UNPKG

@aws-amplify/auth

Version:

Auth category of aws-amplify

aws-amplify.github.io

aws-amplify/amplify-js

102 lines (99 loc) 4.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import { ConsoleLogger, Amplify, clearCredentials, Hub, defaultStorage } from '@aws-amplify/core'; import { assertTokenProviderConfig, assertOAuthConfig, AMPLIFY_SYMBOL, AuthAction } from '@aws-amplify/core/internals/utils'; import { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs'; import '../utils/refreshAuthTokens.mjs'; import { AuthError } from '../../../errors/AuthError.mjs'; import '../tokenProvider/errorHelpers.mjs'; import { DefaultOAuthStore } from '../utils/signInWithRedirectStore.mjs'; import { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs'; import { revokeToken, globalSignOut as globalSignOut$1 } from '../utils/clients/CognitoIdentityProvider/index.mjs'; import { getRegion } from '../utils/clients/CognitoIdentityProvider/utils.mjs'; import { assertAuthTokensWithRefreshToken, assertAuthTokens } from '../utils/types.mjs'; import '@aws-crypto/sha256-js'; import { handleOAuthSignOut } from '../utils/oauth/handleOAuthSignOut.mjs'; import { OAUTH_SIGNOUT_EXCEPTION } from '../../../errors/constants.mjs'; import '../../../Errors.mjs'; import '../../../common/AuthErrorStrings.mjs'; import '../../../types/Auth.mjs'; // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 const logger = new ConsoleLogger('Auth'); /** * Signs a user out * * @param input - The SignOutInput object * @throws AuthTokenConfigException - Thrown when the token provider config is invalid. */ async function signOut(input) { const cognitoConfig = Amplify.getConfig().Auth?.Cognito; assertTokenProviderConfig(cognitoConfig); if (input?.global) { await globalSignOut(cognitoConfig); } else { await clientSignOut(cognitoConfig); } let hasOAuthConfig; try { assertOAuthConfig(cognitoConfig); hasOAuthConfig = true; } catch (err) { hasOAuthConfig = false; } if (hasOAuthConfig) { const oAuthStore = new DefaultOAuthStore(defaultStorage); oAuthStore.setAuthConfig(cognitoConfig); const { type } = (await handleOAuthSignOut(cognitoConfig, oAuthStore)) ?? {}; if (type === 'error') { throw new AuthError({ name: OAUTH_SIGNOUT_EXCEPTION, message: 'An error occurred when attempting to log out from OAuth provider.', }); } } else { // complete sign out tokenOrchestrator.clearTokens(); await clearCredentials(); Hub.dispatch('auth', { event: 'signedOut' }, 'Auth', AMPLIFY_SYMBOL); } } async function clientSignOut(cognitoConfig) { try { const authTokens = await tokenOrchestrator.getTokenStore().loadTokens(); assertAuthTokensWithRefreshToken(authTokens); if (isSessionRevocable(authTokens.accessToken)) { await revokeToken({ region: getRegion(cognitoConfig.userPoolId), userAgentValue: getAuthUserAgentValue(AuthAction.SignOut), }, { ClientId: cognitoConfig.userPoolClientId, Token: authTokens.refreshToken, }); } } catch (err) { // this shouldn't throw logger.debug('Client signOut error caught but will proceed with token removal'); } } async function globalSignOut(cognitoConfig) { try { const authTokens = await tokenOrchestrator.getTokenStore().loadTokens(); assertAuthTokens(authTokens); await globalSignOut$1({ region: getRegion(cognitoConfig.userPoolId), userAgentValue: getAuthUserAgentValue(AuthAction.SignOut), }, { AccessToken: authTokens.accessToken.toString(), }); } catch (err) { // it should not throw logger.debug('Global signOut error caught but will proceed with token removal'); } } const isSessionRevocable = (token) => !!token?.payload?.origin_jti; export { signOut }; //# sourceMappingURL=signOut.mjs.map