Skip to content

Commit

Permalink
[SDK-2330] New tokens should be applied to existing session (#307)
Browse files Browse the repository at this point in the history
  • Loading branch information
adamjmcgrath authored Feb 19, 2021
1 parent 7d7d4a9 commit 5c5bb8d
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 15 deletions.
17 changes: 6 additions & 11 deletions src/session/get-access-token.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { NextApiRequest, NextApiResponse } from 'next';
import { ClientFactory } from '../auth0-session';
import { AccessTokenError } from '../utils/errors';
import { intersect, match } from '../utils/array';
import { SessionCache, fromTokenSet, fromJson } from '../session';
import { SessionCache, fromTokenSet } from '../session';
import { NextConfig } from '../config';

/**
Expand Down Expand Up @@ -114,16 +114,11 @@ export default function accessTokenFactory(

// Update the session.
const newSession = fromTokenSet(tokenSet, config);
sessionCache.set(
req,
res,
fromJson({
...session,
...newSession,
refreshToken: newSession.refreshToken || session.refreshToken,
user: { ...session.user, ...newSession.user }
})
);
Object.assign(session, {
...newSession,
refreshToken: newSession.refreshToken || session.refreshToken,
user: { ...session.user, ...newSession.user }
});

// Return the new access token.
return {
Expand Down
6 changes: 4 additions & 2 deletions tests/fixtures/setup.ts
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ export type SetupOptions = {
getAccessTokenOptions?: AccessTokenRequest;
discoveryOptions?: object;
userInfoPayload?: object;
userInfoToken?: string;
};

export const setup = async (
Expand All @@ -42,13 +43,14 @@ export const setup = async (
withPageAuthRequiredOptions,
getAccessTokenOptions,
discoveryOptions,
userInfoPayload = {}
userInfoPayload = {},
userInfoToken = 'eyJz93a...k4laUWw'
}: SetupOptions = {}
): Promise<string> => {
discovery(config, discoveryOptions);
jwksEndpoint(config, jwks);
codeExchange(config, makeIdToken({ iss: 'https://acme.auth0.local/', ...idTokenClaims }));
userInfo(config, 'eyJz93a...k4laUWw', userInfoPayload);
userInfo(config, userInfoToken, userInfoPayload);
const {
handleAuth,
handleCallback,
Expand Down
26 changes: 24 additions & 2 deletions tests/handlers/profile.test.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import nock from 'nock';
import { withoutApi } from '../fixtures/default-settings';
import { userInfo } from '../fixtures/oidc-nocks';
import { withApi, withoutApi } from '../fixtures/default-settings';
import { refreshTokenRotationExchange, userInfo } from '../fixtures/oidc-nocks';
import { get } from '../auth0-session/fixtures/helpers';
import { setup, teardown, login } from '../fixtures/setup';
import { Session, AfterCallback } from '../../src';
Expand Down Expand Up @@ -91,6 +91,28 @@ describe('profile handler', () => {
);
});

test('should refetch the user and preserve new tokens', async () => {
const afterCallback: AfterCallback = (_req, _res, session: Session): Session => {
session.accessTokenExpiresAt = -60;
return session;
};
const baseUrl = await setup(withApi, {
profileOptions: { refetch: true },
userInfoPayload: { foo: 'bar' },
callbackOptions: {
afterCallback
},
userInfoToken: 'new-access-token'
});
refreshTokenRotationExchange(withApi, 'GEbRxBN...edjnXbL', {}, 'new-access-token', 'new-refresh-token');
const cookieJar = await login(baseUrl);
const profile = await get(baseUrl, '/api/auth/me', { cookieJar });
expect(profile).toMatchObject({ foo: 'bar' });
const session = await get(baseUrl, '/api/session', { cookieJar });
expect(session.accessToken).toEqual('new-access-token');
expect(session.refreshToken).toEqual('new-refresh-token');
});

test('should update the session in the afterRefetch hook', async () => {
const baseUrl = await setup(withoutApi, {
profileOptions: {
Expand Down

0 comments on commit 5c5bb8d

Please sign in to comment.