@vulog/aima-client 1.0.10 → 1.0.13

package/README.md

@@ -1,5 +1,9 @@
 # @vulog/aima-client
 
+```bash
+npm i @vulog/aima-client
+```
+
 ```javascript
 import { getClient } from '@vulog/aima-client';
 

package/dist/index.d.mts

@@ -1,5 +1,13 @@
 import { AxiosInstance } from 'axios';
 
+type Token = {
+    accessToken: string;
+    refreshToken: string;
+};
+type Store = {
+    getToken: () => Promise<Token | undefined>;
+    setToken: (token: Token) => Promise<void>;
+};
 type ClientOptions = {
     fleetId: string;
     name?: string;
@@ -11,18 +19,18 @@ type ClientOptions = {
     secure?: boolean;
     logCurl?: boolean;
     logResponse?: boolean;
-    onRefreshToken?: (refreshToken: string) => void;
+    store?: Store;
     onLog?: (...args: any[]) => void;
 };
 type ClientError = {
     formattedError: {
-        status: number;
-        data: any;
+        status?: number;
+        data?: any;
+        message?: string;
     };
     originalError: any;
 };
 type Client = AxiosInstance & {
-    refreshToken?: string;
     signInWithPassword: (username: string, password: string) => Promise<void>;
     clientOptions: ClientOptions;
 };

package/dist/index.d.ts

@@ -1,5 +1,13 @@
 import { AxiosInstance } from 'axios';
 
+type Token = {
+    accessToken: string;
+    refreshToken: string;
+};
+type Store = {
+    getToken: () => Promise<Token | undefined>;
+    setToken: (token: Token) => Promise<void>;
+};
 type ClientOptions = {
     fleetId: string;
     name?: string;
@@ -11,18 +19,18 @@ type ClientOptions = {
     secure?: boolean;
     logCurl?: boolean;
     logResponse?: boolean;
-    onRefreshToken?: (refreshToken: string) => void;
+    store?: Store;
     onLog?: (...args: any[]) => void;
 };
 type ClientError = {
     formattedError: {
-        status: number;
-        data: any;
+        status?: number;
+        data?: any;
+        message?: string;
     };
     originalError: any;
 };
 type Client = AxiosInstance & {
-    refreshToken?: string;
     signInWithPassword: (username: string, password: string) => Promise<void>;
     clientOptions: ClientOptions;
 };

package/dist/index.js

@@ -36,7 +36,7 @@ module.exports = __toCommonJS(src_exports);
 
 // src/getClient.ts
 var import_axios = __toESM(require("axios"));
-var import_lodash = __toESM(require("lodash"));
+var import_es_toolkit = require("es-toolkit");
 var import_lru_cache = require("lru-cache");
 
 // src/CurlHelper.ts
@@ -114,25 +114,48 @@ var CurlHelper = class {
 
 // src/getClient.ts
 var clientCache = new import_lru_cache.LRUCache({ max: 100 });
+var tokenCache = new import_lru_cache.LRUCache({ max: 100 });
+var getMemoryStore = (options) => ({
+  getToken: async () => {
+    const log = options.onLog ?? console.log;
+    log("getMemoryStore.getToken", options.name ?? options.fleetId);
+    if (tokenCache.has(options.name ?? options.fleetId)) {
+      log("getMemoryStore.getToken", tokenCache.get(options.name ?? options.fleetId));
+      return tokenCache.get(options.name ?? options.fleetId);
+    }
+    return void 0;
+  },
+  setToken: async (token) => {
+    const log = options.onLog ?? console.log;
+    log("getMemoryStore.setToken", options.name ?? options.fleetId, token);
+    tokenCache.set(options.name ?? options.fleetId, token);
+  }
+});
 var formatError = (error) => {
-  const { response: { status, data } = { status: 500 } } = error ?? {};
+  if (error instanceof import_axios.AxiosError) {
+    return {
+      originalError: error.toJSON(),
+      formattedError: {
+        status: error.response?.status ?? error.status,
+        data: error.response?.data,
+        message: error.message
+      }
+    };
+  }
   return {
-    formattedError: {
-      status,
-      data
-    },
-    originalError: error.toJSON ? error.toJSON() : error
+    formattedError: {},
+    originalError: JSON.parse(JSON.stringify(error, Object.getOwnPropertyNames(error)))
   };
 };
 var getClient = (options) => {
   if (clientCache.has(options.name ?? options.fleetId)) {
     const { options: cachedOptions, client: client2 } = clientCache.get(options.fleetId);
-    if (import_lodash.default.isEqual(cachedOptions, options)) {
+    if ((0, import_es_toolkit.isEqual)(cachedOptions, options)) {
       return client2;
     }
   }
   const client = import_axios.default.create({
-    baseURL: import_lodash.default.trimEnd(options.baseUrl, "/"),
+    baseURL: (0, import_es_toolkit.trimEnd)(options.baseUrl, "/"),
     timeout: 3e4,
     headers: {
       "Cache-Control": "no-cache",
@@ -149,7 +172,7 @@ var getClient = (options) => {
     params.append("securityOptions", "SSL_OP_NO_SSLv3");
     params.append("grant_type", "client_credentials");
     const { data: token } = await import_axios.default.post(
-      `${import_lodash.default.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${(0, import_es_toolkit.trimEnd)(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -159,11 +182,17 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
+    const store = options.store ?? getMemoryStore(options);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
     return token.access_token;
   };
   const refreshTokenAuthentification = async () => {
-    if (!client.refreshToken) {
+    const store = options.store ?? getMemoryStore(options);
+    const oldToken = await store.getToken();
+    if (!oldToken?.refreshToken) {
       throw new Error("No refresh token available");
     }
     const params = new URLSearchParams();
@@ -171,9 +200,9 @@ var getClient = (options) => {
     params.append("client_secret", options.clientSecret);
     params.append("securityOptions", "SSL_OP_NO_SSLv3");
     params.append("grant_type", "refresh_token");
-    params.append("refresh_token", client.refreshToken);
+    params.append("refresh_token", oldToken.refreshToken);
     const { data: token } = await import_axios.default.post(
-      `${import_lodash.default.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${(0, import_es_toolkit.trimEnd)(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -183,9 +212,10 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-    client.refreshToken = token.refresh_token;
-    options.onRefreshToken?.(token.refresh_token);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
     return token.access_token;
   };
   client.signInWithPassword = async (username, password) => {
@@ -200,7 +230,7 @@ var getClient = (options) => {
     params.append("username", username);
     params.append("password", password);
     const { data: token } = await import_axios.default.post(
-      `${import_lodash.default.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${(0, import_es_toolkit.trimEnd)(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -210,17 +240,39 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-    client.refreshToken = token.refresh_token;
+    const store = options.store ?? getMemoryStore(options);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
   };
-  if (options.logCurl) {
-    client.interceptors.request.use((request) => {
-      const curl = new CurlHelper(request).generateCommand();
+  client.interceptors.request.use(async (request) => {
+    const newRequest = request;
+    const store = options.store ?? getMemoryStore(options);
+    const token = await store.getToken();
+    if (token?.accessToken) {
+      newRequest.headers.Authorization = `Bearer ${token.accessToken}`;
+    }
+    if (options.logCurl) {
+      const curl = new CurlHelper(newRequest).generateCommand();
       if (options.onLog) options.onLog({ curl, message: "getClient > Curl command" });
       else console.log({ curl, message: "getClient > Curl command" });
-      return request;
+    }
+    return newRequest;
+  });
+  let isRefreshing = false;
+  let refreshSubscribers = [];
+  const executorRefresh = (config) => {
+    return new Promise((resolve, reject) => {
+      refreshSubscribers.push((token, error) => {
+        if (error) {
+          reject(formatError(error));
+          return;
+        }
+        resolve(client.request(config));
+      });
     });
-  }
+  };
   client.interceptors.response.use(
     (response) => {
       if (options.logResponse) {
@@ -241,12 +293,32 @@ var getClient = (options) => {
         return Promise.reject(formatError(error));
       }
       if (status === 401) {
-        return new Promise((resolve, reject) => {
-          (options.secure ? refreshTokenAuthentification() : clientCredentialsAuthentification()).then((token) => {
-            originalRequest.headers.Authorization = `Bearer ${token}`;
-            resolve(client.request(originalRequest));
-          }).catch(() => reject(formatError(error)));
-        });
+        originalRequest.attemptCount += 1;
+        if (!isRefreshing) {
+          isRefreshing = true;
+          let authentification;
+          if (options.secure) {
+            authentification = refreshTokenAuthentification;
+          } else {
+            authentification = async () => {
+              const store = options.store ?? getMemoryStore(options);
+              const token = await store.getToken();
+              if (!token?.refreshToken) {
+                return clientCredentialsAuthentification();
+              }
+              return refreshTokenAuthentification();
+            };
+          }
+          authentification().then((accessToken) => {
+            refreshSubscribers.forEach((cb) => cb(accessToken));
+          }).catch((errorAuth) => {
+            refreshSubscribers.forEach((cb) => cb(void 0, errorAuth));
+          }).finally(() => {
+            isRefreshing = false;
+            refreshSubscribers = [];
+          });
+        }
+        return executorRefresh(originalRequest);
       }
       return Promise.reject(formatError(error));
     }

package/dist/index.mjs

@@ -1,6 +1,6 @@
 // src/getClient.ts
-import axios from "axios";
-import _ from "lodash";
+import axios, { AxiosError } from "axios";
+import { isEqual, trimEnd } from "es-toolkit";
 import { LRUCache } from "lru-cache";
 
 // src/CurlHelper.ts
@@ -78,25 +78,48 @@ var CurlHelper = class {
 
 // src/getClient.ts
 var clientCache = new LRUCache({ max: 100 });
+var tokenCache = new LRUCache({ max: 100 });
+var getMemoryStore = (options) => ({
+  getToken: async () => {
+    const log = options.onLog ?? console.log;
+    log("getMemoryStore.getToken", options.name ?? options.fleetId);
+    if (tokenCache.has(options.name ?? options.fleetId)) {
+      log("getMemoryStore.getToken", tokenCache.get(options.name ?? options.fleetId));
+      return tokenCache.get(options.name ?? options.fleetId);
+    }
+    return void 0;
+  },
+  setToken: async (token) => {
+    const log = options.onLog ?? console.log;
+    log("getMemoryStore.setToken", options.name ?? options.fleetId, token);
+    tokenCache.set(options.name ?? options.fleetId, token);
+  }
+});
 var formatError = (error) => {
-  const { response: { status, data } = { status: 500 } } = error ?? {};
+  if (error instanceof AxiosError) {
+    return {
+      originalError: error.toJSON(),
+      formattedError: {
+        status: error.response?.status ?? error.status,
+        data: error.response?.data,
+        message: error.message
+      }
+    };
+  }
   return {
-    formattedError: {
-      status,
-      data
-    },
-    originalError: error.toJSON ? error.toJSON() : error
+    formattedError: {},
+    originalError: JSON.parse(JSON.stringify(error, Object.getOwnPropertyNames(error)))
   };
 };
 var getClient = (options) => {
   if (clientCache.has(options.name ?? options.fleetId)) {
     const { options: cachedOptions, client: client2 } = clientCache.get(options.fleetId);
-    if (_.isEqual(cachedOptions, options)) {
+    if (isEqual(cachedOptions, options)) {
       return client2;
     }
   }
   const client = axios.create({
-    baseURL: _.trimEnd(options.baseUrl, "/"),
+    baseURL: trimEnd(options.baseUrl, "/"),
     timeout: 3e4,
     headers: {
       "Cache-Control": "no-cache",
@@ -113,7 +136,7 @@ var getClient = (options) => {
     params.append("securityOptions", "SSL_OP_NO_SSLv3");
     params.append("grant_type", "client_credentials");
     const { data: token } = await axios.post(
-      `${_.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -123,11 +146,17 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
+    const store = options.store ?? getMemoryStore(options);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
     return token.access_token;
   };
   const refreshTokenAuthentification = async () => {
-    if (!client.refreshToken) {
+    const store = options.store ?? getMemoryStore(options);
+    const oldToken = await store.getToken();
+    if (!oldToken?.refreshToken) {
       throw new Error("No refresh token available");
     }
     const params = new URLSearchParams();
@@ -135,9 +164,9 @@ var getClient = (options) => {
     params.append("client_secret", options.clientSecret);
     params.append("securityOptions", "SSL_OP_NO_SSLv3");
     params.append("grant_type", "refresh_token");
-    params.append("refresh_token", client.refreshToken);
+    params.append("refresh_token", oldToken.refreshToken);
     const { data: token } = await axios.post(
-      `${_.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -147,9 +176,10 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-    client.refreshToken = token.refresh_token;
-    options.onRefreshToken?.(token.refresh_token);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
     return token.access_token;
   };
   client.signInWithPassword = async (username, password) => {
@@ -164,7 +194,7 @@ var getClient = (options) => {
     params.append("username", username);
     params.append("password", password);
     const { data: token } = await axios.post(
-      `${_.trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+      `${trimEnd(options.baseUrl, "/")}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
       params,
       {
         timeout: 3e4,
@@ -174,17 +204,39 @@ var getClient = (options) => {
         withCredentials: false
       }
     );
-    client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-    client.refreshToken = token.refresh_token;
+    const store = options.store ?? getMemoryStore(options);
+    await store.setToken({
+      accessToken: token.access_token,
+      refreshToken: token.refresh_token
+    });
   };
-  if (options.logCurl) {
-    client.interceptors.request.use((request) => {
-      const curl = new CurlHelper(request).generateCommand();
+  client.interceptors.request.use(async (request) => {
+    const newRequest = request;
+    const store = options.store ?? getMemoryStore(options);
+    const token = await store.getToken();
+    if (token?.accessToken) {
+      newRequest.headers.Authorization = `Bearer ${token.accessToken}`;
+    }
+    if (options.logCurl) {
+      const curl = new CurlHelper(newRequest).generateCommand();
       if (options.onLog) options.onLog({ curl, message: "getClient > Curl command" });
       else console.log({ curl, message: "getClient > Curl command" });
-      return request;
+    }
+    return newRequest;
+  });
+  let isRefreshing = false;
+  let refreshSubscribers = [];
+  const executorRefresh = (config) => {
+    return new Promise((resolve, reject) => {
+      refreshSubscribers.push((token, error) => {
+        if (error) {
+          reject(formatError(error));
+          return;
+        }
+        resolve(client.request(config));
+      });
     });
-  }
+  };
   client.interceptors.response.use(
     (response) => {
       if (options.logResponse) {
@@ -205,12 +257,32 @@ var getClient = (options) => {
         return Promise.reject(formatError(error));
       }
       if (status === 401) {
-        return new Promise((resolve, reject) => {
-          (options.secure ? refreshTokenAuthentification() : clientCredentialsAuthentification()).then((token) => {
-            originalRequest.headers.Authorization = `Bearer ${token}`;
-            resolve(client.request(originalRequest));
-          }).catch(() => reject(formatError(error)));
-        });
+        originalRequest.attemptCount += 1;
+        if (!isRefreshing) {
+          isRefreshing = true;
+          let authentification;
+          if (options.secure) {
+            authentification = refreshTokenAuthentification;
+          } else {
+            authentification = async () => {
+              const store = options.store ?? getMemoryStore(options);
+              const token = await store.getToken();
+              if (!token?.refreshToken) {
+                return clientCredentialsAuthentification();
+              }
+              return refreshTokenAuthentification();
+            };
+          }
+          authentification().then((accessToken) => {
+            refreshSubscribers.forEach((cb) => cb(accessToken));
+          }).catch((errorAuth) => {
+            refreshSubscribers.forEach((cb) => cb(void 0, errorAuth));
+          }).finally(() => {
+            isRefreshing = false;
+            refreshSubscribers = [];
+          });
+        }
+        return executorRefresh(originalRequest);
       }
       return Promise.reject(formatError(error));
     }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@vulog/aima-client",
-    "version": "1.0.10",
+    "version": "1.0.13",
     "main": "dist/index.js",
     "module": "dist/index.mjs",
     "types": "dist/index.d.ts",
@@ -9,7 +9,8 @@
         "build": "tsup",
         "dev": "tsup --watch",
         "test": "vitest run",
-        "test:watch": "vitest"
+        "test:watch": "vitest",
+        "lint": "eslint src/**/* --ext .ts"
     },
     "keywords": [
         "AIMA",
@@ -20,23 +21,22 @@
     "author": "Vulog",
     "license": "ISC",
     "devDependencies": {
-        "@types/lodash": "^4.17.12",
-        "@types/node": "^22.7.9",
+        "@types/node": "^22.10.1",
         "eslint-config-airbnb-base": "^15.0.0",
         "eslint-config-airbnb-typescript": "^18.0.0",
         "eslint-config-prettier": "^9.1.0",
         "eslint-plugin-import": "^2.31.0",
         "eslint-plugin-prettier": "^5.2.1",
         "eslint-plugin-unused-imports": "^4.1.4",
-        "prettier": "^3.3.3",
-        "tsup": "^8.3.0",
-        "typescript": "^5.6.3",
-        "vitest": "^2.1.3"
+        "prettier": "^3.4.1",
+        "tsup": "^8.3.5",
+        "typescript": "^5.7.2",
+        "vitest": "^2.1.8"
     },
     "peerDependencies": {
-        "axios": "^1.7.7",
-        "lodash": "^4.17.21",
-        "lru-cache": "^11.0.1"
+        "axios": "^1.7.8",
+        "es-toolkit":"^1.29.0",
+        "lru-cache": "^11.0.2"
     },
     "description": ""
 }

package/src/getClient.ts

@@ -1,9 +1,11 @@
-import axios from 'axios';
-import _ from 'lodash';
+import axios, { AxiosError } from 'axios';
+import { isEqual, trimEnd } from 'es-toolkit';
 import { LRUCache } from 'lru-cache';
 
 import { CurlHelper } from './CurlHelper';
-import { Client, ClientError, ClientOptions } from './types';
+import { Client, ClientError, ClientOptions, Store, Token } from './types';
+
+type RefreshSubscriber = (token?: string, error?: any) => void;
 
 const clientCache = new LRUCache<
     string,
@@ -13,28 +15,56 @@ const clientCache = new LRUCache<
     }
 >({ max: 100 });
 
+const tokenCache = new LRUCache<string, Token>({ max: 100 });
+
+const getMemoryStore = (options: ClientOptions): Store => ({
+    getToken: async (): Promise<Token | undefined> => {
+        // eslint-disable-next-line no-console
+        const log = options.onLog ?? console.log;
+        log('getMemoryStore.getToken', options.name ?? options.fleetId);
+        if (tokenCache.has(options.name ?? options.fleetId)) {
+            log('getMemoryStore.getToken', tokenCache.get(options.name ?? options.fleetId));
+            return tokenCache.get(options.name ?? options.fleetId)!;
+        }
+
+        return undefined;
+    },
+    setToken: async (token: Token): Promise<void> => {
+        // eslint-disable-next-line no-console
+        const log = options.onLog ?? console.log;
+        log('getMemoryStore.setToken', options.name ?? options.fleetId, token);
+        tokenCache.set(options.name ?? options.fleetId, token);
+    },
+});
+
 const formatError = (error: any): ClientError => {
-    const { response: { status, data } = { status: 500 } } = error ?? {};
+    if (error instanceof AxiosError) {
+        return {
+            originalError: error.toJSON(),
+            formattedError: {
+                status: error.response?.status ?? error.status,
+                data: error.response?.data,
+                message: error.message,
+            },
+        };
+    }
 
     return {
-        formattedError: {
-            status,
-            data,
-        },
-        originalError: error.toJSON ? error.toJSON() : error,
+        formattedError: {},
+        originalError: JSON.parse(JSON.stringify(error, Object.getOwnPropertyNames(error))),
     };
 };
 
 const getClient = (options: ClientOptions): Client => {
     if (clientCache.has(options.name ?? options.fleetId)) {
         const { options: cachedOptions, client } = clientCache.get(options.fleetId)!;
-        if (_.isEqual(cachedOptions, options)) {
+        if (isEqual(cachedOptions, options)) {
             return client;
         }
     }
 
     const client = axios.create({
-        baseURL: _.trimEnd(options.baseUrl, '/'),
+        baseURL: trimEnd(options.baseUrl, '/'),
         timeout: 30000,
         headers: {
             'Cache-Control': 'no-cache',
@@ -53,7 +83,7 @@ const getClient = (options: ClientOptions): Client => {
         params.append('grant_type', 'client_credentials');
 
         const { data: token } = await axios.post(
-            `${_.trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+            `${trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
             params,
             {
                 timeout: 30000,
@@ -63,12 +93,18 @@ const getClient = (options: ClientOptions): Client => {
                 withCredentials: false,
             }
         );
-        client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
+        const store = options.store ?? getMemoryStore(options);
+        await store.setToken({
+            accessToken: token.access_token,
+            refreshToken: token.refresh_token,
+        });
         return token.access_token;
     };
 
     const refreshTokenAuthentification = async (): Promise<string> => {
-        if (!client.refreshToken) {
+        const store = options.store ?? getMemoryStore(options);
+        const oldToken = await store.getToken();
+        if (!oldToken?.refreshToken) {
             throw new Error('No refresh token available');
         }
         const params = new URLSearchParams();
@@ -76,10 +112,10 @@ const getClient = (options: ClientOptions): Client => {
         params.append('client_secret', options.clientSecret);
         params.append('securityOptions', 'SSL_OP_NO_SSLv3');
         params.append('grant_type', 'refresh_token');
-        params.append('refresh_token', client.refreshToken);
+        params.append('refresh_token', oldToken.refreshToken);
 
         const { data: token } = await axios.post(
-            `${_.trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+            `${trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
             params,
             {
                 timeout: 30000,
@@ -89,9 +125,10 @@ const getClient = (options: ClientOptions): Client => {
                 withCredentials: false,
             }
         );
-        client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-        client.refreshToken = token.refresh_token;
-        options.onRefreshToken?.(token.refresh_token);
+        await store.setToken({
+            accessToken: token.access_token,
+            refreshToken: token.refresh_token,
+        });
         return token.access_token;
     };
 
@@ -108,7 +145,7 @@ const getClient = (options: ClientOptions): Client => {
         params.append('password', password);
 
         const { data: token } = await axios.post(
-            `${_.trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
+            `${trimEnd(options.baseUrl, '/')}/auth/realms/${options.fleetMaster ?? options.fleetId}/protocol/openid-connect/token`,
             params,
             {
                 timeout: 30000,
@@ -118,19 +155,44 @@ const getClient = (options: ClientOptions): Client => {
                 withCredentials: false,
             }
         );
-        client.defaults.headers.Authorization = `Bearer ${token.access_token}`;
-        client.refreshToken = token.refresh_token;
+        const store = options.store ?? getMemoryStore(options);
+        await store.setToken({
+            accessToken: token.access_token,
+            refreshToken: token.refresh_token,
+        });
     };
 
-    if (options.logCurl) {
-        client.interceptors.request.use((request) => {
-            const curl = new CurlHelper(request).generateCommand();
+    client.interceptors.request.use(async (request) => {
+        const newRequest = request;
+        const store = options.store ?? getMemoryStore(options);
+        const token = await store.getToken();
+        if (token?.accessToken) {
+            newRequest.headers.Authorization = `Bearer ${token.accessToken}`;
+        }
+        if (options.logCurl) {
+            const curl = new CurlHelper(newRequest).generateCommand();
             if (options.onLog) options.onLog({ curl, message: 'getClient > Curl command' });
             // eslint-disable-next-line no-console
             else console.log({ curl, message: 'getClient > Curl command' });
-            return request;
+        }
+
+        return newRequest;
+    });
+
+    let isRefreshing = false;
+    let refreshSubscribers: RefreshSubscriber[] = [];
+
+    const executorRefresh = (config: any) => {
+        return new Promise((resolve, reject) => {
+            refreshSubscribers.push((token, error) => {
+                if (error) {
+                    reject(formatError(error));
+                    return;
+                }
+                resolve(client.request(config));
+            });
         });
-    }
+    };
 
     client.interceptors.response.use(
         (response) => {
@@ -156,14 +218,38 @@ const getClient = (options: ClientOptions): Client => {
             }
 
             if (status === 401) {
-                return new Promise((resolve, reject) => {
-                    (options.secure ? refreshTokenAuthentification() : clientCredentialsAuthentification())
-                        .then((token) => {
-                            originalRequest.headers.Authorization = `Bearer ${token}`;
-                            resolve(client.request(originalRequest));
+                originalRequest.attemptCount += 1;
+                if (!isRefreshing) {
+                    isRefreshing = true;
+
+                    let authentification: () => Promise<string>;
+                    if (options.secure) {
+                        authentification = refreshTokenAuthentification;
+                    } else {
+                        authentification = async () => {
+                            const store = options.store ?? getMemoryStore(options);
+                            const token = await store.getToken();
+                            if (!token?.refreshToken) {
+                                return clientCredentialsAuthentification();
+                            }
+                            return refreshTokenAuthentification();
+                        };
+                    }
+
+                    authentification()
+                        .then((accessToken) => {
+                            refreshSubscribers.forEach((cb) => cb(accessToken));
                         })
-                        .catch(() => reject(formatError(error)));
-                });
+                        .catch((errorAuth) => {
+                            refreshSubscribers.forEach((cb) => cb(undefined, errorAuth));
+                        })
+                        .finally(() => {
+                            isRefreshing = false;
+                            refreshSubscribers = [];
+                        });
+                }
+
+                return executorRefresh(originalRequest);
             }
 
             return Promise.reject(formatError(error));

package/src/types.ts

@@ -1,5 +1,15 @@
 import { AxiosInstance } from 'axios';
 
+export type Token = {
+    accessToken: string;
+    refreshToken: string;
+};
+
+export type Store = {
+    getToken: () => Promise<Token | undefined>;
+    setToken: (token: Token) => Promise<void>;
+};
+
 export type ClientOptions = {
     fleetId: string;
     name?: string;
@@ -11,20 +21,20 @@ export type ClientOptions = {
     secure?: boolean;
     logCurl?: boolean;
     logResponse?: boolean;
-    onRefreshToken?: (refreshToken: string) => void;
+    store?: Store;
     onLog?: (...args: any[]) => void;
 };
 
 export type ClientError = {
     formattedError: {
-        status: number;
-        data: any;
+        status?: number;
+        data?: any;
+        message?: string;
     };
     originalError: any;
 };
 
 export type Client = AxiosInstance & {
-    refreshToken?: string;
     signInWithPassword: (username: string, password: string) => Promise<void>;
     clientOptions: ClientOptions;
 };