packages/core/api/token-manager.js

import http from "../utils/http";
import constants from "../utils/constants";
import { EV, EVENTS } from "../common";
import { withTimeout, Mutex } from "async-mutex";

const ENDPOINTS = {
  token: "/connect/token",
  revoke: "/connect/revocation",
  temporaryToken: "/account/token",
  logout: "/account/logout",
};

class TokenManager {
  /**
   *
   * @param {import("../database/storage").default} storage
   */
  constructor(storage) {
    this._storage = storage;
    this._refreshTokenMutex = withTimeout(new Mutex(), 10 * 1000);
  }

  async getToken(renew = true, forceRenew = false) {
    let token = await this._storage.read("token");
    if (!token) return;
    if (forceRenew || (renew && this._isTokenExpired(token))) {
      await this._refreshToken(forceRenew);
      return await this.getToken();
    }
    return token;
  }

  _isTokenExpired(token) {
    const { t, expires_in } = token;
    const expiryMs = t + expires_in * 1000;
    return Date.now() >= expiryMs;
  }

  async getAccessToken(forceRenew = false) {
    try {
      const token = await this.getToken(true, forceRenew);
      if (!token) return;
      return token.access_token;
    } catch (e) {
      console.error("Error getting access token:", e);
      if (e.message === "invalid_grant" || e.message === "invalid_client") {
        EV.publish(EVENTS.userSessionExpired);
      }
      throw e;
    }
  }

  async _refreshToken(forceRenew = false) {
    await this._refreshTokenMutex.runExclusive(async () => {
      const token = await this.getToken(false, false);
      if (!forceRenew && !this._isTokenExpired(token)) {
        return;
      }

      const { refresh_token, scope } = token;
      if (!refresh_token || !scope) return;
      await this.saveToken(
        await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
          refresh_token,
          grant_type: "refresh_token",
          scope: scope,
          client_id: "notesnook",
        })
      );
      EV.publish(EVENTS.tokenRefreshed);
    });
  }

  async revokeToken() {
    const token = await this.getToken();
    if (!token) return;
    const { access_token } = token;

    await http.post(
      `${constants.AUTH_HOST}${ENDPOINTS.logout}`,
      null,
      access_token
    );
  }

  saveToken(tokenResponse) {
    let token = { ...tokenResponse, t: Date.now() };
    return this._storage.write("token", token);
  }

  async getAccessTokenFromAuthorizationCode(userId, authCode) {
    return await this.saveToken(
      await http.post(`${constants.AUTH_HOST}${ENDPOINTS.temporaryToken}`, {
        authorization_code: authCode,
        user_id: userId,
        client_id: "notesnook",
      })
    );
  }
}
export default TokenManager;
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`import http from "../utils/http";`
			`import constants from "../utils/constants";`
fix: invalid_grant when refreshing tokens concurrently 2021-08-08 12:20:07 +05:00			`import { EV, EVENTS } from "../common";`
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`import { withTimeout, Mutex } from "async-mutex";`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00
			`const ENDPOINTS = {`
			`token: "/connect/token",`
			`revoke: "/connect/revocation",`
feat: add logic to exchange auth code with temp token 2020-12-22 09:47:01 +05:00			`temporaryToken: "/account/token",`
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`logout: "/account/logout",`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`};`

			`class TokenManager {`
			`/**`
			`*`
feat: refactors and add support for upload/download progress 2021-09-26 11:47:13 +05:00			`* @param {import("../database/storage").default} storage`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`*/`
feat: refactors and add support for upload/download progress 2021-09-26 11:47:13 +05:00			`constructor(storage) {`
			`this._storage = storage;`
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`this._refreshTokenMutex = withTimeout(new Mutex(), 10 * 1000);`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`async getToken(renew = true, forceRenew = false) {`
feat: refactors and add support for upload/download progress 2021-09-26 11:47:13 +05:00			`let token = await this._storage.read("token");`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`if (!token) return;`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`if (forceRenew \|\| (renew && this._isTokenExpired(token))) {`
fix: generate new token on email confirmed 2021-11-01 11:53:28 +05:00			`await this._refreshToken(forceRenew);`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`return await this.getToken();`
			`}`
			`return token;`
			`}`

			`_isTokenExpired(token) {`
			`const { t, expires_in } = token;`
fix: invalid_grant when refreshing tokens concurrently 2021-08-08 12:20:07 +05:00			`const expiryMs = t + expires_in * 1000;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`return Date.now() >= expiryMs;`
			`}`

fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`async getAccessToken(forceRenew = false) {`
			`try {`
			`const token = await this.getToken(true, forceRenew);`
			`if (!token) return;`
			`return token.access_token;`
			`} catch (e) {`
			`console.error("Error getting access token:", e);`
			`if (e.message === "invalid_grant" \|\| e.message === "invalid_client") {`
revert: fix: refresh token once before giving up 2021-12-04 10:19:33 +05:00			`EV.publish(EVENTS.userSessionExpired);`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`}`
fix: do not throw on sync already running 2021-09-13 09:37:52 +05:00			`throw e;`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`}`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

fix: generate new token on email confirmed 2021-11-01 11:53:28 +05:00			`async _refreshToken(forceRenew = false) {`
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`await this._refreshTokenMutex.runExclusive(async () => {`
			`const token = await this.getToken(false, false);`
fix: generate new token on email confirmed 2021-11-01 11:53:28 +05:00			`if (!forceRenew && !this._isTokenExpired(token)) {`
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`return;`
			`}`
fix: invalid_grant when refreshing tokens concurrently 2021-08-08 12:20:07 +05:00
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`const { refresh_token, scope } = token;`
			`if (!refresh_token \|\| !scope) return;`
fix: invalid_grant when refreshing tokens concurrently 2021-08-08 12:20:07 +05:00			`await this.saveToken(`
			await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
			`refresh_token,`
			`grant_type: "refresh_token",`
			`scope: scope,`
			`client_id: "notesnook",`
			`})`
			`);`
fix: migrate token refreshing to use mutex 2021-10-27 11:19:37 +05:00			`EV.publish(EVENTS.tokenRefreshed);`
			`});`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

			`async revokeToken() {`
			`const token = await this.getToken();`
			`if (!token) return;`
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`const { access_token } = token;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`await http.post(`
			`${constants.AUTH_HOST}${ENDPOINTS.logout}`,
			`null,`
			`access_token`
			`);`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

			`saveToken(tokenResponse) {`
feat: do not cache token locally 2021-05-28 23:10:10 +05:00			`let token = { ...tokenResponse, t: Date.now() };`
feat: refactors and add support for upload/download progress 2021-09-26 11:47:13 +05:00			`return this._storage.write("token", token);`
fix: clear cached token on logout 2021-04-05 11:32:40 +05:00			`}`

feat: add logic to exchange auth code with temp token 2020-12-22 09:47:01 +05:00			`async getAccessTokenFromAuthorizationCode(userId, authCode) {`
			`return await this.saveToken(`
			await http.post(`${constants.AUTH_HOST}${ENDPOINTS.temporaryToken}`, {
			`authorization_code: authCode,`
			`user_id: userId,`
			`client_id: "notesnook",`
			`})`
			`);`
			`}`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`
			`export default TokenManager;`