Class: AuthorizationSession
Client-side refresh-token authorization
After establishing an authorization session (establish) keeps refreshing both access and refresh tokens on demand. In case of refresh token expirationexpiration, it throws an error and is no longer functional until a new session is established.
For multiple parallel sessions, one should provide distinct tokens that are stable for every session (e.g., device ID, etc.)
Note
does not perform periodic refreshes while idle, so the session would inevitably expire if not called long enough. One may, however, periodically call refresh method
Constructors
constructor
• new AuthorizationSession(url
, tokenId
, permissions
)
Example
const auth = new AuthorizationSession('https://cloud.spatium.net/authorization/v1', uuid(randomBytes), ['read', 'secret']);
const { data: { securityToken } } = await axios.post('https://cloud.spatium.net/authorization/v1/api/security-factor/credentials', {
username: 'username', password: 'password',
}, {
headers: {
'request-id': uuid(randomBytes),
},
}).then(({ data }) => data);
await auth.establish([securityToken]);
Parameters
Name | Type | Description |
---|---|---|
url |
string |
authorization service endpoint (HTTP(S)) |
tokenId |
string |
authorization session ID, controls multiple parallel sessions |
permissions |
string [] |
list of required permissions for this session |
Methods
establish
▸ establish(securityTokens
): Promise
<void
>
Establish a new authorization session, replacing the previous one, if any.
This method performs initial token acquisition, and may be called once again (with valid tokens) to invalidate a previous refresh token. Before session establishement, no token operation may be performed.
Parameters
Name | Type | Description |
---|---|---|
securityTokens |
string [] |
a list of gathered security tokens, sufficient to acquire required permissions |
Returns
Promise
<void
>
getPermissionToken
▸ getPermissionToken(): Promise
<string
>
Get current permission (access) token
As long as a refresh token is not expired, this method always returns a valid access token and refreshes it if necessary.
Returns
Promise
<string
>
permission token as per constructor parameters
refresh
▸ refresh(): Promise
<void
>
Manually refreshes a session
This method is called internally as required and throws an error if this refresh token has already expired.
Returns
Promise
<void
>