packages/core/api/token-manager.js

import http from "../utils/http";
import constants from "../utils/constants";
import { EV, EVENTS, sendSessionExpiredEvent } from "../common";

const ENDPOINTS = {
  token: "/connect/token",
  revoke: "/connect/revocation",
  temporaryToken: "/account/token",
  logout: "/account/logout",
};

var RETRIES = 0;
var RETRIES_LIMIT = 1;
class TokenManager {
  /**
   *
   * @param {import("./index").default} db
   */
  constructor(db) {
    this._db = db;
    this.token;
  }

  async getToken(renew = true, forceRenew = false) {
    let token = this.token || (await this._db.context.read("token"));
    if (!token) return;
    if (forceRenew || (renew && this._isTokenExpired(token))) {
      await this._refreshToken(token);
      return await this.getToken();
    }
    return token;
  }

  _isTokenExpired(token) {
    const { t, expires_in } = token;
    const expiryMs = t + expires_in * 1000;
    return Date.now() >= expiryMs;
  }

  async getAccessToken(forceRenew = false) {
    try {
      const token = await this.getToken(true, forceRenew);
      if (!token) return;
      return token.access_token;
    } catch (e) {
      console.error("Error getting access token:", e);
      if (e.message === "invalid_grant" || e.message === "invalid_client") {
        if (++RETRIES <= RETRIES_LIMIT) {
          return await this.getAccessToken(true);
        }
        RETRIES = 0;
        EV.publish(EVENTS.userSessionExpired);
      }
      return null;
    }
  }

  async _refreshToken(token) {
    const { refresh_token, scope } = token;

    if (!refresh_token || !scope) return;
    return await this.saveToken(
      await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
        refresh_token,
        grant_type: "refresh_token",
        scope: scope,
        client_id: "notesnook",
      })
    );
  }

  async revokeToken() {
    const token = await this.getToken();
    if (!token) return;
    const { access_token } = token;

    await http.post(
      `${constants.AUTH_HOST}${ENDPOINTS.logout}`,
      null,
      access_token
    );
  }

  saveToken(tokenResponse) {
    this.token = { ...tokenResponse, t: Date.now() };
    return this._db.context.write("token", this.token);
  }

  clearToken() {
    this.token = undefined;
  }

  async getAccessTokenFromAuthorizationCode(userId, authCode) {
    return await this.saveToken(
      await http.post(`${constants.AUTH_HOST}${ENDPOINTS.temporaryToken}`, {
        authorization_code: authCode,
        user_id: userId,
        client_id: "notesnook",
      })
    );
  }
}
export default TokenManager;
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`import http from "../utils/http";`
			`import constants from "../utils/constants";`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`import { EV, EVENTS, sendSessionExpiredEvent } from "../common";`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00
			`const ENDPOINTS = {`
			`token: "/connect/token",`
			`revoke: "/connect/revocation",`
feat: add logic to exchange auth code with temp token 2020-12-22 09:47:01 +05:00			`temporaryToken: "/account/token",`
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`logout: "/account/logout",`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`};`

fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`var RETRIES = 0;`
			`var RETRIES_LIMIT = 1;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`class TokenManager {`
			`/**`
			`*`
			`* @param {import("./index").default} db`
			`*/`
			`constructor(db) {`
			`this._db = db;`
fix: cache access token response This is a hotfix for Android where Database does not write new token causing user to get logged out. 2021-03-11 14:39:48 +05:00			`this.token;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`async getToken(renew = true, forceRenew = false) {`
fix: cache access token response This is a hotfix for Android where Database does not write new token causing user to get logged out. 2021-03-11 14:39:48 +05:00			`let token = this.token \|\| (await this._db.context.read("token"));`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`if (!token) return;`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`if (forceRenew \|\| (renew && this._isTokenExpired(token))) {`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`await this._refreshToken(token);`
			`return await this.getToken();`
			`}`
			`return token;`
			`}`

			`_isTokenExpired(token) {`
			`const { t, expires_in } = token;`
			`const expiryMs = t + expires_in * 1000;`
			`return Date.now() >= expiryMs;`
			`}`

fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`async getAccessToken(forceRenew = false) {`
			`try {`
			`const token = await this.getToken(true, forceRenew);`
			`if (!token) return;`
			`return token.access_token;`
			`} catch (e) {`
			`console.error("Error getting access token:", e);`
			`if (e.message === "invalid_grant" \|\| e.message === "invalid_client") {`
fix: reset retry counter 2021-05-25 16:20:44 +05:00			`if (++RETRIES <= RETRIES_LIMIT) {`
			`return await this.getAccessToken(true);`
			`}`
fix: do not reset retry counter recursively 2021-05-26 12:23:00 +05:00			`RETRIES = 0;`
fix: do not send & wait for session expired event 2021-05-26 12:40:15 +05:00			`EV.publish(EVENTS.userSessionExpired);`
fix: properly handle session expiry 2021-05-25 16:19:58 +05:00			`}`
			`return null;`
			`}`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

			`async _refreshToken(token) {`
			`const { refresh_token, scope } = token;`

fix: cache access token response This is a hotfix for Android where Database does not write new token causing user to get logged out. 2021-03-11 14:39:48 +05:00			`if (!refresh_token \|\| !scope) return;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`return await this.saveToken(`
			await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
			`refresh_token,`
			`grant_type: "refresh_token",`
			`scope: scope,`
			`client_id: "notesnook",`
			`})`
			`);`
			`}`

			`async revokeToken() {`
			`const token = await this.getToken();`
			`if (!token) return;`
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`const { access_token } = token;`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00
fix: logout using custom logout endpoint 2021-01-04 11:22:24 +05:00			`await http.post(`
			`${constants.AUTH_HOST}${ENDPOINTS.logout}`,
			`null,`
			`access_token`
			`);`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`

			`saveToken(tokenResponse) {`
fix: cache access token response This is a hotfix for Android where Database does not write new token causing user to get logged out. 2021-03-11 14:39:48 +05:00			`this.token = { ...tokenResponse, t: Date.now() };`
			`return this._db.context.write("token", this.token);`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`
feat: add logic to exchange auth code with temp token 2020-12-22 09:47:01 +05:00
fix: clear cached token on logout 2021-04-05 11:32:40 +05:00			`clearToken() {`
			`this.token = undefined;`
			`}`

feat: add logic to exchange auth code with temp token 2020-12-22 09:47:01 +05:00			`async getAccessTokenFromAuthorizationCode(userId, authCode) {`
			`return await this.saveToken(`
			await http.post(`${constants.AUTH_HOST}${ENDPOINTS.temporaryToken}`, {
			`authorization_code: authCode,`
			`user_id: userId,`
			`client_id: "notesnook",`
			`})`
			`);`
			`}`
feat: migrate to use the new backend 2020-12-16 12:06:25 +05:00			`}`
			`export default TokenManager;`