| 1 | /*!
|
| 2 | * Copyright 2016 Amazon.com,
|
| 3 | * Inc. or its affiliates. All Rights Reserved.
|
| 4 | *
|
| 5 | * Licensed under the Amazon Software License (the "License").
|
| 6 | * You may not use this file except in compliance with the
|
| 7 | * License. A copy of the License is located at
|
| 8 | *
|
| 9 | * http://aws.amazon.com/asl/
|
| 10 | *
|
| 11 | * or in the "license" file accompanying this file. This file is
|
| 12 | * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
| 13 | * CONDITIONS OF ANY KIND, express or implied. See the License
|
| 14 | * for the specific language governing permissions and
|
| 15 | * limitations under the License.
|
| 16 | */
|
| 17 |
|
| 18 | /** @class */
|
| 19 | export default class CognitoUserSession {
|
| 20 | /**
|
| 21 | * Constructs a new CognitoUserSession object
|
| 22 | * @param {CognitoIdToken} IdToken The session's Id token.
|
| 23 | * @param {CognitoRefreshToken=} RefreshToken The session's refresh token.
|
| 24 | * @param {CognitoAccessToken} AccessToken The session's access token.
|
| 25 | * @param {int} ClockDrift The saved computer's clock drift or undefined to force calculation.
|
| 26 | */
|
| 27 | constructor({ IdToken, RefreshToken, AccessToken, ClockDrift } = {}) {
|
| 28 | if (AccessToken == null || IdToken == null) {
|
| 29 | throw new Error('Id token and Access Token must be present.');
|
| 30 | }
|
| 31 |
|
| 32 | this.idToken = IdToken;
|
| 33 | this.refreshToken = RefreshToken;
|
| 34 | this.accessToken = AccessToken;
|
| 35 | this.clockDrift =
|
| 36 | ClockDrift === undefined ? this.calculateClockDrift() : ClockDrift;
|
| 37 | }
|
| 38 |
|
| 39 | /**
|
| 40 | * @returns {CognitoIdToken} the session's Id token
|
| 41 | */
|
| 42 | getIdToken() {
|
| 43 | return this.idToken;
|
| 44 | }
|
| 45 |
|
| 46 | /**
|
| 47 | * @returns {CognitoRefreshToken} the session's refresh token
|
| 48 | */
|
| 49 | getRefreshToken() {
|
| 50 | return this.refreshToken;
|
| 51 | }
|
| 52 |
|
| 53 | /**
|
| 54 | * @returns {CognitoAccessToken} the session's access token
|
| 55 | */
|
| 56 | getAccessToken() {
|
| 57 | return this.accessToken;
|
| 58 | }
|
| 59 |
|
| 60 | /**
|
| 61 | * @returns {int} the session's clock drift
|
| 62 | */
|
| 63 | getClockDrift() {
|
| 64 | return this.clockDrift;
|
| 65 | }
|
| 66 |
|
| 67 | /**
|
| 68 | * @returns {int} the computer's clock drift
|
| 69 | */
|
| 70 | calculateClockDrift() {
|
| 71 | const now = Math.floor(new Date() / 1000);
|
| 72 | const iat = Math.min(
|
| 73 | this.accessToken.getIssuedAt(),
|
| 74 | this.idToken.getIssuedAt()
|
| 75 | );
|
| 76 |
|
| 77 | return now - iat;
|
| 78 | }
|
| 79 |
|
| 80 | /**
|
| 81 | * Checks to see if the session is still valid based on session expiry information found
|
| 82 | * in tokens and the current time (adjusted with clock drift)
|
| 83 | * @returns {boolean} if the session is still valid
|
| 84 | */
|
| 85 | isValid() {
|
| 86 | const now = Math.floor(new Date() / 1000);
|
| 87 | const adjusted = now - this.clockDrift;
|
| 88 |
|
| 89 | return (
|
| 90 | adjusted < this.accessToken.getExpiration() &&
|
| 91 | adjusted < this.idToken.getExpiration()
|
| 92 | );
|
| 93 | }
|
| 94 | }
|