Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
beforeEach(() => {
createGraphqlMockServer(xhrMock, {
operationsByTarget: {
mc: mocksForMc.createMockOperations({
FetchLoggedInUser: {
me: new AuthenticationError('User is not authorized'),
},
}),
},
});
});
it('should redirect to "/logout" with reason unauthorized', async () => {
if (!isValidToken) {
throw new AuthenticationError(t('auth:invalidRefresh'));
}
if (!getIdentity) {
throw new AuthenticationError(t('auth:getIdentify'));
}
const identity = await getIdentity(decodedToken.id);
const hash = getHash ? await getHash(decodedToken.id) : '';
const refreshSecret = settings.auth.secret + hash;
try {
jwt.verify(inputRefreshToken, refreshSecret);
} catch (e) {
throw new AuthenticationError(e);
}
const [accessToken, refreshToken] = await createTokens(identity, settings.auth.secret, refreshSecret);
return {
accessToken,
refreshToken
};
}
}
const createTokens = async (identity, secret, refreshSecret, t) => {
if (!identity.id) {
throw new AuthenticationError(t('auth:identityWithoutId'));
}
const createToken = jwt.sign({ identity }, secret, { expiresIn: tokenExpiresIn });
const createRefreshToken = jwt.sign({ id: identity.id }, refreshSecret, { expiresIn: refreshTokenExpiresIn });
return Promise.all([createToken, createRefreshToken]);
};
{ refreshToken: inputRefreshToken },
{
getIdentity,
getHash,
req: { t }
}
) {
const decodedToken = jwt.decode(inputRefreshToken);
const isValidToken = decodedToken && decodedToken.id;
if (!isValidToken) {
throw new AuthenticationError(t('auth:invalidRefresh'));
}
if (!getIdentity) {
throw new AuthenticationError(t('auth:getIdentify'));
}
const identity = await getIdentity(decodedToken.id);
const hash = getHash ? await getHash(decodedToken.id) : '';
const refreshSecret = settings.auth.secret + hash;
try {
jwt.verify(inputRefreshToken, refreshSecret);
} catch (e) {
throw new AuthenticationError(e);
}
const [accessToken, refreshToken] = await createTokens(identity, settings.auth.secret, refreshSecret);
return {
accessToken,
const createContextFunc = async ({ req }) => {
try {
if (req) {
req.identity = req.identity || (await getCurrentIdentity({ req }));
}
} catch (e) {
throw new AuthenticationError(e);
}
};