fix: make doesSessionExist refresh if front-token expired (#176)

Author: porcellus

CHANGELOG.md

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [14.0.3] - 2022-11-24
+
+### Fixes
+
+- doesSessionExist now refreshes the session if it detects an expired access token
+
 ## [14.0.2] - 2022-10-24
 
 ### Fixes

bundle/bundle.js

@@ -824,8 +824,7 @@ function parseFrontToken(frontToken: string): { uid: string; ate: number; up: an
 
 export async function getFrontToken(): Promise<string | null> {
     logDebugMessage("getFrontToken: called");
-    // we do not call doesSessionExist here cause the user might override that
-    // function here and then it may break the logic of our original implementation.
+    // we do not call doesSessionExist here because that directly calls this function.
     if (!((await getIdRefreshToken(true)).status === "EXISTS")) {
         logDebugMessage("getFrontToken: Returning because sIRTFrontend != EXISTS");
         return null;

lib/build/fetch.js

@@ -7,7 +7,7 @@ import {
     ClaimValidationError,
     ResponseWithBody
 } from "./types";
-import AuthHttpRequest, { FrontToken, getIdRefreshToken } from "./fetch";
+import AuthHttpRequest, { FrontToken, getIdRefreshToken, onUnauthorisedResponse } from "./fetch";
 import { interceptorFunctionRequestFulfilled, responseInterceptor, responseErrorInterceptor } from "./axios";
 import { supported_fdi } from "./version";
 import { logDebugMessage } from "./logger";
@@ -97,7 +97,24 @@ export default function RecipeImplementation(recipeImplInput: {
         },
         doesSessionExist: async function(_: { userContext: any }): Promise<boolean> {
             logDebugMessage("doesSessionExist: called");
-            return (await getIdRefreshToken(true)).status === "EXISTS";
+
+            const tokenInfo = await FrontToken.getTokenInfo();
+
+            // The above includes getIdRefreshToken(true), which would call refresh if the FE cookies were cleared for some reason
+            if (tokenInfo === undefined) {
+                logDebugMessage("doesSessionExist: access token does not exist locally");
+                return false;
+            }
+
+            if (tokenInfo.ate < Date.now()) {
+                logDebugMessage("doesSessionExist: access token expired. Refreshing session");
+
+                const preRequestIdToken = await getIdRefreshToken(false);
+                const refresh = await onUnauthorisedResponse(preRequestIdToken);
+                return refresh.result === "RETRY";
+            }
+
+            return true;
         },
         signOut: async function(input: { userContext: any }): Promise<void> {
             logDebugMessage("signOut: called");

lib/build/recipeImplementation.js

@@ -12,6 +12,6 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const package_version = "14.0.2";
+export const package_version = "14.0.3";
 
 export const supported_fdi = ["1.8", "1.9", "1.10", "1.11", "1.12", "1.13", "1.14", "1.15"];