@w3lcome/feathers-refresh-token/lib/hooks/refresh-access-token.js

Refresh token hooks for @feathers/authentication

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.refreshAccessToken = void 0;
const errors_1 = require("@feathersjs/errors");
const debug_1 = __importDefault(require("debug"));
const common_1 = require("./common");
const debug = debug_1.default('feathers-refresh-token');
/* Before create hook refresh token service to refresh access token
 * data: post data with userId and refresh token
 * this hook must be un-protected because when client call refresh-access-token API existing
 * access-token already expired.
 */
exports.refreshAccessToken = () => {
    return async (context) => {
        var _a;
        const { data, app, type, params, method } = context;
        const config = common_1.loadConfig(app);
        if (method !== 'create') {
            throw new Error('refreshAccessToken hook must be used with create method!');
        }
        //refresh Token only valid for before token and called from external
        if (type !== 'before') {
            throw new Error('refreshAccessToken hook must be used with before hook');
        }
        // for internal call, simply return context
        if (!params.provider) {
            debug('Internal API call for refresh token, simply return context');
            return context;
        }
        const { entity, userEntityId, authService } = config;
        //! validating user input
        [entity, userEntityId].forEach((p) => {
            if (p in data)
                return;
            throw new errors_1.BadRequest(`${p} is missing from request`);
        });
        const { existingToken, verifyResult: tokenVerifyResult } = await common_1.lookupRefreshToken(context, config, {
            userId: data[userEntityId],
            refreshToken: data[entity]
        });
        debug('Find existing refresh token result', existingToken);
        // Refresh token not exists
        if (!existingToken) {
            throw new errors_1.NotAuthenticated();
        }
        // Input data[userIdFiled] must match the sub in Refresh Token
        if (`${tokenVerifyResult.sub}` !== `${data[userEntityId]}`) {
            console.log(params);
            throw new Error(`Invalid token`);
        }
        debug('Creating new access token');
        // ! create new access token with default jwtOptions and secret
        const accessToken = await ((_a = app.service(authService)) === null || _a === void 0 ? void 0 : _a.createAccessToken({
            sub: data[userEntityId]
        }));
        debug('Issued new access token', accessToken);
        // return new access token
        context.result = {
            accessToken
        };
        return context;
    };
};
//# sourceMappingURL=refresh-access-token.js.map