Stores access token and refresh token obtained at login

Author: simonbs

__test__/auth/CompositeOAuthTokenRepository.test.ts

@@ -0,0 +1,7 @@
+export default (str: string) => {
+  const num = parseInt(str, 10)
+  if (isNaN(num) || str.trim() !== num.toString()) {
+    return undefined
+  }
+  return num
+}

src/common/utils/saneParseInt.ts

@@ -29,8 +29,8 @@ import {
   AccountProviderTypeBasedOAuthTokenRefresher,
   AuthjsAccountsOAuthTokenRepository,
   CompositeLogOutHandler,
-  CompositeOAuthTokenRepository,
   ErrorIgnoringLogOutHandler,
+  FallbackOAuthTokenRepository,
   GitHubOrganizationSessionValidator,
   GuestOAuthTokenDataSource,
   GuestOAuthTokenRefresher,
@@ -92,18 +92,16 @@ const pool = new Pool({
 
 const db = new PostgreSQLDB({ pool })
 
-const oauthTokenRepository = new CompositeOAuthTokenRepository({
-  oAuthTokenRepositories: [
-    new OAuthTokenRepository({ db, provider: "github" }),
-    new AuthjsAccountsOAuthTokenRepository({ db, provider: "github" })
-  ]
+const oauthTokenRepository = new FallbackOAuthTokenRepository({
+  primaryRepository: new OAuthTokenRepository({ db, provider: "github" }),
+  secondaryRepository: new AuthjsAccountsOAuthTokenRepository({ db, provider: "github" })
 })
 
 const userRepository: IUserRepository = new DbUserRepository({ db })
 
 export const guestRepository: IGuestRepository = new DbGuestRepository({ db })
 
-const logInHandler = new LogInHandler({ userRepository, guestRepository })
+const logInHandler = new LogInHandler({ userRepository, guestRepository, oauthTokenRepository })
 
 // Must be a verified email in AWS SES.
 const fromEmail = FROM_EMAIL || "Shape Docs <[email protected]>"

src/composition.ts

@@ -1,24 +1,29 @@
 import { ILogInHandler, IUser, IAccount, IEmail } from "."
 import { IGuestRepository, IUserRepository } from "@/features/admin/domain"
+import { IOAuthTokenRepository } from "../oauth-token"
+import saneParseInt from "@/common/utils/saneParseInt"
 
 export default class LogInHandler implements ILogInHandler {
   private readonly userRepository: IUserRepository
   private readonly guestRepository: IGuestRepository
+  private readonly oauthTokenRepository: IOAuthTokenRepository
 
   constructor(config: {
     userRepository: IUserRepository,
-    guestRepository: IGuestRepository
+    guestRepository: IGuestRepository,
+    oauthTokenRepository: IOAuthTokenRepository
   }) {
     this.userRepository = config.userRepository
     this.guestRepository = config.guestRepository
+    this.oauthTokenRepository = config.oauthTokenRepository
   }
 
   async handleLogIn(user: IUser, account: IAccount | null, email?: IEmail) {
     if (!account) {
       return false
     }
     if (account.provider === "github") {
-      return await this.handleLogInForGitHubUser(account)
+      return await this.handleLogInForGitHubUser(user, account)
     } else if (account.provider === "nodemailer") {
       return await this.handleLogInForGuestUser(user)
     } else {
@@ -27,13 +32,22 @@ export default class LogInHandler implements ILogInHandler {
     }
   }
 
-  private async handleLogInForGitHubUser(account: IAccount) {
-    if (!account.access_token) {
+  private async handleLogInForGitHubUser(user: IUser, account: IAccount) {
+    if (!user.id) {
       return false
     }
-    if (!account.refresh_token) {
+    const accessToken = account.access_token
+    const refreshToken = account.refresh_token
+    if (!accessToken) {
       return false
     }
+    if (!refreshToken) {
+      return false
+    }
+    let userId = saneParseInt(user.id)
+    if (userId) {
+      await this.oauthTokenRepository.set(`${userId}`, { accessToken, refreshToken })
+    }
     return true
   }
 

src/features/auth/domain/log-in/LogInHandler.ts

@@ -8,6 +8,6 @@ export type { default as IOAuthTokenRefresher } from "./refresher/IOAuthTokenRef
 export { default as LockingOAuthTokenRefresher } from "./refresher/LockingOAuthTokenRefresher"
 export { default as PersistingOAuthTokenRefresher } from "./refresher/PersistingOAuthTokenRefresher"
 export { default as AuthjsAccountsOAuthTokenRepository } from "./repository/AuthjsAccountsOAuthTokenRepository"
-export { default as CompositeOAuthTokenRepository } from "./repository/CompositeOAuthTokenRepository"
+export { default as FallbackOAuthTokenRepository } from "./repository/FallbackOAuthTokenRepository"
 export type { default as IOAuthTokenRepository } from "./repository/IOAuthTokenRepository"
 export { default as OAuthTokenRepository } from "./repository/OAuthTokenRepository"

src/features/auth/domain/oauth-token/index.ts

@@ -30,31 +30,7 @@ export default class AuthjsAccountsOAuthTokenRepository implements IOAuthTokenRe
     return { accessToken, refreshToken }
   }
 
-  async set(userId: string, token: OAuthToken): Promise<void> {
-    const query = `
-    UPDATE accounts
-    SET access_token = $3, refresh_token = $4
-    WHERE provider = $1 AND \"userId\" = $2
-    `
-    try {
-      await this.db.query(query, [this.provider, userId, token.accessToken, token.refreshToken])
-    } catch (error) {
-      console.error(error)
-      throw error
-    }
-  }
+  async set(_userId: string, _token: OAuthToken): Promise<void> {}
 
-  async delete(userId: string): Promise<void> {
-    const query = `
-    UPDATE accounts
-    SET access_token = "", refresh_token = ""
-    WHERE provider = $1 AND \"userId\" = $2
-    `
-    try {
-      await this.db.query(query, [this.provider, userId])
-    } catch (error) {
-      console.error(error)
-      throw error
-    }
-  }
+  async delete(_userId: string): Promise<void> {}
 }

src/features/auth/domain/oauth-token/repository/AuthjsAccountsOAuthTokenRepository.ts

@@ -0,0 +1,37 @@
+import { IOAuthTokenRepository, OAuthToken } from ".."
+
+export default class FallbackOAuthTokenRepository implements IOAuthTokenRepository {
+  private readonly primaryRepository: IOAuthTokenRepository
+  private readonly secondaryRepository: IOAuthTokenRepository
+  
+  constructor(config: {
+    primaryRepository: IOAuthTokenRepository,
+    secondaryRepository: IOAuthTokenRepository
+  }) {
+    this.primaryRepository = config.primaryRepository
+    this.secondaryRepository = config.secondaryRepository
+  }
+  
+  async get(userId: string): Promise<OAuthToken> {
+    try {
+      return await this.primaryRepository.get(userId)
+    } catch {
+      // Reading from the primary repository failed so we'll try the secondary repository.
+      // However, we don't know if the error is due to the OAuth token not existing in
+      // the primary repository or some other error occurred.
+      // We might consider changing get(_:) on IOAuthTokenRepository to return null in the
+      // case a token doesn't exist rather than throwing an error.
+      const oauthToken = await this.secondaryRepository.get(userId)
+      await this.primaryRepository.set(userId, oauthToken)
+      return oauthToken
+    }
+  }
+  
+  async set(userId: string, token: OAuthToken): Promise<void> {
+    await this.primaryRepository.set(userId, token)
+  }
+  
+  async delete(userId: string): Promise<void> {
+    await this.primaryRepository.delete(userId)
+  }
+}