ibm-cloud-sdk-core - npm Package Compare versions

Comparing version 4.2.3 to 4.2.4

auth/token-managers/iam-request-based-token-manager.d.ts

 /**
- * (C) Copyright IBM Corp. 2019, 2023.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -92,2 +92,12 @@ * Licensed under the Apache License, Version 2.0 (the "License");
     protected requestToken(): Promise<any>;
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    protected isTokenExpired(): boolean;
 }

auth/token-managers/iam-request-based-token-manager.js

 "use strict";
 /**
- * (C) Copyright IBM Corp. 2019, 2023.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -44,2 +44,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
 var OPERATION_PATH = '/identity/token';
+var IAM_EXPIRATION_WINDOW = 10;
 /**
@@ -172,4 +173,21 @@ * The IamRequestBasedTokenManager class contains code relevant to any token manager that
     };
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    IamRequestBasedTokenManager.prototype.isTokenExpired = function () {
+        var expireTime = this.expireTime;
+        if (!expireTime) {
+            return true;
+        }
+        var currentTime = (0, helpers_1.getCurrentTime)();
+        return currentTime >= expireTime - IAM_EXPIRATION_WINDOW;
+    };
     return IamRequestBasedTokenManager;
 }(jwt_token_manager_1.JwtTokenManager));
 exports.IamRequestBasedTokenManager = IamRequestBasedTokenManager;

auth/token-managers/jwt-token-manager.js

@@ -35,3 +35,3 @@ "use strict";
 /**
- * (C) Copyright IBM Corp. 2019, 2022.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -106,3 +106,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
         if (!decodedResponse) {
-            var err = 'Access token recieved is not a valid JWT';
+            var err = 'Access token received is not a valid JWT';
             logger_1.default.error(err);
@@ -109,0 +109,0 @@ throw new Error(err);

auth/token-managers/token-manager.d.ts

 /// <reference types="node" />
 /**
- * (C) Copyright IBM Corp. 2020, 2023.
+ * (C) Copyright IBM Corp. 2020, 2024.
  *
@@ -109,3 +109,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
      */
-    private isTokenExpired;
+    protected isTokenExpired(): boolean;
     /**
@@ -112,0 +112,0 @@ * Checks if currently-stored token should be refreshed

auth/token-managers/vpc-instance-token-manager.d.ts

 /**
- * (C) Copyright IBM Corp. 2021, 2023.
+ * (C) Copyright IBM Corp. 2021, 2024.
  *
@@ -56,3 +56,13 @@ * Licensed under the Apache License, Version 2.0 (the "License");
     private getInstanceIdentityToken;
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    protected isTokenExpired(): boolean;
 }
 export {};

auth/token-managers/vpc-instance-token-manager.js

 "use strict";
 /**
- * (C) Copyright IBM Corp. 2021, 2023.
+ * (C) Copyright IBM Corp. 2021, 2024.
  *
@@ -78,2 +78,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
 var METADATA_SERVICE_VERSION = '2022-03-01';
+var IAM_EXPIRATION_WINDOW = 10;
 /**
@@ -211,4 +212,21 @@ * Token Manager for VPC Instance Authentication.
     };
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    VpcInstanceTokenManager.prototype.isTokenExpired = function () {
+        var expireTime = this.expireTime;
+        if (!expireTime) {
+            return true;
+        }
+        var currentTime = (0, helpers_1.getCurrentTime)();
+        return currentTime >= expireTime - IAM_EXPIRATION_WINDOW;
+    };
     return VpcInstanceTokenManager;
 }(jwt_token_manager_1.JwtTokenManager));
 exports.VpcInstanceTokenManager = VpcInstanceTokenManager;

build/docs/ibm-cloud-sdk-core.iamrequestbasedtokenmanager.md

@@ -34,2 +34,3 @@ <!-- Do not edit this file. It is automatically generated by API Documenter. -->
 |  [getRefreshToken()](./ibm-cloud-sdk-core.iamrequestbasedtokenmanager.getrefreshtoken.md) |  | Returns the most recently stored refresh token. |
+|  [isTokenExpired()](./ibm-cloud-sdk-core.iamrequestbasedtokenmanager.istokenexpired.md) | <code>protected</code> | Returns true iff the currently-cached IAM access token is expired. We'll consider an access token as expired when we reach its IAM server-reported expiration time minus our expiration window (10 secs). We do this to avoid using an access token that might expire in the middle of a long-running transaction within an IBM Cloud service. |
 |  [requestToken()](./ibm-cloud-sdk-core.iamrequestbasedtokenmanager.requesttoken.md) | <code>protected</code> | Request an IAM access token using an API key. |
@@ -36,0 +37,0 @@ |  [saveTokenInfo(tokenResponse)](./ibm-cloud-sdk-core.iamrequestbasedtokenmanager.savetokeninfo.md) | <code>protected</code> | Extend this method from the parent class to extract the refresh token from the request and save it. |

build/docs/ibm-cloud-sdk-core.tokenmanager.md

@@ -38,2 +38,3 @@ <!-- Do not edit this file. It is automatically generated by API Documenter. -->
 |  [getToken()](./ibm-cloud-sdk-core.tokenmanager.gettoken.md) |  | Retrieves a new token using "requestToken()" if there is not a currently stored token from a previous call, or the previous token has expired. |
+|  [isTokenExpired()](./ibm-cloud-sdk-core.tokenmanager.istokenexpired.md) | <code>protected</code> | Checks if currently-stored token is expired |
 |  [pacedRequestToken()](./ibm-cloud-sdk-core.tokenmanager.pacedrequesttoken.md) | <code>protected</code> | <p>Paces requests to requestToken().</p><p>This method pseudo-serializes requests for an access\_token when the current token is undefined or expired. The first caller to this method records its <code>requestTime</code> and then issues the token request. Subsequent callers will check the <code>requestTime</code> to see if a request is active (has been issued within the past 60 seconds), and if so will queue their promise for the active requestor to resolve when that request completes.</p> |
@@ -40,0 +41,0 @@ |  [requestToken()](./ibm-cloud-sdk-core.tokenmanager.requesttoken.md) | <code>protected</code> | Request a token using an API endpoint. |

build/docs/ibm-cloud-sdk-core.vpcinstancetokenmanager.md

@@ -26,2 +26,3 @@ <!-- Do not edit this file. It is automatically generated by API Documenter. -->
 |  --- | --- | --- |
+|  [isTokenExpired()](./ibm-cloud-sdk-core.vpcinstancetokenmanager.istokenexpired.md) | <code>protected</code> | Returns true iff the currently-cached IAM access token is expired. We'll consider an access token as expired when we reach its IAM server-reported expiration time minus our expiration window (10 secs). We do this to avoid using an access token that might expire in the middle of a long-running transaction within an IBM Cloud service. |
 |  [requestToken()](./ibm-cloud-sdk-core.vpcinstancetokenmanager.requesttoken.md) | <code>protected</code> |  |
@@ -28,0 +29,0 @@ |  [setIamProfileCrn(iamProfileCrn)](./ibm-cloud-sdk-core.vpcinstancetokenmanager.setiamprofilecrn.md) |  | Sets the CRN of the IAM trusted profile to use when fetching the access token from the IAM token server. |

CHANGELOG.md

@@ -0,1 +1,8 @@
+## [4.2.4](https://github.com/IBM/node-sdk-core/compare/v4.2.3...v4.2.4) (2024-02-28)
+
+
+### Bug Fixes
+
+* adjust IAM token expiration time ([#268](https://github.com/IBM/node-sdk-core/issues/268)) ([9b975e0](https://github.com/IBM/node-sdk-core/commit/9b975e0da75d46ea29095eebeda5d0b079f058c6))
+
 ## [4.2.3](https://github.com/IBM/node-sdk-core/compare/v4.2.2...v4.2.3) (2024-02-01)
@@ -2,0 +9,0 @@

es/auth/token-managers/iam-request-based-token-manager.d.ts

 /**
- * (C) Copyright IBM Corp. 2019, 2023.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -92,2 +92,12 @@ * Licensed under the Apache License, Version 2.0 (the "License");
     protected requestToken(): Promise<any>;
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    protected isTokenExpired(): boolean;
 }

es/auth/token-managers/iam-request-based-token-manager.js

 /**
- * (C) Copyright IBM Corp. 2019, 2023.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -18,3 +18,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
 import logger from '../../lib/logger';
-import { computeBasicAuthHeader, onlyOne, removeSuffix } from '../utils/helpers';
+import { computeBasicAuthHeader, getCurrentTime, onlyOne, removeSuffix } from '../utils/helpers';
 import { JwtTokenManager } from './jwt-token-manager';
@@ -24,2 +24,3 @@ const CLIENT_ID_SECRET_WARNING = 'Warning: Client ID and Secret must BOTH be given, or the header will not be included.';
 const OPERATION_PATH = '/identity/token';
+const IAM_EXPIRATION_WINDOW = 10;
 /**
@@ -149,2 +150,19 @@ * The IamRequestBasedTokenManager class contains code relevant to any token manager that
     }
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    isTokenExpired() {
+        const { expireTime } = this;
+        if (!expireTime) {
+            return true;
+        }
+        const currentTime = getCurrentTime();
+        return currentTime >= expireTime - IAM_EXPIRATION_WINDOW;
+    }
 }

es/auth/token-managers/jwt-token-manager.js

 /* eslint-disable class-methods-use-this */
 /**
- * (C) Copyright IBM Corp. 2019, 2022.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
@@ -70,3 +70,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
         if (!decodedResponse) {
-            const err = 'Access token recieved is not a valid JWT';
+            const err = 'Access token received is not a valid JWT';
             logger.error(err);
@@ -73,0 +73,0 @@ throw new Error(err);

es/auth/token-managers/token-manager.d.ts

 /// <reference types="node" />
 /**
- * (C) Copyright IBM Corp. 2020, 2023.
+ * (C) Copyright IBM Corp. 2020, 2024.
  *
@@ -109,3 +109,3 @@ * Licensed under the Apache License, Version 2.0 (the "License");
      */
-    private isTokenExpired;
+    protected isTokenExpired(): boolean;
     /**
@@ -112,0 +112,0 @@ * Checks if currently-stored token should be refreshed

es/auth/token-managers/vpc-instance-token-manager.d.ts

 /**
- * (C) Copyright IBM Corp. 2021, 2023.
+ * (C) Copyright IBM Corp. 2021, 2024.
  *
@@ -56,3 +56,13 @@ * Licensed under the Apache License, Version 2.0 (the "License");
     private getInstanceIdentityToken;
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    protected isTokenExpired(): boolean;
 }
 export {};

es/auth/token-managers/vpc-instance-token-manager.js

 /**
- * (C) Copyright IBM Corp. 2021, 2023.
+ * (C) Copyright IBM Corp. 2021, 2024.
  *
@@ -26,6 +26,7 @@ * Licensed under the Apache License, Version 2.0 (the "License");
 import logger from '../../lib/logger';
-import { atMostOne } from '../utils/helpers';
+import { atMostOne, getCurrentTime } from '../utils/helpers';
 import { JwtTokenManager } from './jwt-token-manager';
 const DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254';
 const METADATA_SERVICE_VERSION = '2022-03-01';
+const IAM_EXPIRATION_WINDOW = 10;
 /**
@@ -145,2 +146,19 @@ * Token Manager for VPC Instance Authentication.
     }
+    /**
+     * Returns true iff the currently-cached IAM access token is expired.
+     * We'll consider an access token as expired when we reach its IAM server-reported
+     * expiration time minus our expiration window (10 secs).
+     * We do this to avoid using an access token that might expire in the middle of a long-running
+     * transaction within an IBM Cloud service.
+     *
+     * @returns true if the token has expired, false otherwise
+     */
+    isTokenExpired() {
+        const { expireTime } = this;
+        if (!expireTime) {
+            return true;
+        }
+        const currentTime = getCurrentTime();
+        return currentTime >= expireTime - IAM_EXPIRATION_WINDOW;
+    }
 }

es/tsdoc-metadata.json

@@ -8,5 +8,5 @@ // This file is read by tools that parse documentation comments conforming to the TSDoc standard.
       "packageName": "@microsoft/api-extractor",
-      "packageVersion": "7.39.0"
+      "packageVersion": "7.41.0"
     }
   ]
 }

etc/ibm-cloud-sdk-core.api.md

@@ -279,2 +279,3 @@ ## API Report File for "ibm-cloud-sdk-core"
     getRefreshToken(): string;
+    protected isTokenExpired(): boolean;
     // (undocumented)
@@ -415,2 +416,3 @@ protected refreshToken: string;
     protected headers: OutgoingHttpHeaders;
+    protected isTokenExpired(): boolean;
     protected pacedRequestToken(): Promise<any>;
@@ -506,2 +508,3 @@ // (undocumented)
     constructor(options: Options_9);
+    protected isTokenExpired(): boolean;
     // (undocumented)
@@ -508,0 +511,0 @@ protected requestToken(): Promise<any>;

package.json

 {
   "name": "ibm-cloud-sdk-core",
-  "version": "4.2.3",
+  "version": "4.2.4",
   "description": "Core functionality to support SDKs generated with IBM's OpenAPI SDK Generator.",
@@ -5,0 +5,0 @@ "main": "index.js",

temp/ibm-cloud-sdk-core.api.md

@@ -279,2 +279,3 @@ ## API Report File for "ibm-cloud-sdk-core"
     getRefreshToken(): string;
+    protected isTokenExpired(): boolean;
     // (undocumented)
@@ -415,2 +416,3 @@ protected refreshToken: string;
     protected headers: OutgoingHttpHeaders;
+    protected isTokenExpired(): boolean;
     protected pacedRequestToken(): Promise<any>;
@@ -506,2 +508,3 @@ // (undocumented)
     constructor(options: Options_9);
+    protected isTokenExpired(): boolean;
     // (undocumented)
@@ -508,0 +511,0 @@ protected requestToken(): Promise<any>;

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1619042

increased by1.12%

Number of package files

408

increased by0.74%

Lines of code

32336

increased by1.01%

No dependency changes