Refresh authToken when it expires

Access tokens have lifetimes that might end before the user wants to end their authenticated session. Hence, we need to refresh the user access token after an expiry detection. Resolves: #175 Signed-off-by: fenn-cs <[email protected]>
PermanentOrg · Aug 5, 2023 · 08b69a9 · 08b69a9
1 parent eb4fb69
commit 08b69a9
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/.env.example b/.env.example
@@ -40,3 +40,4 @@ PERMANENT_API_BASE_PATH=${LOCAL_TEMPORARY_AUTH_TOKEN}
 # See https://fusionauth.io/docs/v1/tech/apis/api-keys
 FUSION_AUTH_HOST=${FUSION_AUTH_HOST}
 FUSION_AUTH_KEY=${FUSION_AUTH_KEY}
+FUSION_AUTH_APP_ID=${FUSION_AUTH_APP_ID}
diff --git a/src/classes/AuthenticationSession.ts b/src/classes/AuthenticationSession.ts
@@ -15,10 +15,14 @@ enum FusionAuthStatusCode {
 export class AuthenticationSession {
   public authToken = '';
 
+  public refreshToken = '';
+
   public readonly authContext;
 
   private readonly fusionAuthClient;
 
+  private readonly fusionAuthAppId =  process.env.FUSION_AUTH_APP_ID ?? '';
+
   private twoFactorId = '';
 
   private twoFactorMethods: TwoFactorMethod[] = [];
@@ -46,6 +50,7 @@ export class AuthenticationSession {
 
   private processPasswordResponse([password]: string[]): void {
     this.fusionAuthClient.login({
+      applicationId: this.fusionAuthAppId,
       loginId: this.authContext.username,
       password,
     }).then((clientResponse) => {
@@ -57,6 +62,7 @@ export class AuthenticationSession {
               username: this.authContext.username,
             });
             this.authToken = clientResponse.response.token;
+            this.refreshToken = clientResponse.response.refreshToken ?? '';
             this.authContext.accept();
             return;
           }
@@ -178,4 +184,18 @@ export class AuthenticationSession {
       this.authContext.reject();
     });
   }
+
+  private obtainNewAuthTokenUsingRefreshToken(): void {
+    this.fusionAuthClient.exchangeRefreshTokenForAccessToken(this.refreshToken, '', '', '', '')
+      .then((clientResponse) => {
+        this.authToken = clientResponse.response.access_token ?? '';
+      })
+      .catch((clientResponse: unknown) => {
+        const message = isPartialClientResponse(clientResponse)
+          ? clientResponse.exception.message
+          : '';
+        logger.warn(`Error obtaining refresh token : ${message}`);
+        this.authContext.reject();
+      });
+  }
 }