From 191786d8c55980e8014ccdbd9b591ece85c43e36 Mon Sep 17 00:00:00 2001 From: Osamah Bukraa Date: Wed, 6 Mar 2024 13:01:45 +0100 Subject: [PATCH 1/2] Add crash handler to failed refresh calls and additional error logging --- src/accessToken.js | 22 ++++++++++++++++++---- src/controller.js | 35 ++++++++++++++++++++--------------- 2 files changed, 38 insertions(+), 19 deletions(-) diff --git a/src/accessToken.js b/src/accessToken.js index a31bc4f..a24a813 100644 --- a/src/accessToken.js +++ b/src/accessToken.js @@ -1,9 +1,15 @@ import { OAuth2 } from 'oauth'; +import pino from 'pino'; const tokenStore = {}; const ACCESS_TOKEN_PATH = '/oauth2/token'; const EXPIRY_MARGIN = 1000 * 60 * 5; // 5 minute margin +const logger = pino({ + name: '@digipolis/auth-accesstoken', + level: 'error', +}); + function createUserToken(results, refreshToken) { return { accessToken: results.access_token, @@ -18,6 +24,7 @@ function getNewAccessToken(clientId, clientSecret, url) { return new Promise((resolve, reject) => { oauth2.getOAuthAccessToken('', { grant_type: 'client_credentials' }, (err, accessToken, _refreshToken, results) => { if (err) { + logger.error('An error occurred while getting new access token with client credentials', err); return reject(err); } @@ -38,6 +45,7 @@ export function getUserTokenFromAuthorizationCode(code, clientId, clientSecret, { grant_type: 'authorization_code' }, (err, _accessToken, refreshToken, results) => { if (err) { + logger.error('An error occurred while getting new access token with authorization code', err); return reject(err); } @@ -56,6 +64,7 @@ export function refreshAccessToken(token, clientId, clientSecret, url) { { grant_type: 'refresh_token' }, (err, _accessToken, refreshToken, results) => { if (err) { + logger.error('An error occurred while getting new access token with refresh token', err); return reject(err); } @@ -67,10 +76,15 @@ export function refreshAccessToken(token, clientId, clientSecret, url) { } export async function getAccessToken(clientId, clientSecret, url) { - if (tokenStore.token && tokenStore.token.expiresIn > Date.now()) { + try { + if (tokenStore.token && tokenStore.token.expiresIn > Date.now()) { + return tokenStore.token.accessToken; + } + + tokenStore.token = await getNewAccessToken(clientId, clientSecret, url); return tokenStore.token.accessToken; + } catch (error) { + logger.error('An error occurred while getting new access token', error); + return null; } - - tokenStore.token = await getNewAccessToken(clientId, clientSecret, url); - return tokenStore.token.accessToken; } diff --git a/src/controller.js b/src/controller.js index c9f96e8..080657a 100644 --- a/src/controller.js +++ b/src/controller.js @@ -288,23 +288,28 @@ export default function createController(config) { } async function refreshToken(req, res, next) { - if (!refresh) { - return next(); - } - - const tokenKey = `${objectKey}Token`; - const token = req.session[tokenKey]; - if (!token) { - return next(); - } - - if (new Date(token.expiresIn) >= new Date(Date.now() + EXPIRY_MARGIN)) { + try { + if (!refresh) { + return next(); + } + + const tokenKey = `${objectKey}Token`; + const token = req.session[tokenKey]; + if (!token) { + return next(); + } + + if (new Date(token.expiresIn) >= new Date(Date.now() + EXPIRY_MARGIN)) { + return next(); + } + + const newToken = await service.refresh(token); + req.session = Object.assign(req.session, { [tokenKey]: newToken }); + return req.session.save(() => next()); + } catch (error) { + logger.error('An error occurred while refreshing token', error); return next(); } - - const newToken = await service.refresh(token); - req.session = Object.assign(req.session, { [tokenKey]: newToken }); - return req.session.save(() => next()); } return { From 27447ff7794c6b0bf77e54e41b6527840c281085 Mon Sep 17 00:00:00 2001 From: Osamah Bukraa Date: Wed, 6 Mar 2024 13:03:57 +0100 Subject: [PATCH 2/2] Lint fixes --- package.json | 1 + src/accessToken.js | 2 +- src/controller.js | 6 +++--- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 7c5bc6e..af1c62f 100644 --- a/package.json +++ b/package.json @@ -9,6 +9,7 @@ "build": "npx rollup -c --exports default", "prepublish": "npm run build", "lint": "eslint . --ext .js", + "lint:fix": "eslint . --ext .js --fix", "test": "cross-env NODE_ENV=test nyc --reporter=lcov --reporter=text mocha" }, "publishConfig": { diff --git a/src/accessToken.js b/src/accessToken.js index a24a813..eff790e 100644 --- a/src/accessToken.js +++ b/src/accessToken.js @@ -80,7 +80,7 @@ export async function getAccessToken(clientId, clientSecret, url) { if (tokenStore.token && tokenStore.token.expiresIn > Date.now()) { return tokenStore.token.accessToken; } - + tokenStore.token = await getNewAccessToken(clientId, clientSecret, url); return tokenStore.token.accessToken; } catch (error) { diff --git a/src/controller.js b/src/controller.js index 080657a..685302e 100644 --- a/src/controller.js +++ b/src/controller.js @@ -292,17 +292,17 @@ export default function createController(config) { if (!refresh) { return next(); } - + const tokenKey = `${objectKey}Token`; const token = req.session[tokenKey]; if (!token) { return next(); } - + if (new Date(token.expiresIn) >= new Date(Date.now() + EXPIRY_MARGIN)) { return next(); } - + const newToken = await service.refresh(token); req.session = Object.assign(req.session, { [tokenKey]: newToken }); return req.session.save(() => next());