UNPKG

@aws-amplify/core

Version:

Core category of aws-amplify

aws-amplify.github.io

aws-amplify/amplify-js

104 lines (92 loc) 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 import { CredentialsAndIdentityId, AuthConfig, AuthSession, AuthTokens, FetchAuthSessionOptions, LibraryAuthOptions, } from './types'; export function isTokenExpired({ expiresAt, clockDrift, }: { expiresAt: number; clockDrift: number; }): boolean { const currentTime = Date.now(); return currentTime + clockDrift > expiresAt; } export class AuthClass { private authConfig?: AuthConfig; private authOptions?: LibraryAuthOptions; constructor() {} /** * Configure Auth category * * @internal * * @param authResourcesConfig - Resources configurations required by Auth providers. * @param authOptions - Client options used by library * * @returns void */ configure( authResourcesConfig: AuthConfig, authOptions?: LibraryAuthOptions ): void { this.authConfig = authResourcesConfig; this.authOptions = authOptions; } async fetchAuthSession( options: FetchAuthSessionOptions = {} ): Promise<AuthSession> { let tokens: AuthTokens | undefined; let credentialsAndIdentityId: CredentialsAndIdentityId | undefined; let userSub: string | undefined; // Get tokens will throw if session cannot be refreshed (network or service error) or return null if not available tokens = await this.getTokens(options); if (tokens) { userSub = tokens.accessToken?.payload?.sub; // getCredentialsAndIdentityId will throw if cannot get credentials (network or service error) credentialsAndIdentityId = await this.authOptions?.credentialsProvider?.getCredentialsAndIdentityId( { authConfig: this.authConfig, tokens, authenticated: true, forceRefresh: options.forceRefresh, } ); } else { // getCredentialsAndIdentityId will throw if cannot get credentials (network or service error) credentialsAndIdentityId = await this.authOptions?.credentialsProvider?.getCredentialsAndIdentityId( { authConfig: this.authConfig, authenticated: false, forceRefresh: options.forceRefresh, } ); } return { tokens, credentials: credentialsAndIdentityId?.credentials, identityId: credentialsAndIdentityId?.identityId, userSub, }; } async clearCredentials(): Promise<void> { if (this.authOptions?.credentialsProvider) { return await this.authOptions.credentialsProvider.clearCredentialsAndIdentityId(); } } async getTokens( options: FetchAuthSessionOptions ): Promise<AuthTokens | undefined> { return ( (await this.authOptions?.tokenProvider?.getTokens(options)) ?? undefined ); } }