simple-oauth2
Advanced tools
Comparing version 4.0.0 to 4.1.0
# Changelog | ||
## 4.1.0 | ||
### Improvements | ||
- [#398](https://github.com/lelylan/simple-oauth2/pull/328) Add support to refresh persitent access tokens | ||
### Maintainance | ||
- [#326](https://github.com/lelylan/simple-oauth2/pull/326) Remove usage of [date-fns](https://date-fns.org/) production dependency | ||
- [#325](https://github.com/lelylan/simple-oauth2/pull/325) Setup [volta](https://volta.sh/) instead of nvm to handle node versions | ||
- [#322](https://github.com/lelylan/simple-oauth2/pull/322) Update acorn version in package-lock file | ||
## 4.0.0 | ||
@@ -4,0 +13,0 @@ ### Breaking changes |
'use strict'; | ||
const Hoek = require('@hapi/hoek'); | ||
const { isBefore } = require('date-fns'); | ||
const GrantParams = require('../grant-params'); | ||
@@ -32,3 +31,3 @@ const { parseToken } = require('./token-parser'); | ||
expired(expirationWindowSeconds = 0) { | ||
return isBefore(this.token.expires_at, Date.now() + expirationWindowSeconds * 1000); | ||
return this.token.expires_at - (Date.now() + expirationWindowSeconds * 1000) <= 0; | ||
} | ||
@@ -84,2 +83,11 @@ | ||
} | ||
/** | ||
* Get the access token's internal JSON representation | ||
* | ||
* @returns {String} | ||
*/ | ||
toJSON() { | ||
return this.token; | ||
} | ||
}; |
'use strict'; | ||
const debug = require('debug')('simple-oauth2:access-token'); | ||
const { isDate, parseISO, addSeconds } = require('date-fns'); | ||
@@ -10,7 +9,7 @@ const EXPIRES_AT_PROPERTY_NAME = 'expires_at'; | ||
function getExpirationDate(expiresIn) { | ||
return addSeconds(new Date(), Number.parseInt(expiresIn, 10)); | ||
return new Date(Date.now() + Number.parseInt(expiresIn, 10) * 1000); | ||
} | ||
function parseExpirationDate(expirationDate) { | ||
if (isDate(expirationDate)) { | ||
if (expirationDate instanceof Date) { | ||
return expirationDate; | ||
@@ -25,3 +24,3 @@ } | ||
// ISO 8601 string | ||
return parseISO(expirationDate); | ||
return new Date(expirationDate); | ||
} | ||
@@ -28,0 +27,0 @@ |
@@ -52,4 +52,14 @@ 'use strict'; | ||
return new AccessToken(this.#config, this.#client, response); | ||
return this.createToken(response); | ||
} | ||
/** | ||
* Creates a new access token instance from a plain object | ||
* | ||
* @param {Object} token Plain object representation of an access token | ||
* @returns {AccessToken} | ||
*/ | ||
createToken(token) { | ||
return new AccessToken(this.#config, this.#client, token); | ||
} | ||
}; |
@@ -27,4 +27,14 @@ 'use strict'; | ||
return new AccessToken(this.#config, this.#client, response); | ||
return this.createToken(response); | ||
} | ||
/** | ||
* Creates a new access token instance from a plain object | ||
* | ||
* @param {Object} token Plain object representation of an access token | ||
* @returns {AccessToken} | ||
*/ | ||
createToken(token) { | ||
return new AccessToken(this.#config, this.#client, token); | ||
} | ||
}; |
@@ -29,4 +29,14 @@ 'use strict'; | ||
return new AccessToken(this.#config, this.#client, response); | ||
return this.createToken(response); | ||
} | ||
/** | ||
* Creates a new access token instance from a plain object | ||
* | ||
* @param {Object} token Plain object representation of an access token | ||
* @returns {AccessToken} | ||
*/ | ||
createToken(token) { | ||
return new AccessToken(this.#config, this.#client, token); | ||
} | ||
}; |
{ | ||
"name": "simple-oauth2", | ||
"version": "4.0.0", | ||
"version": "4.1.0", | ||
"description": "Node.js client for OAuth2", | ||
@@ -51,3 +51,2 @@ "author": "Andrea Reginato <andrea.reginato@gmail.com>", | ||
"@hapi/wreck": "^17.0.0", | ||
"date-fns": "^2.14.0", | ||
"debug": "^4.1.1" | ||
@@ -61,2 +60,3 @@ }, | ||
"chance-access-token": "^2.0.0", | ||
"date-fns": "^2.14.0", | ||
"doctoc": "^1.4.0", | ||
@@ -68,3 +68,6 @@ "eslint": "^6.8.0", | ||
"nyc": "^15.0.1" | ||
}, | ||
"volta": { | ||
"node": "12.18.0" | ||
} | ||
} |
@@ -162,6 +162,31 @@ # Simple OAuth2 | ||
When a token expires we need a mechanism to obtain a new access token. The [AccessToken](./API.md#accesstoken) methods can be used to perform the token refresh process. | ||
On long lived applications, it is often necessary to refresh access tokens. In such scenarios the access token is usually persisted in an external database by first serializing it. | ||
```javascript | ||
async function run() { | ||
const accessTokenJSONString = JSON.stringify(accessToken); | ||
await persistAccessTokenJSON(accessTokenJSONString); | ||
} | ||
run(); | ||
``` | ||
By the time we need to refresh the persistent access token, we can get back an [AccessToken](./API.md#accesstoken) instance by using the client's [.createToken](./API.md#createtokentoken--accesstoken) method. | ||
```javascript | ||
async function run() { | ||
const accessTokenJSONString = await getPersistedAccessTokenJSON(); | ||
let accessToken = client.createToken(JSON.parse(accessTokenJSONString)); | ||
} | ||
run(); | ||
``` | ||
Once we have determined the access token needs refreshing with the [.expired()](./API.md##expiredexpirationwindowseconds--boolean) method, we can finally refresh it with a [.refresh()](#refreshparams--promiseaccesstoken) method call. | ||
```javascript | ||
async function run() { | ||
if (accessToken.expired()) { | ||
@@ -183,3 +208,3 @@ try { | ||
The `expired` helper is useful for knowing when a token has definitively expired. However, there is a common race condition when tokens are near expiring. If an OAuth 2.0 token is issued with a `expires_in` property (as opposed to an `expires_at` property), there can be discrepancies between the time the OAuth 2.0 server issues the access token and when it is received. | ||
The [.expired()](./API.md##expiredexpirationwindowseconds--boolean) helper is useful for knowing when a token has definitively expired. However, there is a common race condition when tokens are near expiring. If an OAuth 2.0 token is issued with a `expires_in` property (as opposed to an `expires_at` property), there can be discrepancies between the time the OAuth 2.0 server issues the access token and when it is received. | ||
@@ -186,0 +211,0 @@ These come down to factors such as network and processing latency and can be worked around by preemptively refreshing the access token: |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
42415
4
490
325
12
- Removeddate-fns@^2.14.0
- Removed@babel/runtime@7.26.0(transitive)
- Removeddate-fns@2.30.0(transitive)
- Removedregenerator-runtime@0.14.1(transitive)