New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@mojaloop/security-bc-client-lib
Advanced tools
@mojaloop/security-bc-client-lib - npm Package Compare versions
Comparing version 0.1.7 to 0.1.8
@@ -24,2 +24,9 @@ import { AuthToken } from "./types"; | ||
| get initialised(): boolean; | ||
| /** | ||
| * Set a caller provided token to be used on getToken() | ||
| * This disables the auto token fetching mechanism | ||
| * This call can throw an UnauthorizedError if the token cannot be decoded (no valid check is performed, only decode) | ||
| * @param accessToken | ||
| */ | ||
| setToken(accessToken: string): void; | ||
| setUserCredentials(client_id: string, username: string, password: string): void; | ||
@@ -31,3 +38,4 @@ setAppCredentials(client_id: string, client_secret: string): void; | ||
| private _resetPrivDate; | ||
| private _parseAndLoadAccessToken; | ||
| private _requestToken; | ||
| } |
@@ -61,4 +61,15 @@ /***** | ||
| } | ||
| /** | ||
| * Set a caller provided token to be used on getToken() | ||
| * This disables the auto token fetching mechanism | ||
| * This call can throw an UnauthorizedError if the token cannot be decoded (no valid check is performed, only decode) | ||
| * @param accessToken | ||
| */ | ||
| setToken(accessToken) { | ||
| this._authMode = "PROVIDED_TOKEN"; | ||
| this._parseAndLoadAccessToken(accessToken); | ||
| this._initialised = true; | ||
| } | ||
| setUserCredentials(client_id, username, password) { | ||
| this._authMode = "USER"; | ||
| this._authMode = "USER_CREDS"; | ||
| this._client_id = client_id; | ||
@@ -70,3 +81,3 @@ this._username = username; | ||
| setAppCredentials(client_id, client_secret) { | ||
| this._authMode = "APP"; | ||
| this._authMode = "APP_CREDS"; | ||
| this._client_id = client_id; | ||
@@ -87,5 +98,7 @@ this._client_secret = client_secret; | ||
| } | ||
| await this._requestToken().catch(reason => { | ||
| return Promise.reject(reason); | ||
| }); | ||
| if (this._authMode === "PROVIDED_TOKEN") { | ||
| throw new types_1.UnauthorizedError("Invalid provided token"); | ||
| } | ||
| // only for authMode not PROVIDED_TOKEN | ||
| await this._requestToken(); | ||
| return Promise.resolve(this._constructAuthTokenObj()); | ||
@@ -100,3 +113,3 @@ } | ||
| refreshTokenExpiresIn: this._refresh_token_expires_in, | ||
| scope: this._responseObj.scope | ||
| scope: this._responseObj?.scope | ||
| }; | ||
@@ -119,2 +132,22 @@ } | ||
| } | ||
| _parseAndLoadAccessToken(accessToken) { | ||
| let token; | ||
| try { | ||
| token = jsonwebtoken_1.default.decode(accessToken, { complete: true }); | ||
| if (!token) { | ||
| throw new types_1.UnauthorizedError("Error decoding received token"); | ||
| } | ||
| } | ||
| catch (err) { | ||
| // don't care, it's not a valid token | ||
| throw new types_1.UnauthorizedError("Error decoding received token"); | ||
| } | ||
| this._decodedToken = token; | ||
| this._access_token = accessToken; | ||
| const tokenPayload = token.payload; | ||
| if (tokenPayload.exp) | ||
| this._access_token_expires_at = tokenPayload.exp * 1000; | ||
| if (tokenPayload.exp && tokenPayload.iat) | ||
| this._access_token_expires_in = tokenPayload.exp - tokenPayload.iat; | ||
| } | ||
| _requestToken() { | ||
@@ -124,3 +157,3 @@ // make sure old values are not kept | ||
| let payload; | ||
| if (this._authMode === "USER") { | ||
| if (this._authMode === "USER_CREDS") { | ||
| payload = { | ||
@@ -135,3 +168,3 @@ grant_type: "password", | ||
| } | ||
| else if (this._authMode === "APP") { | ||
| else if (this._authMode === "APP_CREDS") { | ||
| payload = { | ||
@@ -158,23 +191,16 @@ grant_type: "client_credentials", | ||
| const accessToken = respObj.access_token; | ||
| let token; | ||
| try { | ||
| token = jsonwebtoken_1.default.decode(accessToken, { complete: true }); | ||
| if (!token) { | ||
| return reject(new types_1.UnauthorizedError("Error decoding received token")); | ||
| } | ||
| this._parseAndLoadAccessToken(accessToken); | ||
| } | ||
| catch (err) { | ||
| // don't care, it's not a valid token | ||
| return reject(new types_1.UnauthorizedError("Error decoding received token")); | ||
| return reject(err); | ||
| } | ||
| this._responseObj = respObj; | ||
| this._decodedToken = token; | ||
| this._access_token = respObj.access_token; | ||
| this._access_token_expires_in = respObj.expires_in; | ||
| if (respObj.expires_in) | ||
| this._access_token_expires_at = Date.now() + respObj.expires_in * 1000; | ||
| this._refreshToken = respObj.refresh_token; | ||
| this._refresh_token_expires_in = respObj.refresh_token_expires_in; | ||
| if (respObj.access_token && respObj.refresh_token_expires_in) | ||
| this._refresh_token_expires_at = Date.now() + respObj.refresh_token_expires_in * 1000; | ||
| // load refresh token if received | ||
| if (respObj.refresh_token) { | ||
| this._refreshToken = respObj.refresh_token; | ||
| this._refresh_token_expires_in = respObj.refresh_token_expires_in; | ||
| if (respObj.access_token && respObj.refresh_token_expires_in) | ||
| this._refresh_token_expires_at = Date.now() + respObj.refresh_token_expires_in * 1000; | ||
| } | ||
| return resolve(); | ||
@@ -181,0 +207,0 @@ } |
| { | ||
| "name": "@mojaloop/security-bc-client-lib", | ||
| "version": "0.1.7", | ||
| "version": "0.1.8", | ||
| "description": "mojaloop security authentication and authorization client library", | ||
@@ -5,0 +5,0 @@ "license": "Apache-2.0", |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by2.76%
61132
- Lines of code
- increased by4%
883
No dependency changes