1 | /*!
|
2 | * Copyright 2016 Amazon.com,
|
3 | * Inc. or its affiliates. All Rights Reserved.
|
4 | *
|
5 | * Licensed under the Amazon Software License (the "License").
|
6 | * You may not use this file except in compliance with the
|
7 | * License. A copy of the License is located at
|
8 | *
|
9 | * http://aws.amazon.com/asl/
|
10 | *
|
11 | * or in the "license" file accompanying this file. This file is
|
12 | * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
13 | * CONDITIONS OF ANY KIND, express or implied. See the License
|
14 | * for the specific language governing permissions and
|
15 | * limitations under the License.
|
16 | */
|
17 |
|
18 | /** @class */
|
19 | export default class CognitoUserSession {
|
20 | /**
|
21 | * Constructs a new CognitoUserSession object
|
22 | * @param {CognitoIdToken} IdToken The session's Id token.
|
23 | * @param {CognitoRefreshToken=} RefreshToken The session's refresh token.
|
24 | * @param {CognitoAccessToken} AccessToken The session's access token.
|
25 | * @param {int} ClockDrift The saved computer's clock drift or undefined to force calculation.
|
26 | */
|
27 | constructor({ IdToken, RefreshToken, AccessToken, ClockDrift } = {}) {
|
28 | if (AccessToken == null || IdToken == null) {
|
29 | throw new Error('Id token and Access Token must be present.');
|
30 | }
|
31 |
|
32 | this.idToken = IdToken;
|
33 | this.refreshToken = RefreshToken;
|
34 | this.accessToken = AccessToken;
|
35 | this.clockDrift =
|
36 | ClockDrift === undefined ? this.calculateClockDrift() : ClockDrift;
|
37 | }
|
38 |
|
39 | /**
|
40 | * @returns {CognitoIdToken} the session's Id token
|
41 | */
|
42 | getIdToken() {
|
43 | return this.idToken;
|
44 | }
|
45 |
|
46 | /**
|
47 | * @returns {CognitoRefreshToken} the session's refresh token
|
48 | */
|
49 | getRefreshToken() {
|
50 | return this.refreshToken;
|
51 | }
|
52 |
|
53 | /**
|
54 | * @returns {CognitoAccessToken} the session's access token
|
55 | */
|
56 | getAccessToken() {
|
57 | return this.accessToken;
|
58 | }
|
59 |
|
60 | /**
|
61 | * @returns {int} the session's clock drift
|
62 | */
|
63 | getClockDrift() {
|
64 | return this.clockDrift;
|
65 | }
|
66 |
|
67 | /**
|
68 | * @returns {int} the computer's clock drift
|
69 | */
|
70 | calculateClockDrift() {
|
71 | const now = Math.floor(new Date() / 1000);
|
72 | const iat = Math.min(
|
73 | this.accessToken.getIssuedAt(),
|
74 | this.idToken.getIssuedAt()
|
75 | );
|
76 |
|
77 | return now - iat;
|
78 | }
|
79 |
|
80 | /**
|
81 | * Checks to see if the session is still valid based on session expiry information found
|
82 | * in tokens and the current time (adjusted with clock drift)
|
83 | * @returns {boolean} if the session is still valid
|
84 | */
|
85 | isValid() {
|
86 | const now = Math.floor(new Date() / 1000);
|
87 | const adjusted = now - this.clockDrift;
|
88 |
|
89 | return (
|
90 | adjusted < this.accessToken.getExpiration() &&
|
91 | adjusted < this.idToken.getExpiration()
|
92 | );
|
93 | }
|
94 | }
|