feat: implemented awthentication-jwt refreshtoken services

extensions/authentication-jwt/README.md

@@ -142,7 +142,23 @@ login, then decorate endpoints with `@authentication('jwt')` to inject the
 logged in user's profile.
 
 This module contains an example application in the `fixtures` folder. It has a
-controller with endpoints `/login` and `/whoAmI`.
+controller with endpoints `/login`, `/refreshlogin`, `/refresh` and `/whoAmI`.
+
+Before using the below snippet do not forget to inject below repositories and bindingings  
+in your controller's constructor
+
+```ts
+    @inject(TokenServiceBindings.TOKEN_SERVICE)
+    public jwtService: TokenService,
+    @inject(UserServiceBindings.USER_SERVICE)
+    public userService: UserService<User, Credentials>,
+    @inject(SecurityBindings.USER, {optional: true})
+    private user: UserProfile,
+    @inject(UserServiceBindings.USER_REPOSITORY)
+    public userRepository: UserRepository,
+    @inject(RefreshTokenServiceBindings.REFRESH_TOKEN_SERVICE)
+    public refreshService: RefreshTokenService,
+```
 
 The code snippet for login function:
 
@@ -174,41 +190,39 @@ The code snippet for whoAmI function:
 
 ### Endpoints with refresh token
 
-To add refresh token mechanism in your app, you have to call the following
-interceptor.
+To add refresh token mechanism in your app, you can follow below example code at the
+endpoint.
 
-1. `refresh-token-generate` : to generate the refresh token and access token
+1. `To generate refresh token` : to generate the refresh token and access token
    when user logins to your app with provided credentials.
 
 ```ts
- @intercept('refresh-token-generate')
-async refreshLogin(
-  @requestBody(CredentialsRequestBody) credentials: Credentials,
-): Promise<TokenObject> {
-  // ensure the user exists, and the password is correct
-  const user = await this.userService.verifyCredentials(credentials);
-  // convert a User object into a UserProfile object (reduced set of properties)
-  const userProfile: UserProfile = this.userService.convertToUserProfile(
-    user,
-  );
-  // create a JSON Web Token based on the user profile
-  const token = {
-    accessToken: await this.jwtService.generateToken(userProfile),
-  };
-  return token;
-}
+ async refreshLogin(
+    @requestBody(CredentialsRequestBody) credentials: Credentials,
+  ): Promise<TokenObject> {
+    // ensure the user exists, and the password is correct
+    const user = await this.userService.verifyCredentials(credentials);
+    // convert a User object into a UserProfile object (reduced set of properties)
+    const userProfile: UserProfile = this.userService.convertToUserProfile(
+      user,
+    );
+    const accessToken = await this.jwtService.generateToken(userProfile);
+    const tokens = await this.refreshService.generateToken(
+      userProfile,
+      accessToken,
+    );
+    return tokens;
+  }
 ```
 
-2. `refresh-token-grant`: to generate the access token by the refresh token
+2. `To refresh the token`: to generate the access token by the refresh token
    obtained from the the last login endpoint.
 
 ```ts
-  @intercept('refresh-token-grant')
   async refresh(
     @requestBody(RefreshGrantRequestBody) refreshGrant: RefreshGrant,
-  ): Promise<{token: string}> {
-    const token = '';
-    return {token};
+  ): Promise<TokenObject> {
+    return this.refreshService.refreshToken(refreshGrant.refreshToken);
   }
 ```
 
@@ -348,7 +362,7 @@ provide your own `User` model and repository.
   // for jwt access token
   this.bind(TokenServiceBindings.TOKEN_SECRET).to("<yourSecret>");
   // for refresh token
-  this.bind(RefreshTokenInterceptorBindings.TOKEN_SECRET).to("<yourSecret>");
+  this.bind(RefreshTokenServiceBindings.TOKEN_SECRET).to("<yourSecret>");
 ```
 
 2. To change token expiration. to learn more about expiration time here at
@@ -358,7 +372,7 @@ provide your own `User` model and repository.
   // for jwt access token expiration
     this.bind(TokenServiceBindings.TOKEN_EXPIRES_IN).to("<Expiration Time in sec>");
   // for refresh token expiration
-    this.bind(RefreshTokenInterceptorBindings.TOKEN_EXPIRES_IN).to("<Expiration Time in sec>");
+    this.bind(RefreshTokenServiceBindings.TOKEN_EXPIRES_IN).to("<Expiration Time in sec>");
 ```
 
 ## Future Work

extensions/authentication-jwt/src/__tests__/acceptance/jwt.component.test.ts

@@ -15,7 +15,6 @@ import {UserServiceBindings} from '../..';
 import {OPERATION_SECURITY_SPEC, SECURITY_SCHEME_SPEC} from '../../';
 import {UserRepository} from '../../repositories';
 import {TestApplication} from '../fixtures/application';
-import {RefreshTokenBindings} from '../../keys';
 
 describe('jwt authentication', () => {
   let app: TestApplication;

extensions/authentication-jwt/src/__tests__/fixtures/application.ts

@@ -14,7 +14,7 @@ import path from 'path';
 import {
   JWTAuthenticationComponent,
   UserServiceBindings,
-  RefreshTokenBindings,
+  RefreshTokenServiceBindings,
 } from '../../';
 import {DbDataSource} from './datasources/db.datasource';
 import {MySequence} from './sequence';
@@ -39,7 +39,7 @@ export class TestApplication extends BootMixin(
     // Bind datasource
     this.dataSource(DbDataSource, UserServiceBindings.DATASOURCE_NAME);
     //Bind datasource for refreshtoken table
-    this.dataSource(DbDataSource, RefreshTokenBindings.DATASOURCE_NAME);
+    this.dataSource(DbDataSource, RefreshTokenServiceBindings.DATASOURCE_NAME);
 
     this.component(RestExplorerComponent);
     this.projectRoot = __dirname;

extensions/authentication-jwt/src/__tests__/fixtures/controllers/user.controller.ts

@@ -8,7 +8,7 @@ import {
   TokenService,
   UserService,
 } from '@loopback/authentication';
-import {inject, intercept} from '@loopback/core';
+import {inject} from '@loopback/core';
 import {get, post, requestBody} from '@loopback/rest';
 import {SecurityBindings, securityId, UserProfile} from '@loopback/security';
 import {
@@ -18,11 +18,13 @@ import {
   TokenObject,
   RefreshGrantRequestBody,
   RefreshGrant,
+  RefreshTokenServiceBindings,
 } from '../../../';
 import {model, property} from '@loopback/repository';
 import {genSalt, hash} from 'bcryptjs';
 import {UserRepository} from '../../../repositories';
 import {Credentials} from '../../../services/user.service';
+import {RefreshTokenService} from '../../../keys';
 
 const CredentialsSchema = {
   type: 'object',
@@ -66,6 +68,8 @@ export class UserController {
     private user: UserProfile,
     @inject(UserServiceBindings.USER_REPOSITORY)
     public userRepository: UserRepository,
+    @inject(RefreshTokenServiceBindings.REFRESH_TOKEN_SERVICE)
+    public refreshService: RefreshTokenService,
   ) {}
 
   @post('/users/signup', {
@@ -172,7 +176,6 @@ export class UserController {
       },
     },
   })
-  @intercept('refresh-token-generate')
   async refreshLogin(
     @requestBody(CredentialsRequestBody) credentials: Credentials,
   ): Promise<TokenObject> {
@@ -182,11 +185,12 @@ export class UserController {
     const userProfile: UserProfile = this.userService.convertToUserProfile(
       user,
     );
-    // create a JSON Web Token based on the user profile
-    const token = {
-      accessToken: await this.jwtService.generateToken(userProfile),
-    };
-    return token;
+    const accessToken = await this.jwtService.generateToken(userProfile);
+    const tokens = await this.refreshService.generateToken(
+      userProfile,
+      accessToken,
+    );
+    return tokens;
   }
 
   @post('/refresh', {
@@ -198,8 +202,8 @@ export class UserController {
             schema: {
               type: 'object',
               properties: {
-                refreshToken: {
-                  type: 'string',
+                accessToken: {
+                  type: 'object',
                 },
               },
             },
@@ -208,11 +212,9 @@ export class UserController {
       },
     },
   })
-  @intercept('refresh-token-grant')
   async refresh(
     @requestBody(RefreshGrantRequestBody) refreshGrant: RefreshGrant,
-  ): Promise<{token: string}> {
-    const token = '';
-    return {token};
+  ): Promise<TokenObject> {
+    return this.refreshService.refreshToken(refreshGrant.refreshToken);
   }
 }

extensions/authentication-jwt/src/__tests__/unit/jwt.service.ts

@@ -4,7 +4,7 @@
 // License text available at https://opensource.org/licenses/MIT
 
 import {HttpErrors} from '@loopback/rest';
-import {securityId, UserProfile} from '@loopback/security';
+import {securityId} from '@loopback/security';
 import {expect} from '@loopback/testlab';
 import {JWTService} from '../../';
 
@@ -19,17 +19,11 @@ describe('token service', () => {
     id: '1',
     name: 'test',
   };
-  type Setter<T> = (value?: T) => void;
+
   const TOKEN_SECRET_VALUE = 'myjwts3cr3t';
   const TOKEN_EXPIRES_IN_VALUE = '60';
-  const setCurrentUser: Setter<UserProfile> = userProfile => {
-    return userProfile;
-  };
-  const jwtService = new JWTService(
-    TOKEN_SECRET_VALUE,
-    TOKEN_EXPIRES_IN_VALUE,
-    setCurrentUser,
-  );
+
+  const jwtService = new JWTService(TOKEN_SECRET_VALUE, TOKEN_EXPIRES_IN_VALUE);
 
   it('token service generateToken() succeeds', async () => {
     const token = await jwtService.generateToken(USER_PROFILE);
@@ -39,7 +33,6 @@ describe('token service', () => {
   it('token service verifyToken() succeeds', async () => {
     const token = await jwtService.generateToken(USER_PROFILE);
     const userProfileFromToken = await jwtService.verifyToken(token);
-
     expect(userProfileFromToken).to.deepEqual(DECODED_USER_PROFILE);
   });