user: null, session: null }, error };
|
|
532
534
|
});
|
|
533
|
-
return { data: { user: null, session: null }, error };
|
|
534
535
|
}
|
|
535
536
|
catch (error) {
|
|
536
537
|
if (isAuthError(error)) {
|
|
@@ -587,10 +588,36 @@ export default class GoTrueClient {
|
|
|
587
588
|
* The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.
|
|
588
589
|
*/
|
|
589
590
|
async getSession() {
|
|
591
|
+
return this._useSession(async (result) => {
|
|
592
|
+
return result;
|
|
593
|
+
});
|
|
594
|
+
}
|
|
595
|
+
/**
|
|
596
|
+
* Use instead of {@link #getSession} inside the library. It is
|
|
597
|
+
* semantically usually what you want, as getting a session involves some
|
|
598
|
+
* processing afterwards that requires only one client operating on the
|
|
599
|
+
* session at once across multiple tabs or processes.
|
|
600
|
+
*/
|
|
601
|
+
async _useSession(fn) {
|
|
602
|
+
return await stackGuard('_useSession', async () => {
|
|
603
|
+
// the use of __loadSession here is the only correct use of the function!
|
|
604
|
+
const result = await this.__loadSession();
|
|
605
|
+
return await fn(result);
|
|
606
|
+
});
|
|
607
|
+
}
|
|
608
|
+
/**
|
|
609
|
+
* NEVER USE DIRECTLY!
|
|
610
|
+
*
|
|
611
|
+
* Always use {@link #_useSession}.
|
|
612
|
+
*/
|
|
613
|
+
async __loadSession() {
|
|
614
|
+
if (this.logDebugMessages && !isInStackGuard('_useSession')) {
|
|
615
|
+
throw new Error('Please use #_useSession()');
|
|
616
|
+
}
|
|
590
617
|
// make sure we've read the session from the url if there is one
|
|
591
618
|
// save to just await, as long we make sure _initialize() never throws
|
|
592
619
|
await this.initializePromise;
|
|
593
|
-
this._debug('#
|
|
620
|
+
this._debug('#__loadSession()', 'begin');
|
|
594
621
|
try {
|
|
595
622
|
let currentSession = null;
|
|
596
623
|
if (this.persistSession) {
|
|
@@ -616,7 +643,7 @@ export default class GoTrueClient {
|
|
|
616
643
|
const hasExpired = currentSession.expires_at
|
|
617
644
|
? currentSession.expires_at <= Date.now() / 1000
|
|
618
645
|
: false;
|
|
619
|
-
this._debug('#
|
|
646
|
+
this._debug('#__loadSession()', `session has${hasExpired ? '' : ' not'} expired`, 'expires_at', currentSession.expires_at);
|
|
620
647
|
if (!hasExpired) {
|
|
621
648
|
return { data: { session: currentSession }, error: null };
|
|
622
649
|
}
|
|
@@ -627,7 +654,7 @@ export default class GoTrueClient {
|
|
|
627
654
|
return { data: { session }, error: null };
|
|
628
655
|
}
|
|
629
656
|
finally {
|
|
630
|
-
this._debug('#
|
|
657
|
+
this._debug('#__loadSession()', 'end');
|
|
631
658
|
}
|
|
632
659
|
}
|
|
633
660
|
/**
|
|
@@ -635,20 +662,22 @@ export default class GoTrueClient {
|
|
|
635
662
|
* @param jwt Takes in an optional access token jwt. If no jwt is provided, getUser() will attempt to get the jwt from the current session.
|
|
636
663
|
*/
|
|
637
664
|
async getUser(jwt) {
|
|
638
|
-
var _a, _b;
|
|
639
665
|
try {
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
if (
|
|
643
|
-
|
|
666
|
+
return await this._useSession(async (result) => {
|
|
667
|
+
var _a, _b;
|
|
668
|
+
if (!jwt) {
|
|
669
|
+
const { data, error } = result;
|
|
670
|
+
if (error) {
|
|
671
|
+
throw error;
|
|
672
|
+
}
|
|
673
|
+
// Default to Authorization header if there is no existing session
|
|
674
|
+
jwt = (_b = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token) !== null && _b !== void 0 ? _b : undefined;
|
|
644
675
|
}
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
jwt: jwt,
|
|
651
|
-
xform: _userResponse,
|
|
676
|
+
return await _request(this.fetch, 'GET', `${this.url}/user`, {
|
|
677
|
+
headers: this.headers,
|
|
678
|
+
jwt: jwt,
|
|
679
|
+
xform: _userResponse,
|
|
680
|
+
});
|
|
652
681
|
});
|
|
653
682
|
}
|
|
654
683
|
catch (error) {
|
|
@@ -663,27 +692,29 @@ export default class GoTrueClient {
|
|
|
663
692
|
*/
|
|
664
693
|
async updateUser(attributes, options = {}) {
|
|
665
694
|
try {
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
|
|
669
|
-
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
695
|
+
return await this._useSession(async (result) => {
|
|
696
|
+
const { data: sessionData, error: sessionError } = result;
|
|
697
|
+
if (sessionError) {
|
|
698
|
+
throw sessionError;
|
|
699
|
+
}
|
|
700
|
+
if (!sessionData.session) {
|
|
701
|
+
throw new AuthSessionMissingError();
|
|
702
|
+
}
|
|
703
|
+
const session = sessionData.session;
|
|
704
|
+
const { data, error: userError } = await _request(this.fetch, 'PUT', `${this.url}/user`, {
|
|
705
|
+
headers: this.headers,
|
|
706
|
+
redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
|
|
707
|
+
body: attributes,
|
|
708
|
+
jwt: session.access_token,
|
|
709
|
+
xform: _userResponse,
|
|
710
|
+
});
|
|
711
|
+
if (userError)
|
|
712
|
+
throw userError;
|
|
713
|
+
session.user = data.user;
|
|
714
|
+
await this._saveSession(session);
|
|
715
|
+
await this._notifyAllSubscribers('USER_UPDATED', session);
|
|
716
|
+
return { data: { user: session.user }, error: null };
|
|
680
717
|
});
|
|
681
|
-
if (userError)
|
|
682
|
-
throw userError;
|
|
683
|
-
session.user = data.user;
|
|
684
|
-
await this._saveSession(session);
|
|
685
|
-
await this._notifyAllSubscribers('USER_UPDATED', session);
|
|
686
|
-
return { data: { user: session.user }, error: null };
|
|
687
718
|
}
|
|
688
719
|
catch (error) {
|
|
689
720
|
if (isAuthError(error)) {
|
|
@@ -759,26 +790,28 @@ export default class GoTrueClient {
|
|
|
759
790
|
* @param currentSession The current session. If passed in, it must contain a refresh token.
|
|
760
791
|
*/
|
|
761
792
|
async refreshSession(currentSession) {
|
|
762
|
-
var _a;
|
|
763
793
|
try {
|
|
764
|
-
|
|
765
|
-
|
|
794
|
+
return await this._useSession(async (result) => {
|
|
795
|
+
var _a;
|
|
796
|
+
if (!currentSession) {
|
|
797
|
+
const { data, error } = result;
|
|
798
|
+
if (error) {
|
|
799
|
+
throw error;
|
|
800
|
+
}
|
|
801
|
+
currentSession = (_a = data.session) !== null && _a !== void 0 ? _a : undefined;
|
|
802
|
+
}
|
|
803
|
+
if (!(currentSession === null || currentSession === void 0 ? void 0 : currentSession.refresh_token)) {
|
|
804
|
+
throw new AuthSessionMissingError();
|
|
805
|
+
}
|
|
806
|
+
const { session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
766
807
|
if (error) {
|
|
767
|
-
|
|
808
|
+
return { data: { user: null, session: null }, error: error };
|
|
768
809
|
}
|
|
769
|
-
|
|
770
|
-
|
|
771
|
-
|
|
772
|
-
|
|
773
|
-
}
|
|
774
|
-
const { session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
775
|
-
if (error) {
|
|
776
|
-
return { data: { user: null, session: null }, error: error };
|
|
777
|
-
}
|
|
778
|
-
if (!session) {
|
|
779
|
-
return { data: { user: null, session: null }, error: null };
|
|
780
|
-
}
|
|
781
|
-
return { data: { user: session.user, session }, error: null };
|
|
810
|
+
if (!session) {
|
|
811
|
+
return { data: { user: null, session: null }, error: null };
|
|
812
|
+
}
|
|
813
|
+
return { data: { user: session.user, session }, error: null };
|
|
814
|
+
});
|
|
782
815
|
}
|
|
783
816
|
catch (error) {
|
|
784
817
|
if (isAuthError(error)) {
|
|
@@ -892,28 +925,30 @@ export default class GoTrueClient {
|
|
|
892
925
|
* If using others scope, no `SIGNED_OUT` event is fired!
|
|
893
926
|
*/
|
|
894
927
|
async signOut({ scope } = { scope: 'global' }) {
|
|
895
|
-
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
|
|
899
|
-
|
|
900
|
-
|
|
901
|
-
|
|
902
|
-
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
|
|
906
|
-
|
|
907
|
-
|
|
928
|
+
return await this._useSession(async (result) => {
|
|
929
|
+
var _a;
|
|
930
|
+
const { data, error: sessionError } = result;
|
|
931
|
+
if (sessionError) {
|
|
932
|
+
return { error: sessionError };
|
|
933
|
+
}
|
|
934
|
+
const accessToken = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token;
|
|
935
|
+
if (accessToken) {
|
|
936
|
+
const { error } = await this.admin.signOut(accessToken, scope);
|
|
937
|
+
if (error) {
|
|
938
|
+
// ignore 404s since user might not exist anymore
|
|
939
|
+
// ignore 401s since an invalid or expired JWT should sign out the current session
|
|
940
|
+
if (!(isAuthApiError(error) && (error.status === 404 || error.status === 401))) {
|
|
941
|
+
return { error };
|
|
942
|
+
}
|
|
908
943
|
}
|
|
909
944
|
}
|
|
910
|
-
|
|
911
|
-
|
|
912
|
-
|
|
913
|
-
|
|
914
|
-
|
|
915
|
-
|
|
916
|
-
|
|
945
|
+
if (scope !== 'others') {
|
|
946
|
+
await this._removeSession();
|
|
947
|
+
await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);
|
|
948
|
+
await this._notifyAllSubscribers('SIGNED_OUT', null);
|
|
949
|
+
}
|
|
950
|
+
return { error: null };
|
|
951
|
+
});
|
|
917
952
|
}
|
|
918
953
|
/**
|
|
919
954
|
* Receive a notification every time an auth event happens.
|
|
@@ -935,19 +970,21 @@ export default class GoTrueClient {
|
|
|
935
970
|
return { data: { subscription } };
|
|
936
971
|
}
|
|
937
972
|
async _emitInitialSession(id) {
|
|
938
|
-
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
943
|
-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
|
|
973
|
+
return await this._useSession(async (result) => {
|
|
974
|
+
var _a, _b;
|
|
975
|
+
try {
|
|
976
|
+
const { data: { session }, error, } = result;
|
|
977
|
+
if (error)
|
|
978
|
+
throw error;
|
|
979
|
+
await ((_a = this.stateChangeEmitters.get(id)) === null || _a === void 0 ? void 0 : _a.callback('INITIAL_SESSION', session));
|
|
980
|
+
this._debug('INITIAL_SESSION', 'callback id', id, 'session', session);
|
|
981
|
+
}
|
|
982
|
+
catch (err) {
|
|
983
|
+
await ((_b = this.stateChangeEmitters.get(id)) === null || _b === void 0 ? void 0 : _b.callback('INITIAL_SESSION', null));
|
|
984
|
+
this._debug('INITIAL_SESSION', 'callback id', id, 'error', err);
|
|
985
|
+
console.error(err);
|
|
986
|
+
}
|
|
987
|
+
});
|
|
951
988
|
}
|
|
952
989
|
/**
|
|
953
990
|
* Sends a password reset request to an email address.
|
|
@@ -1287,17 +1324,19 @@ export default class GoTrueClient {
|
|
|
1287
1324
|
try {
|
|
1288
1325
|
const now = Date.now();
|
|
1289
1326
|
try {
|
|
1290
|
-
|
|
1291
|
-
|
|
1292
|
-
|
|
1293
|
-
|
|
1294
|
-
|
|
1295
|
-
|
|
1296
|
-
|
|
1297
|
-
|
|
1298
|
-
|
|
1299
|
-
|
|
1300
|
-
|
|
1327
|
+
return await this._useSession(async (result) => {
|
|
1328
|
+
const { data: { session }, } = result;
|
|
1329
|
+
if (!session || !session.refresh_token || !session.expires_at) {
|
|
1330
|
+
this._debug('#_autoRefreshTokenTick()', 'no session');
|
|
1331
|
+
return;
|
|
1332
|
+
}
|
|
1333
|
+
// session will expire in this many ticks (or has already expired if <= 0)
|
|
1334
|
+
const expiresInTicks = Math.floor((session.expires_at * 1000 - now) / AUTO_REFRESH_TICK_DURATION);
|
|
1335
|
+
this._debug('#_autoRefreshTokenTick()', `access token expires in ${expiresInTicks} ticks, a tick lasts ${AUTO_REFRESH_TICK_DURATION}ms, refresh threshold is ${AUTO_REFRESH_TICK_THRESHOLD} ticks`);
|
|
1336
|
+
if (expiresInTicks <= AUTO_REFRESH_TICK_THRESHOLD) {
|
|
1337
|
+
await this._callRefreshToken(session.refresh_token);
|
|
1338
|
+
}
|
|
1339
|
+
});
|
|
1301
1340
|
}
|
|
1302
1341
|
catch (e) {
|
|
1303
1342
|
console.error('Auto refresh tick failed with error. This is likely a transient error.', e);
|
|
@@ -1389,15 +1428,17 @@ export default class GoTrueClient {
|
|
|
1389
1428
|
return `${this.url}/authorize?${urlParams.join('&')}`;
|
|
1390
1429
|
}
|
|
1391
1430
|
async _unenroll(params) {
|
|
1392
|
-
var _a;
|
|
1393
1431
|
try {
|
|
1394
|
-
|
|
1395
|
-
|
|
1396
|
-
|
|
1397
|
-
|
|
1398
|
-
|
|
1399
|
-
|
|
1400
|
-
|
|
1432
|
+
return await this._useSession(async (result) => {
|
|
1433
|
+
var _a;
|
|
1434
|
+
const { data: sessionData, error: sessionError } = result;
|
|
1435
|
+
if (sessionError) {
|
|
1436
|
+
return { data: null, error: sessionError };
|
|
1437
|
+
}
|
|
1438
|
+
return await _request(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
|
|
1439
|
+
headers: this.headers,
|
|
1440
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1441
|
+
});
|
|
1401
1442
|
});
|
|
1402
1443
|
}
|
|
1403
1444
|
catch (error) {
|
|
@@ -1411,28 +1452,30 @@ export default class GoTrueClient {
|
|
|
1411
1452
|
* {@see GoTrueMFAApi#enroll}
|
|
1412
1453
|
*/
|
|
1413
1454
|
async _enroll(params) {
|
|
1414
|
-
var _a, _b;
|
|
1415
1455
|
try {
|
|
1416
|
-
|
|
1417
|
-
|
|
1418
|
-
|
|
1419
|
-
|
|
1420
|
-
|
|
1421
|
-
|
|
1422
|
-
|
|
1423
|
-
|
|
1424
|
-
|
|
1425
|
-
|
|
1426
|
-
|
|
1427
|
-
|
|
1456
|
+
return await this._useSession(async (result) => {
|
|
1457
|
+
var _a, _b;
|
|
1458
|
+
const { data: sessionData, error: sessionError } = result;
|
|
1459
|
+
if (sessionError) {
|
|
1460
|
+
return { data: null, error: sessionError };
|
|
1461
|
+
}
|
|
1462
|
+
const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors`, {
|
|
1463
|
+
body: {
|
|
1464
|
+
friendly_name: params.friendlyName,
|
|
1465
|
+
factor_type: params.factorType,
|
|
1466
|
+
issuer: params.issuer,
|
|
1467
|
+
},
|
|
1468
|
+
headers: this.headers,
|
|
1469
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1470
|
+
});
|
|
1471
|
+
if (error) {
|
|
1472
|
+
return { data: null, error };
|
|
1473
|
+
}
|
|
1474
|
+
if ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code) {
|
|
1475
|
+
data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
|
|
1476
|
+
}
|
|
1477
|
+
return { data, error: null };
|
|
1428
1478
|
});
|
|
1429
|
-
if (error) {
|
|
1430
|
-
return { data: null, error };
|
|
1431
|
-
}
|
|
1432
|
-
if ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code) {
|
|
1433
|
-
data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
|
|
1434
|
-
}
|
|
1435
|
-
return { data, error: null };
|
|
1436
1479
|
}
|
|
1437
1480
|
catch (error) {
|
|
1438
1481
|
if (isAuthError(error)) {
|
|
@@ -1445,23 +1488,25 @@ export default class GoTrueClient {
|
|
|
1445
1488
|
* {@see GoTrueMFAApi#verify}
|
|
1446
1489
|
*/
|
|
1447
1490
|
async _verify(params) {
|
|
1448
|
-
var _a;
|
|
1449
1491
|
try {
|
|
1450
|
-
|
|
1451
|
-
|
|
1452
|
-
|
|
1453
|
-
|
|
1454
|
-
|
|
1455
|
-
|
|
1456
|
-
|
|
1457
|
-
|
|
1492
|
+
return await this._useSession(async (result) => {
|
|
1493
|
+
var _a;
|
|
1494
|
+
const { data: sessionData, error: sessionError } = result;
|
|
1495
|
+
if (sessionError) {
|
|
1496
|
+
return { data: null, error: sessionError };
|
|
1497
|
+
}
|
|
1498
|
+
const { data, error } = await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/verify`, {
|
|
1499
|
+
body: { code: params.code, challenge_id: params.challengeId },
|
|
1500
|
+
headers: this.headers,
|
|
1501
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1502
|
+
});
|
|
1503
|
+
if (error) {
|
|
1504
|
+
return { data: null, error };
|
|
1505
|
+
}
|
|
1506
|
+
await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
|
|
1507
|
+
await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
|
|
1508
|
+
return { data, error };
|
|
1458
1509
|
});
|
|
1459
|
-
if (error) {
|
|
1460
|
-
return { data: null, error };
|
|
1461
|
-
}
|
|
1462
|
-
await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
|
|
1463
|
-
await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
|
|
1464
|
-
return { data, error };
|
|
1465
1510
|
}
|
|
1466
1511
|
catch (error) {
|
|
1467
1512
|
if (isAuthError(error)) {
|
|
@@ -1474,15 +1519,17 @@ export default class GoTrueClient {
|
|
|
1474
1519
|
* {@see GoTrueMFAApi#challenge}
|
|
1475
1520
|
*/
|
|
1476
1521
|
async _challenge(params) {
|
|
1477
|
-
var _a;
|
|
1478
1522
|
try {
|
|
1479
|
-
|
|
1480
|
-
|
|
1481
|
-
|
|
1482
|
-
|
|
1483
|
-
|
|
1484
|
-
|
|
1485
|
-
|
|
1523
|
+
return await this._useSession(async (result) => {
|
|
1524
|
+
var _a;
|
|
1525
|
+
const { data: sessionData, error: sessionError } = result;
|
|
1526
|
+
if (sessionError) {
|
|
1527
|
+
return { data: null, error: sessionError };
|
|
1528
|
+
}
|
|
1529
|
+
return await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
|
|
1530
|
+
headers: this.headers,
|
|
1531
|
+
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
1532
|
+
});
|
|
1486
1533
|
});
|
|
1487
1534
|
}
|
|
1488
1535
|
catch (error) {
|
|
@@ -1530,29 +1577,31 @@ export default class GoTrueClient {
|
|
|
1530
1577
|
* {@see GoTrueMFAApi#getAuthenticatorAssuranceLevel}
|
|
1531
1578
|
*/
|
|
1532
1579
|
async _getAuthenticatorAssuranceLevel() {
|
|
1533
|
-
|
|
1534
|
-
|
|
1535
|
-
|
|
1536
|
-
|
|
1537
|
-
|
|
1538
|
-
|
|
1539
|
-
|
|
1540
|
-
|
|
1541
|
-
|
|
1542
|
-
|
|
1543
|
-
|
|
1544
|
-
|
|
1545
|
-
|
|
1546
|
-
|
|
1547
|
-
|
|
1548
|
-
|
|
1549
|
-
|
|
1550
|
-
|
|
1551
|
-
|
|
1552
|
-
|
|
1553
|
-
|
|
1554
|
-
|
|
1555
|
-
|
|
1580
|
+
return await this._useSession(async (result) => {
|
|
1581
|
+
var _a, _b;
|
|
1582
|
+
const { data: { session }, error: sessionError, } = result;
|
|
1583
|
+
if (sessionError) {
|
|
1584
|
+
return { data: null, error: sessionError };
|
|
1585
|
+
}
|
|
1586
|
+
if (!session) {
|
|
1587
|
+
return {
|
|
1588
|
+
data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
|
|
1589
|
+
error: null,
|
|
1590
|
+
};
|
|
1591
|
+
}
|
|
1592
|
+
const payload = this._decodeJWT(session.access_token);
|
|
1593
|
+
let currentLevel = null;
|
|
1594
|
+
if (payload.aal) {
|
|
1595
|
+
currentLevel = payload.aal;
|
|
1596
|
+
}
|
|
1597
|
+
let nextLevel = currentLevel;
|
|
1598
|
+
const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
|
|
1599
|
+
if (verifiedFactors.length > 0) {
|
|
1600
|
+
nextLevel = 'aal2';
|
|
1601
|
+
}
|
|
1602
|
+
const currentAuthenticationMethods = payload.amr || [];
|
|
1603
|
+
return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
|
|
1604
|
+
});
|
|
1556
1605
|
}
|
|
1557
1606
|
}
|
|
1558
1607
|
GoTrueClient.nextInstanceID = 0;
|