npm - supaapps-auth - Versions diffs - 1.4.0 → 1.4.1 - Mend

supaapps-auth 1.4.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/AuthManager.d.ts +1 -0
package/dist/AuthManager.js +13 -5
package/package.json +3 -1
package/src/AuthManager.ts +16 -8
package/tests/AuthManager.test.ts +15 -2

package/dist/AuthManager.d.ts CHANGED Viewed

@@ -16,6 +16,7 @@ export declare class AuthManager {
     getLoginWithGoogleUri(): string;
     isLoggedIn(): Promise<boolean>;
     getAccessToken(): Promise<string>;
+    private saveTokens;
     loginUsingPkce(code: string): Promise<void>;
     logout(): Promise<void>;
     static validateToken(authServer: string, bearerToken: string): Promise<boolean>;

package/dist/AuthManager.js CHANGED Viewed

@@ -56,6 +56,8 @@ class AuthManager {
                 });
                 localStorage.setItem('refresh_token', response.data.refresh_token);
                 localStorage.setItem('access_token', response.data.access_token);
+                const user = (0, jsonwebtoken_1.decode)(response.data.access_token);
+                localStorage.setItem('user', JSON.stringify(user));
                 return response.data.access_token;
             }
             catch (error) {
@@ -105,6 +107,12 @@ class AuthManager {
             return this.checkAccessToken();
         });
     }
+    saveTokens(response) {
+        localStorage.setItem('access_token', response.data.access_token);
+        localStorage.setItem('refresh_token', response.data.refresh_token);
+        const user = (0, jsonwebtoken_1.decode)(response.data.access_token);
+        localStorage.setItem('user', JSON.stringify(user));
+    }
     loginUsingPkce(code) {
         return __awaiter(this, void 0, void 0, function* () {
             try {
@@ -118,8 +126,7 @@ class AuthManager {
                     redirect_uri: this.redirectUri,
                     code_verifier: codeVerifier,
                 });
-                localStorage.setItem('access_token', response.data.access_token);
-                localStorage.setItem('refresh_token', response.data.refresh_token);
+                this.saveTokens(response);
             }
             finally {
                 localStorage.removeItem('codeVerifier');
@@ -147,14 +154,15 @@ class AuthManager {
     static validateToken(authServer, bearerToken) {
         var _a;
         return __awaiter(this, void 0, void 0, function* () {
+            // @todo tests missing for this static validation
             try {
-                const decodedToken = (_a = jsonwebtoken_1.default.decode(bearerToken, { complete: true })) === null || _a === void 0 ? void 0 : _a.payload;
-                if (!decodedToken || decodedToken.exp < Date.now() / 1000) {
+                const decodedToken = (_a = (0, jsonwebtoken_1.decode)(bearerToken, { complete: true })) === null || _a === void 0 ? void 0 : _a.payload;
+                if (!decodedToken) {
                     return false;
                 }
                 const { data: publicKey } = yield axios_1.default.get(`${authServer}public/public_key`);
                 const { data: algo } = yield axios_1.default.get(`${authServer}public/algo`);
-                jsonwebtoken_1.default.verify(bearerToken, publicKey, { algorithms: [algo] });
+                (0, jsonwebtoken_1.verify)(bearerToken, publicKey, { algorithms: [algo] });
                 const { data: revokedIds } = yield axios_1.default.get(`${authServer}public/revoked_ids`);
                 return !revokedIds.includes(decodedToken['id']);
             }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "supaapps-auth",
-  "version": "1.4.0",
+  "version": "1.4.1",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -16,7 +16,9 @@
     "jsonwebtoken": "^9.0.2"
   },
   "devDependencies": {
+    "@types/axios": "^0.14.0",
     "@types/jest": "^29.5.12",
+    "@types/jsonwebtoken": "^9.0.6",
     "@types/node": "^20.11.10",
     "axios-mock-adapter": "^1.22.0",
     "jest": "^29.7.0",

package/src/AuthManager.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import axios from 'axios';
+import axios, { AxiosResponse } from 'axios';
 import { createHash, randomBytes } from 'crypto';
-import jwt from 'jsonwebtoken';  // Ensure jsonwebtoken is correctly imported
+import {decode as jwtDecode, verify as jwtVerify} from 'jsonwebtoken';  // Ensure jsonwebtoken is correctly imported
 export class AuthManager {
     private static instance: AuthManager | null = null;
@@ -58,6 +58,8 @@ export class AuthManager {
             localStorage.setItem('refresh_token', response.data.refresh_token);
             localStorage.setItem('access_token', response.data.access_token);
+            const user = jwtDecode(response.data.access_token);
+            localStorage.setItem('user', JSON.stringify(user));
             return response.data.access_token;
         } catch (error) {
             console.error(`Refresh token error, logging out: ${error}`);
@@ -103,6 +105,13 @@ export class AuthManager {
         return this.checkAccessToken();
     }
+    private saveTokens(response: AxiosResponse): void {
+        localStorage.setItem('access_token', response.data.access_token);
+        localStorage.setItem('refresh_token', response.data.refresh_token);
+        const user = jwtDecode(response.data.access_token);
+        localStorage.setItem('user', JSON.stringify(user));
+    }
     public async loginUsingPkce(code: string): Promise<void> {
         try {
             const codeVerifier = localStorage.getItem('codeVerifier');
@@ -116,9 +125,7 @@ export class AuthManager {
                 redirect_uri: this.redirectUri,
                 code_verifier: codeVerifier,
             });
-            localStorage.setItem('access_token', response.data.access_token);
-            localStorage.setItem('refresh_token', response.data.refresh_token);
+            this.saveTokens(response);
         } finally {
             localStorage.removeItem('codeVerifier');
             localStorage.removeItem('codeChallenge');
@@ -141,17 +148,18 @@ export class AuthManager {
     }
     public static async validateToken(authServer: string, bearerToken: string): Promise<boolean> {
+        // @todo tests missing for this static validation
         try {
-            const decodedToken = jwt.decode(bearerToken, { complete: true })?.payload;
+            const decodedToken = jwtDecode(bearerToken, { complete: true })?.payload;
-            if (!decodedToken || decodedToken.exp < Date.now() / 1000) {
+            if (!decodedToken) {
                 return false;
             }
             const { data: publicKey } = await axios.get(`${authServer}public/public_key`);
             const { data: algo } = await axios.get(`${authServer}public/algo`);
-            jwt.verify(bearerToken, publicKey, { algorithms: [algo] });
+            jwtVerify(bearerToken, publicKey, { algorithms: [algo] });
             const { data: revokedIds } = await axios.get(`${authServer}public/revoked_ids`);
             return !revokedIds.includes(decodedToken['id']);

package/tests/AuthManager.test.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import axios from 'axios';
 import MockAdapter from 'axios-mock-adapter';
 import { AuthManager } from '../src/AuthManager';
+import { basename } from 'path';
 const mock = new MockAdapter(axios);
@@ -77,8 +78,18 @@ describe('AuthManager Tests', () => {
     it('logs in using PKCE and updates local storage', async () => {
       localStorage.setItem('codeVerifier', 'mockCodeVerifier');
+      /*
+            {
+            "sub": "1234567890",
+            "name": "John Doe",
+            "iat": 1516239022
+            }
+        */
+      const accessToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
       mock.onPost('http://auth-server.com/auth/pkce_exchange').reply(200, {
-        access_token: 'validAccessToken',
+        access_token: accessToken,
         refresh_token: 'validRefreshToken'
       });
@@ -86,8 +97,10 @@ describe('AuthManager Tests', () => {
       const manager = AuthManager.initialize('http://auth-server.com/', 'example-realm', 'http://myapp.com/callback', loginCallback);
       await manager.loginUsingPkce('mockCode');
-      expect(localStorage.setItem).toHaveBeenCalledWith('access_token', 'validAccessToken');
+      expect(localStorage.setItem).toHaveBeenCalledWith('access_token', accessToken);
       expect(localStorage.setItem).toHaveBeenCalledWith('refresh_token', 'validRefreshToken');
+      const userSub = JSON.parse(localStorage.getItem('user') ?? '').sub;
+      expect(userSub).toEqual('1234567890');
     });
     it('logs out and clears local storage', async () => {