UNPKG

bpt-pack-two

Version:

Study Passwordless authentication on aws project

github.com/Bhodikorn/bpt-pack

Bhodikorn/bpt-pack

69 lines (68 loc) 3.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/** * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). You * may not use this file except in compliance with the License. A copy of * the License is located at * * http://aws.amazon.com/apache2.0/ * * or in the "license" file accompanying this file. This file is * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF * ANY KIND, either express or implied. See the License for the specific * language governing permissions and limitations under the License. */ import { parseJwtPayload } from "./util.js"; import { configure } from "./config.js"; export async function storeTokens(tokens) { const { clientId, storage } = configure(); const { sub, email, "cognito:username": username, } = parseJwtPayload(tokens.idToken); const { scope } = parseJwtPayload(tokens.accessToken); const amplifyKeyPrefix = `CognitoIdentityServiceProvider.${clientId}`; const customKeyPrefix = `Passwordless.${clientId}`; const promises = []; promises.push(storage.setItem(`${amplifyKeyPrefix}.LastAuthUser`, username)); promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.idToken`, tokens.idToken)); promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.accessToken`, tokens.accessToken)); if (tokens.refreshToken) { promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.refreshToken`, tokens.refreshToken)); } promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.userData`, JSON.stringify({ UserAttributes: [ { Name: "sub", Value: sub, }, { Name: "email", Value: email, }, ], Username: username, }))); promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.tokenScopesString`, scope)); promises.push(storage.setItem(`${customKeyPrefix}.${username}.expireAt`, tokens.expireAt.toISOString())); await Promise.all(promises.filter((p) => !!p)); } export async function retrieveTokens() { const { clientId, storage } = configure(); const amplifyKeyPrefix = `CognitoIdentityServiceProvider.${clientId}`; const customKeyPrefix = `Passwordless.${clientId}`; const username = await storage.getItem(`${amplifyKeyPrefix}.LastAuthUser`); if (!username) { return; } const [accessToken, idToken, refreshToken, expireAt] = await Promise.all([ storage.getItem(`${amplifyKeyPrefix}.${username}.accessToken`), storage.getItem(`${amplifyKeyPrefix}.${username}.idToken`), storage.getItem(`${amplifyKeyPrefix}.${username}.refreshToken`), storage.getItem(`${customKeyPrefix}.${username}.expireAt`), ]); return { idToken: idToken ?? undefined, accessToken: accessToken ?? undefined, refreshToken: refreshToken ?? undefined, expireAt: expireAt ? new Date(expireAt) : undefined, username, }; }