1 | import { CodedError, UnavailabilityError } from '@unimodules/core';
|
2 | import invariant from 'invariant';
|
3 | import ExpoAppAuth from './ExpoAppAuth';
|
4 | function isValidServiceConfiguration(config) {
|
5 | return !!(config &&
|
6 | typeof config.authorizationEndpoint === 'string' &&
|
7 | typeof config.tokenEndpoint === 'string');
|
8 | }
|
9 | function assertValidClientId(clientId) {
|
10 | if (typeof clientId !== 'string' || !clientId.length) {
|
11 | throw new CodedError('ERR_APP_AUTH_INVALID_CONFIG', '`clientId` must be a string with more than 0 characters');
|
12 | }
|
13 | }
|
14 | function assertValidProps({ issuer, redirectUrl, clientId, serviceConfiguration, }) {
|
15 | if (typeof issuer !== 'string' && !isValidServiceConfiguration(serviceConfiguration)) {
|
16 | throw new CodedError('ERR_APP_AUTH_INVALID_CONFIG', 'You must provide either an `issuer` or both `authorizationEndpoint` and `tokenEndpoint`');
|
17 | }
|
18 | if (typeof redirectUrl !== 'string') {
|
19 | throw new CodedError('ERR_APP_AUTH_INVALID_CONFIG', '`redirectUrl` must be a string');
|
20 | }
|
21 | assertValidClientId(clientId);
|
22 | }
|
23 | async function _executeAsync(props) {
|
24 | if (!props.redirectUrl) {
|
25 | props.redirectUrl = getDefaultOAuthRedirect();
|
26 | }
|
27 | assertValidProps(props);
|
28 | return await ExpoAppAuth.executeAsync(props);
|
29 | }
|
30 | export function getDefaultOAuthRedirect() {
|
31 | return `${ExpoAppAuth.OAuthRedirect}:/oauthredirect`;
|
32 | }
|
33 | export async function authAsync(props) {
|
34 | if (!ExpoAppAuth.executeAsync) {
|
35 | throw new UnavailabilityError('expo-app-auth', 'authAsync');
|
36 | }
|
37 | return await _executeAsync(props);
|
38 | }
|
39 | export async function refreshAsync(props, refreshToken) {
|
40 | if (!ExpoAppAuth.executeAsync) {
|
41 | throw new UnavailabilityError('expo-app-auth', 'refreshAsync');
|
42 | }
|
43 | if (!refreshToken) {
|
44 | throw new CodedError('ERR_APP_AUTH_TOKEN', 'Cannot refresh with null `refreshToken`');
|
45 | }
|
46 | return await _executeAsync({
|
47 | isRefresh: true,
|
48 | refreshToken,
|
49 | ...props,
|
50 | });
|
51 | }
|
52 |
|
53 | export async function revokeAsync({ clientId, issuer, serviceConfiguration }, { token, isClientIdProvided = false }) {
|
54 | if (!token) {
|
55 | throw new CodedError('ERR_APP_AUTH_TOKEN', 'Cannot revoke a null `token`');
|
56 | }
|
57 | assertValidClientId(clientId);
|
58 | let revocationEndpoint;
|
59 | if (serviceConfiguration && serviceConfiguration.revocationEndpoint) {
|
60 | revocationEndpoint = serviceConfiguration.revocationEndpoint;
|
61 | }
|
62 | else {
|
63 |
|
64 | const response = await fetch(`${issuer}/.well-known/openid-configuration`);
|
65 | const openidConfig = await response.json();
|
66 | invariant(openidConfig.revocation_endpoint, 'The OpenID config does not specify a revocation endpoint');
|
67 | revocationEndpoint = openidConfig.revocation_endpoint;
|
68 | }
|
69 | const encodedClientID = encodeURIComponent(clientId);
|
70 | const encodedToken = encodeURIComponent(token);
|
71 | const body = `token=${encodedToken}${isClientIdProvided ? `&client_id=${encodedClientID}` : ''}`;
|
72 | const headers = { 'Content-Type': 'application/x-www-form-urlencoded' };
|
73 | try {
|
74 |
|
75 | const results = await fetch(revocationEndpoint, {
|
76 | method: 'POST',
|
77 | headers,
|
78 | body,
|
79 | });
|
80 | return results;
|
81 | }
|
82 | catch (error) {
|
83 | throw new CodedError('ERR_APP_AUTH_REVOKE_FAILED', error.message);
|
84 | }
|
85 | }
|
86 | async function parseAuthRevocationResults(results) {
|
87 | const data = await results.json();
|
88 | const token = results.headers['update-client-auth'];
|
89 |
|
90 | if (results.ok) {
|
91 |
|
92 | return { type: 'success', status: results.status, data, token };
|
93 | }
|
94 | else if (results.status == 503 && results.headers['retry-after']) {
|
95 |
|
96 | const retryAfterValue = results.headers['retry-after'];
|
97 | let retryAfter;
|
98 | if (retryAfterValue) {
|
99 | retryAfter = parseRetryTime(retryAfterValue);
|
100 | }
|
101 |
|
102 | return { type: 'failed', status: results.status, data, token, retryAfter };
|
103 | }
|
104 | else {
|
105 |
|
106 | return { type: 'error', status: results.status, data, token };
|
107 | }
|
108 | }
|
109 | function parseRetryTime(value) {
|
110 |
|
111 | if (/^\d+$/.test(value)) {
|
112 | return parseInt(value, 10) * 1000;
|
113 | }
|
114 | const retry = Date.parse(value);
|
115 | if (isNaN(retry)) {
|
116 | throw new CodedError('ERR_APP_AUTH_FETCH_RETRY_TIME', 'Cannot parse the Retry-After header value returned by the server: ' + value);
|
117 | }
|
118 | const now = Date.now();
|
119 | const parsedDate = new Date(retry);
|
120 | return parsedDate.getTime() - now;
|
121 | }
|
122 | export const { OAuthRedirect, URLSchemes } = ExpoAppAuth;
|
123 |
|
\ | No newline at end of file |