Add way for users to listen for accessToken changes (#21)

* Add way for users to listen for accessToken changes

Right now you can only listen for changes to the logged in state.
This adds a second observer option where you can listen for any
changes made to the access token.

* Renamed class version of org type for consistency

* Explicitly specify user fields

Author: andrew-propelauth

package.json

@@ -5,7 +5,7 @@
     "type": "git",
     "url": "https://github.com/PropelAuth/javascript"
   },
-  "version": "2.0.8",
+  "version": "2.0.10",
   "keywords": [
     "auth",
     "user",

src/api.ts

@@ -1,7 +1,7 @@
 import { AccessHelper, getAccessHelper } from "./access_helper"
 import { OrgIdToOrgMemberInfo } from "./org"
 import { getOrgHelper, OrgHelper } from "./org_helper"
-import { UserClass } from "./user"
+import { convertOrgIdToOrgMemberInfo, UserClass } from "./user"
 
 export type User = {
     userId: string
@@ -19,6 +19,7 @@ export type User = {
     locked: boolean
     enabled: boolean
     mfaEnabled: boolean
+    canCreateOrgs: boolean
 
     createdAt: number
     lastActiveAt: number
@@ -107,7 +108,8 @@ function parseResponse(res: Response): Promise<AuthenticationInfo> {
     return res.text().then(
         (httpResponse) => {
             try {
-                return parseJsonConvertingSnakeToCamel(httpResponse)
+                const authInfoWithoutUserClass = parseJsonConvertingSnakeToCamel(httpResponse)
+                return withExtraArgs(authInfoWithoutUserClass)
             } catch (e) {
                 console.error("Unable to process authentication response", e)
                 return Promise.reject({
@@ -148,8 +150,6 @@ export function parseJsonConvertingSnakeToCamel(str: string): AuthenticationInfo
             this.expiresAtSeconds = value
         } else if (key === "org_id_to_org_member_info") {
             this.orgIdToOrgMemberInfo = value
-            this.orgHelper = getOrgHelper(value)
-            this.accessHelper = getAccessHelper(value)
         } else if (key === "user_id") {
             this.userId = value
         } else if (key === "email_confirmed") {
@@ -164,6 +164,8 @@ export function parseJsonConvertingSnakeToCamel(str: string): AuthenticationInfo
             this.mfaEnabled = value
         } else if (key === "has_password") {
             this.hasPassword = value
+        } else if (key === "can_create_orgs") {
+            this.canCreateOrgs = value
         } else if (key === "created_at") {
             this.createdAt = value
         } else if (key === "last_active_at") {
@@ -178,6 +180,32 @@ export function parseJsonConvertingSnakeToCamel(str: string): AuthenticationInfo
     })
 }
 
+function withExtraArgs(authInfoWithoutExtraArgs: AuthenticationInfo): Promise<AuthenticationInfo> {
+    if (authInfoWithoutExtraArgs.orgIdToOrgMemberInfo) {
+        authInfoWithoutExtraArgs.orgHelper = getOrgHelper(authInfoWithoutExtraArgs.orgIdToOrgMemberInfo)
+        authInfoWithoutExtraArgs.accessHelper = getAccessHelper(authInfoWithoutExtraArgs.orgIdToOrgMemberInfo)
+    }
+    authInfoWithoutExtraArgs.userClass = new UserClass(
+        {
+            userId: authInfoWithoutExtraArgs.user.userId,
+            email: authInfoWithoutExtraArgs.user.email,
+            createdAt: authInfoWithoutExtraArgs.user.createdAt,
+            firstName: authInfoWithoutExtraArgs.user.firstName,
+            lastName: authInfoWithoutExtraArgs.user.lastName,
+            username: authInfoWithoutExtraArgs.user.username,
+            properties: authInfoWithoutExtraArgs.user.properties,
+            pictureUrl: authInfoWithoutExtraArgs.user.pictureUrl,
+            hasPassword: authInfoWithoutExtraArgs.user.hasPassword,
+            hasMfaEnabled: authInfoWithoutExtraArgs.user.mfaEnabled,
+            canCreateOrgs: authInfoWithoutExtraArgs.user.canCreateOrgs,
+            legacyUserId: authInfoWithoutExtraArgs.user.legacyUserId,
+            impersonatorUserId: authInfoWithoutExtraArgs.impersonatorUserId,
+        },
+        convertOrgIdToOrgMemberInfo(authInfoWithoutExtraArgs.orgIdToOrgMemberInfo)
+    )
+    return Promise.resolve(authInfoWithoutExtraArgs)
+}
+
 function logCorsError() {
     console.error(
         "Request to PropelAuth failed due to a CORS error. There are a few likely causes: \n" +

src/client.ts

@@ -1,10 +1,10 @@
-import {AuthenticationInfo, fetchAuthenticationInfo, logout} from "./api"
-import {currentTimeSeconds, getLocalStorageNumber, hasLocalStorage, hasWindow} from "./helpers"
+import { AuthenticationInfo, fetchAuthenticationInfo, logout } from "./api"
+import { currentTimeSeconds, getLocalStorageNumber, hasLocalStorage, hasWindow } from "./helpers"
 
 const LOGGED_IN_AT_KEY = "__PROPEL_AUTH_LOGGED_IN_AT"
 const LOGGED_OUT_AT_KEY = "__PROPEL_AUTH_LOGGED_OUT_AT"
-const AUTH_TOKEN_REFRESH_BEFORE_EXPIRATION_SECONDS = 4 * 60
-const DEBOUNCE_DURATION_FOR_REFOCUS_SECONDS = 4 * 60
+const AUTH_TOKEN_REFRESH_BEFORE_EXPIRATION_SECONDS = 10 * 60
+const DEBOUNCE_DURATION_FOR_REFOCUS_SECONDS = 60
 
 export interface RedirectToSignupOptions {
     postSignupRedirectUrl: string
@@ -95,7 +95,6 @@ export interface IAuthClient {
      */
     redirectToSetupSAMLPage(orgId: string): void
 
-
     /**
      * Adds an observer which is called whenever the users logs in or logs out.
      */
@@ -106,6 +105,16 @@ export interface IAuthClient {
      */
     removeLoggedInChangeObserver(observer: (isLoggedIn: boolean) => void): void
 
+    /**
+     * Adds an observer which is called whenever the access token changes.
+     */
+    addAccessTokenChangeObserver(observer: (accessToken: string | undefined) => void): void
+
+    /**
+     * Removes the observer
+     */
+    removeAccessTokenChangeObserver(observer: (accessToken: string | undefined) => void): void
+
     /**
      * Cleanup the auth client if you no longer need it.
      */
@@ -131,6 +140,7 @@ interface ClientState {
     initialLoadFinished: boolean
     authenticationInfo: AuthenticationInfo | null
     observers: ((isLoggedIn: boolean) => void)[]
+    accessTokenObservers: ((accessToken: string | undefined) => void)[]
     lastLoggedInAtMessage: number | null
     lastLoggedOutAtMessage: number | null
     refreshInterval: number | null
@@ -161,6 +171,7 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
         initialLoadFinished: false,
         authenticationInfo: null,
         observers: [],
+        accessTokenObservers: [],
         lastLoggedInAtMessage: getLocalStorageNumber(LOGGED_IN_AT_KEY),
         lastLoggedOutAtMessage: getLocalStorageNumber(LOGGED_OUT_AT_KEY),
         authUrl: authOptions.authUrl,
@@ -178,6 +189,15 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
         }
     }
 
+    function notifyObserversOfAccessTokenChange(accessToken: string | undefined) {
+        for (let i = 0; i < clientState.accessTokenObservers.length; i++) {
+            const observer = clientState.accessTokenObservers[i]
+            if (observer) {
+                observer(accessToken)
+            }
+        }
+    }
+
     function userJustLoggedOut(accessToken: string | undefined, previousAccessToken: string | undefined) {
         // Edge case: the first time we go to the page, if we can't load the
         //   auth token we should treat it as a logout event
@@ -217,6 +237,10 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
             updateLastLoggedInAt()
         }
 
+        if (previousAccessToken !== accessToken) {
+            notifyObserversOfAccessTokenChange(accessToken)
+        }
+
         clientState.lastRefresh = currentTimeSeconds()
         clientState.initialLoadFinished = true
     }
@@ -242,17 +266,17 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
     const getSignupPageUrl = (options?: RedirectToSignupOptions) => {
         let qs = ""
         if (options && options.postSignupRedirectUrl) {
-            const encode = window ? window.btoa : btoa;
-            qs = new URLSearchParams({"rt": encode(options.postSignupRedirectUrl)}).toString()
+            const encode = window ? window.btoa : btoa
+            qs = new URLSearchParams({ rt: encode(options.postSignupRedirectUrl) }).toString()
         }
         return `${clientState.authUrl}/signup?${qs}`
     }
 
     const getLoginPageUrl = (options?: RedirectToLoginOptions) => {
         let qs = ""
         if (options && options.postLoginRedirectUrl) {
-            const encode = window ? window.btoa : btoa;
-            qs = new URLSearchParams({"rt": encode(options.postLoginRedirectUrl)}).toString()
+            const encode = window ? window.btoa : btoa
+            qs = new URLSearchParams({ rt: encode(options.postLoginRedirectUrl) }).toString()
         }
         return `${clientState.authUrl}/login?${qs}`
     }
@@ -298,6 +322,26 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
             }
         },
 
+        addAccessTokenChangeObserver(observer: (accessToken: string | undefined) => void) {
+            const hasObserver = clientState.accessTokenObservers.includes(observer)
+            if (hasObserver) {
+                console.error("Observer has been attached already.")
+            } else if (!observer) {
+                console.error("Cannot add a null observer")
+            } else {
+                clientState.accessTokenObservers.push(observer)
+            }
+        },
+
+        removeAccessTokenChangeObserver(observer: (accessToken: string | undefined) => void) {
+            const observerIndex = clientState.accessTokenObservers.indexOf(observer)
+            if (observerIndex === -1) {
+                console.error("Cannot find observer to remove")
+            } else {
+                clientState.accessTokenObservers.splice(observerIndex, 1)
+            }
+        },
+
         async getAuthenticationInfoOrNull(forceRefresh?: boolean): Promise<AuthenticationInfo | null> {
             const currentTimeSecs = currentTimeSeconds()
             if (forceRefresh) {
@@ -375,6 +419,7 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
 
         destroy() {
             clientState.observers = []
+            clientState.accessTokenObservers = []
             window.removeEventListener("storage", onStorageChange)
             if (clientState.refreshInterval) {
                 clearInterval(clientState.refreshInterval)
@@ -412,7 +457,10 @@ export function createClient(authOptions: IAuthOptions): IAuthClient {
     // If we were offline or on a different tab, when we return, refetch auth info
     // Some browsers trigger focus more often than we'd like, so we'll debounce a little here as well
     const onOnlineOrFocus = async function () {
-        if (clientState.lastRefresh && currentTimeSeconds() > clientState.lastRefresh + DEBOUNCE_DURATION_FOR_REFOCUS_SECONDS) {
+        if (
+            clientState.lastRefresh &&
+            currentTimeSeconds() > clientState.lastRefresh + DEBOUNCE_DURATION_FOR_REFOCUS_SECONDS
+        ) {
             await forceRefreshToken(true)
         } else {
             await client.getAuthenticationInfoOrNull()

src/index.ts

@@ -2,9 +2,9 @@ export type { AccessHelper, AccessHelperWithOrg } from "./access_helper"
 export type { AuthenticationInfo, User } from "./api"
 export { createClient } from "./client"
 export type { IAuthClient, IAuthOptions, RedirectToLoginOptions, RedirectToSignupOptions } from "./client"
+export { ACTIVE_ORG_ID_COOKIE_NAME } from "./cookies"
 export { getActiveOrgId, setActiveOrgId } from "./org"
 export type { OrgIdToOrgMemberInfo, OrgMemberInfo } from "./org"
 export type { OrgHelper } from "./org_helper"
-export type { OrgIdToUserOrgInfo } from "./user"
-export { UserClass, UserOrgInfo } from "./user"
-
+export { OrgMemberInfoClass, UserClass } from "./user"
+export type { OrgIdToOrgMemberInfoClass, UserFields, UserProperties } from "./user"

src/user.test.ts

@@ -1,6 +1,6 @@
-import { UserClass, UserOrgInfo } from "./user"
+import { UserClass, OrgMemberInfoClass } from "./user"
 
-const mockUserOrgInfo = new UserOrgInfo(
+const mockUserOrgInfo = new OrgMemberInfoClass(
     "mockOrgId",
     "Mock Org Name",
     {},
@@ -95,8 +95,8 @@ describe("User", () => {
             expect(mockUserOrgInfo.hasAllPermissions(["user::create", "user::update"])).toEqual(false)
         })
         it("should parse a org member info from JSON string", () => {
-            expect(UserOrgInfo.fromJSON(JSON.stringify(mockUserOrgInfo))).toEqual(mockUserOrgInfo)
-            expect(() => UserOrgInfo.fromJSON("invalid json")).toThrowError()
+            expect(OrgMemberInfoClass.fromJSON(JSON.stringify(mockUserOrgInfo))).toEqual(mockUserOrgInfo)
+            expect(() => OrgMemberInfoClass.fromJSON("invalid json")).toThrowError()
         })
     })
 })