fix(*): use utc for expiration times

71847cf3 · Alexandros Georgantas · Yannis Barlas · 60252d2c · 71847cf3 · 71847cf3
Commit 71847cf3 authored 1 year ago by Alexandros Georgantas Committed by Yannis Barlas 1 year ago
--- a/src/helpers.js
+++ b/src/helpers.js
@@ -271,10 +271,6 @@ const handleImageVersionsCreation = async (
  }
 }

-const getExpirationTime = secondsFromNow => {
-  return new Date(new Date().getTime() + 1000 * parseInt(secondsFromNow, 10))
-}
-
 module.exports = {
  convertFileStreamIntoBuffer,
  getFileExtension,
@@ -282,5 +278,4 @@ module.exports = {
  writeFileFromStream,
  handleUnsupportedImageFormats,
  handleImageVersionsCreation,
-  getExpirationTime,
 }
--- a/src/models/identity/identity.controller.js
+++ b/src/models/identity/identity.controller.js
@@ -2,7 +2,7 @@ const logger = require('@pubsweet/logger')

 const axios = require('axios')
 const config = require('config')
-const { getExpirationTime } = require('../../helpers')
+const { getExpirationTime } = require('../../utils/tokens')

 const Identity = require('./identity.model')


--- a/src/utils/__tests__/authenticatedCall.test.js
+++ b/src/utils/__tests__/authenticatedCall.test.js
 const axios = require('axios')
 const { authenticatedCall } = require('../authenticatedCall')

-jest.mock('../getAuthTokens.js', () => {
-  return jest.fn(() => 'token')
+jest.mock('../tokens', () => {
+  return {
+    getAuthTokens: jest.fn(() => 'token'),
+  }
 })

 jest.mock('axios')

--- a/src/utils/__tests__/microservices.test.js
+++ b/src/utils/__tests__/microservices.test.js
@@ -2,8 +2,10 @@ const axios = require('axios')

 const { callMicroservice } = require('../microservices')

-jest.mock('../getAccessToken', () => {
-  return jest.fn(() => 'token')
+jest.mock('../tokens', () => {
+  return {
+    getAccessToken: jest.fn(() => 'token'),
+  }
 })

 jest.mock('axios')

--- a/src/utils/authenticatedCall.js
+++ b/src/utils/authenticatedCall.js
 const makeCall = require('./makeCall')
-const getAuthTokens = require('./getAuthTokens')
+const { getAuthTokens } = require('./tokens')

 const authenticatedCall = async (userId, providerLabel, callParameters) => {
  try {

--- a/src/utils/getAuthTokens.js
+++ b/src/utils/getAuthTokens.js
-const config = require('config')
-const axios = require('axios')
-
-const { Identity } = require('../models')
-const { getExpirationTime } = require('../helpers')
-
-const getAuthTokens = async (userId, providerLabel) => {
-  try {
-    const providerUserIdentity = await Identity.findOne({
-      userId,
-      provider: providerLabel,
-    })
-
-    if (!providerUserIdentity) {
-      throw new Error(`identity for provider ${providerLabel} does not exist`)
-    }
-
-    const {
-      oauthAccessToken,
-      oauthAccessTokenExpiration,
-      oauthRefreshToken,
-      oauthRefreshTokenExpiration,
-    } = providerUserIdentity
-
-    const accessTokenExpired = oauthAccessTokenExpiration < new Date().getTime()
-
-    if (!accessTokenExpired) {
-      return oauthAccessToken
-    }
-
-    const refreshTokenExpired =
-      oauthRefreshTokenExpiration < new Date().getTime()
-
-    if (refreshTokenExpired) {
-      throw new Error(
-        `refresh token for provider ${providerLabel} expired, authorization flow should (provider login) be followed by the user`,
-      )
-    }
-
-    const integrations =
-      config.has('integrations') && config.get('integrations')
-
-    if (!integrations) {
-      throw new Error('Integrations are undefined in config')
-    }
-
-    const externalProvider = integrations[providerLabel]
-
-    if (!externalProvider) {
-      throw new Error(
-        `Integration ${providerLabel} configuration is undefined `,
-      )
-    }
-
-    const { tokenUrl, clientId } = integrations[providerLabel]
-
-    if (!tokenUrl) {
-      throw new Error(`Integration ${providerLabel} tokenUrl is undefined `)
-    }
-
-    if (!clientId) {
-      throw new Error(`Integration ${providerLabel} clientId is undefined `)
-    }
-
-    const tokenData = new URLSearchParams({
-      grant_type: 'refresh_token',
-      refresh_token: oauthRefreshToken,
-      client_id: clientId,
-    })
-
-    const { data } = await axios({
-      method: 'post',
-      url: tokenUrl,
-      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
-      data: tokenData.toString(),
-    })
-
-    /* eslint-disable camelcase */
-    const { access_token, expires_in, refresh_token, refresh_expires_in } = data
-
-    if (!access_token || !expires_in || !refresh_token || !refresh_expires_in) {
-      throw new Error('Missing data from response!')
-    }
-
-    await Identity.patchAndFetchById(providerUserIdentity.id, {
-      oauthAccessToken: access_token,
-      oauthRefreshToken: refresh_token,
-      oauthAccessTokenExpiration: getExpirationTime(expires_in),
-      oauthRefreshTokenExpiration: getExpirationTime(refresh_expires_in),
-    })
-
-    return access_token
-    /* eslint-enable camelcase */
-  } catch (e) {
-    throw new Error(e)
-  }
-}
-
-module.exports = getAuthTokens
--- a/src/utils/microservices.js
+++ b/src/utils/microservices.js
 const makeCall = require('./makeCall')

-const getAccessToken = require('./getAccessToken')
+const { getAccessToken } = require('./tokens')

 /**
 * Calls given microservice, while taking care of authentication for you.

--- a/src/utils/getAccessToken.js
+++ b/src/utils/getAccessToken.js
 const get = require('lodash/get')
 const config = require('config')
 const axios = require('axios')
+const moment = require('moment')

-const { ServiceCredential } = require('../models')
+const { Identity, ServiceCredential } = require('../models')
+
+const getAuthTokens = async (userId, providerLabel) => {
+  const data = requestTokensFromProvider(userId, providerLabel, {
+    checkAccessToken: true,
+    returnAccessToken: true,
+  })
+
+  /* eslint-disable camelcase */
+  const { access_token } = data
+
+  return access_token
+  /* eslint-enable camelcase */
+}
+
+const getExpirationTime = secondsFromNow => {
+  return moment().utc().add(secondsFromNow, 'seconds').toDate()
+}
+
+const requestTokensFromProvider = async (
+  userId,
+  providerLabel,
+  options = {},
+) => {
+  const { checkAccessToken, returnAccessToken } = options
+
+  const providerUserIdentity = await Identity.findOne({
+    userId,
+    provider: providerLabel,
+  })
+
+  if (!providerUserIdentity) {
+    throw new Error(`identity for provider ${providerLabel} does not exist`)
+  }
+
+  const {
+    oauthAccessToken,
+    oauthAccessTokenExpiration,
+    oauthRefreshToken,
+    oauthRefreshTokenExpiration,
+  } = providerUserIdentity
+
+  const UTCNowTimestamp = moment().utc().toDate().getTime()
+
+  if (checkAccessToken) {
+    const accessTokenExpired =
+      oauthAccessTokenExpiration.getTime() < UTCNowTimestamp
+
+    if (!accessTokenExpired) {
+      return oauthAccessToken
+    }
+  }
+
+  const refreshTokenExpired =
+    oauthRefreshTokenExpiration.getTime() < UTCNowTimestamp
+
+  if (refreshTokenExpired) {
+    throw new Error(
+      `refresh token for provider ${providerLabel} expired, authorization flow should (provider login) be followed by the user`,
+    )
+  }
+
+  const integrations = config.has('integrations') && config.get('integrations')
+
+  if (!integrations) {
+    throw new Error('Integrations are undefined in config')
+  }
+
+  const externalProvider = integrations[providerLabel]
+
+  if (!externalProvider) {
+    throw new Error(`Integration ${providerLabel} configuration is undefined `)
+  }
+
+  const { tokenUrl, clientId } = integrations[providerLabel]
+
+  if (!tokenUrl) {
+    throw new Error(`Integration ${providerLabel} tokenUrl is undefined `)
+  }
+
+  if (!clientId) {
+    throw new Error(`Integration ${providerLabel} clientId is undefined `)
+  }
+
+  const tokenData = new URLSearchParams({
+    grant_type: 'refresh_token',
+    refresh_token: oauthRefreshToken,
+    client_id: clientId,
+  })
+
+  const { data } = await axios({
+    method: 'post',
+    url: tokenUrl,
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+    data: tokenData.toString(),
+  })
+
+  /* eslint-disable camelcase */
+  const { access_token, expires_in, refresh_token, refresh_expires_in } = data
+
+  if (!access_token || !expires_in || !refresh_token || !refresh_expires_in) {
+    throw new Error('Missing data from response!')
+  }
+
+  await Identity.patchAndFetchById(providerUserIdentity.id, {
+    oauthAccessToken: access_token,
+    oauthRefreshToken: refresh_token,
+    oauthAccessTokenExpiration: getExpirationTime(expires_in),
+    oauthRefreshTokenExpiration: getExpirationTime(refresh_expires_in),
+  })
+
+  if (returnAccessToken) {
+    return access_token
+  }
+
+  return true
+}
+
+const renewAuthTokens = async (userId, providerLabel) =>
+  requestTokensFromProvider(userId, providerLabel)

 const getAccessToken = async (serviceName, renew = false) => {
  try {
@@ -98,4 +218,9 @@ const getAccessToken = async (serviceName, renew = false) => {
  }
 }

-module.exports = getAccessToken
+module.exports = {
+  getAuthTokens,
+  getAccessToken,
+  renewAuthTokens,
+  getExpirationTime,
+}