supaapps-auth 3.0.1 → 3.2.2

package/dist/index.d.ts

@@ -36,11 +36,13 @@ declare enum Platforms {
     GITHUB = "github",
     APPLE = "apple",
     LINKEDIN = "linkedin",
-    MICROSOFT = "microsoft"
+    MICROSOFT = "microsoft",
+    SUPPORT = "support"
 }
 
 declare class AuthManager {
     private static instance;
+    private readonly tokenExpiryLeewaySeconds;
     private authServer;
     private realmName;
     private redirectUri;
@@ -80,6 +82,7 @@ declare class AuthManager {
     private saveTokens;
     loginUsingEmail(email: string, password: string): Promise<void>;
     loginUsingPkce(code: string): Promise<void>;
+    loginUsingImpersonation(code: string, redirectUri?: string): Promise<void>;
     logout(): Promise<void>;
     static validateToken(authServer: string, bearerToken: string): Promise<UserTokenPayload>;
     static resetInstance(): void;

package/dist/index.js

@@ -18,6 +18,7 @@ var Platforms = /* @__PURE__ */ ((Platforms2) => {
   Platforms2["APPLE"] = "apple";
   Platforms2["LINKEDIN"] = "linkedin";
   Platforms2["MICROSOFT"] = "microsoft";
+  Platforms2["SUPPORT"] = "support";
   return Platforms2;
 })(Platforms || {});
 
@@ -67,6 +68,7 @@ function generateCodeChallenge(verifier) {
 // src/AuthManager.ts
 var AuthManager = class _AuthManager {
   static instance = null;
+  tokenExpiryLeewaySeconds = 10;
   authServer;
   realmName;
   redirectUri;
@@ -107,10 +109,10 @@ var AuthManager = class _AuthManager {
     return JSON.parse(atob(token.split(".")[1]));
   }
   generatePKCEPair() {
-    const verifier = localStorage.getItem("codeVerifier") ?? generateCodeVerifier();
-    const challenge = localStorage.getItem("codeChallenge") ?? generateCodeChallenge(verifier);
-    localStorage.setItem("codeVerifier", verifier);
-    localStorage.setItem("codeChallenge", challenge);
+    const verifier = localStorage.getItem("code_verifier") ?? generateCodeVerifier();
+    const challenge = localStorage.getItem("code_challenge") ?? generateCodeChallenge(verifier);
+    localStorage.setItem("code_verifier", verifier);
+    localStorage.setItem("code_challenge", challenge);
     return { verifier, challenge };
   }
   async refreshAccessToken(isInitialization = false) {
@@ -140,13 +142,17 @@ var AuthManager = class _AuthManager {
   async checkAccessToken(isInitilization = false) {
     const accessToken = localStorage.getItem("access_token");
     if (accessToken && this.isTokenExpired(accessToken)) {
+      console.info(
+        "[AuthManager] Access token expired or near expiry; refreshing."
+      );
       return this.refreshAccessToken(isInitilization);
     }
     return accessToken;
   }
   isTokenExpired(token) {
     const decoded = this.tokenToPayload(token);
-    return decoded.exp < Date.now() / 1e3;
+    const nowSeconds = Date.now() / 1e3;
+    return decoded.exp <= nowSeconds + this.tokenExpiryLeewaySeconds;
   }
   async mustBeLoggedIn() {
     if (!await this.isLoggedIn()) {
@@ -167,6 +173,9 @@ var AuthManager = class _AuthManager {
     }
     if (this.isTokenExpired(accessToken)) {
       try {
+        console.info(
+          "[AuthManager] Access token expired or near expiry; refreshing."
+        );
         await this.refreshAccessToken();
         return true;
       } catch {
@@ -365,17 +374,18 @@ var AuthManager = class _AuthManager {
     this.saveTokens(response, false);
   }
   saveTokens(response, byRefresh) {
+    const eventType = byRefresh ? "user-updated" /* USER_UPDATED */ : "user-logged-in" /* USER_LOGGED_IN */;
+    const userPayload = this.tokenToPayload(response.data.access_token);
     localStorage.setItem("access_token", response.data.access_token);
     localStorage.setItem(
       "refresh_token",
       response.data.refresh_token
     );
     this.onStateChange({
-      type: byRefresh ? "user-updated" /* USER_UPDATED */ : "user-logged-in" /* USER_LOGGED_IN */,
-      user: this.tokenToPayload(response.data.access_token)
+      type: eventType,
+      user: userPayload
     });
-    const user = this.tokenToPayload(response.data.access_token);
-    localStorage.setItem("user", JSON.stringify(user));
+    localStorage.setItem("user", JSON.stringify(userPayload));
   }
   async loginUsingEmail(email, password) {
     const response = await axios.post(
@@ -393,7 +403,7 @@ var AuthManager = class _AuthManager {
   }
   async loginUsingPkce(code) {
     try {
-      const codeVerifier = localStorage.getItem("codeVerifier");
+      const codeVerifier = localStorage.getItem("code_verifier");
       if (!codeVerifier) {
         throw new Error("Code verifier not found");
       }
@@ -408,10 +418,26 @@ var AuthManager = class _AuthManager {
       );
       this.saveTokens(response, false);
     } finally {
-      localStorage.removeItem("codeVerifier");
-      localStorage.removeItem("codeChallenge");
+      localStorage.removeItem("code_verifier");
+      localStorage.removeItem("code_challenge");
     }
   }
+  async loginUsingImpersonation(code, redirectUri) {
+    const response = await axios.post(
+      `${this.authServer}auth/impersonation_exchange`,
+      {
+        code,
+        ...redirectUri ? { redirect_uri: redirectUri } : {}
+      }
+    );
+    if (response.data.message || response.data.error) {
+      throw new Error(response.data.message || response.data.error);
+    }
+    if (!response.data.access_token) {
+      throw new Error("Something went wrong");
+    }
+    this.saveTokens(response, false);
+  }
   async logout() {
     try {
       const accessToken = localStorage.getItem("access_token");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "supaapps-auth",
-  "version": "3.0.1",
+  "version": "3.2.2",
   "description": "",
   "type": "module",
   "module": "dist/index.js",