@pega/auth - npm Package Compare versions

Comparing version 0.2.0 to 0.2.1

lib/oauth-client/auth.d.ts

@@ -19,7 +19,8 @@ export class PegaAuth {
      *  also revoke the refresh token if present.
-     * @param {string|undefined} accessToken - the access token (or undefined for secureCookie scenario)
-     * @param {string} refreshToken - optional refresh token (for non secureCookie scenario)
+     * @param {string} accessToken - the access token (or any string value for secureCookie scenario)
+     * @param {string} refreshToken - optional refresh token (or any string value for non secureCookie
+     *   scenario, when a refreshToken exists)
      * @returns
      */
-    revokeTokens(accessToken: string | undefined, refreshToken?: string): Promise<void>;
+    revokeTokens(accessToken: string, refreshToken?: string): Promise<void>;
     getUserinfo(accessToken: any): Promise<any>;
@@ -26,0 +27,0 @@ #private;

lib/oauth-client/auth.js

@@ -670,4 +670,5 @@ export class PegaAuth {
      *  also revoke the refresh token if present.
-     * @param {string|undefined} accessToken - the access token (or undefined for secureCookie scenario)
-     * @param {string} refreshToken - optional refresh token (for non secureCookie scenario)
+     * @param {string} accessToken - the access token (or any string value for secureCookie scenario)
+     * @param {string} refreshToken - optional refresh token (or any string value for non secureCookie
+     *   scenario, when a refreshToken exists)
      * @returns
@@ -690,36 +691,33 @@ */
         }
-        const aTknProps = ['access_token'];
-        if (refreshToken) {
-            aTknProps.push('refresh_token');
+        // A revoke of a refresh_token will also revoke any associated access_tokens, so only one
+        //  transaction is necessary.
+        const prop = refreshToken ? 'refresh_token' : 'access_token';
+        const formData = new URLSearchParams();
+        if (!clientSecret) {
+            formData.append('client_id', clientId);
         }
-        aTknProps.forEach(prop => {
-            const formData = new URLSearchParams();
-            if (!clientSecret) {
-                formData.append('client_id', clientId);
+        if (secureCookie) {
+            formData.append('send_token_as_cookie', 'true');
+        }
+        const token = prop === 'access_token' ? accessToken : refreshToken;
+        if (!secureCookie && token) {
+            formData.append('token', token);
+        }
+        formData.append('token_type_hint', prop);
+        fetch(revokeUri, {
+            agent: this.#getAgent(),
+            method: 'POST',
+            headers: new Headers(headers),
+            credentials: secureCookie ? 'include' : 'omit',
+            body: formData.toString()
+        })
+            .then(response => {
+            if (!response.ok) {
+                // eslint-disable-next-line no-console
+                console.error(`Error revoking ${prop}:${response.status}`);
             }
-            if (this.#config.secureCookie) {
-                formData.append('send_token_as_cookie', 'true');
-            }
-            const token = prop === 'access_token' ? accessToken : refreshToken;
-            if (token) {
-                formData.append('token', token);
-            }
-            formData.append('token_type_hint', prop);
-            fetch(revokeUri, {
-                agent: this.#getAgent(),
-                method: 'POST',
-                headers: new Headers(headers),
-                credentials: secureCookie ? 'include' : 'omit',
-                body: formData.toString()
-            })
-                .then(response => {
-                if (!response.ok) {
-                    // eslint-disable-next-line no-console
-                    console.error(`Error revoking ${prop}:${response.status}`);
-                }
-            })
-                .catch(e => {
-                // eslint-disable-next-line no-console
-                console.error(`Error revoking ${prop}; ${e}`);
-            });
+        })
+            .catch(e => {
+            // eslint-disable-next-line no-console
+            console.error(`Error revoking ${prop}; ${e}`);
         });
@@ -726,0 +724,0 @@ this.#dynState.silentAuthFailed = false;

lib/sdk-auth-manager/authManager.js

@@ -882,3 +882,5 @@ // This file wraps various calls related to logging in, logging out, etc.
                         aMgr
-                            .revokeTokens(this.#tokenInfo.access_token, this.#tokenInfo.refresh_token)
+                            .revokeTokens(this.#authConfig.secureCookie ? 'cookie' : this.#tokenInfo.access_token, this.#authConfig.secureCookie && this.#tokenInfo.is_refresh_token_enabled
+                            ? 'cookie'
+                            : this.#tokenInfo.refresh_token)
                             .then(() => {
@@ -885,0 +887,0 @@ // Go to finally

package.json

 {
   "name": "@pega/auth",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Pega OAuth 2.0 Client Library (supports Infinity and Launchpad).",
@@ -5,0 +5,0 @@ "repository": {

README.md

@@ -94,3 +94,3 @@ # Pega Auth
 
-Uses he passed in refreshToken to generate a new access_token as well as an updated refresh_token (if a refresh_token is enabled within the OAuth 2.0 client registration).
+Uses the passed in refreshToken to generate a new access_token as well as an updated refresh_token (if a refresh_token is enabled within the OAuth 2.0 client registration).
 
@@ -97,0 +97,0 @@ ### async revokeTokens(accessToken, refreshToken=null)

No alert changes

Improved metrics

Total package byte prevSize

196643

increased by0.13%

Lines of code

2172

increased by0.05%

No dependency changes