feat(js): implement fetchTokenByRefreshToken

packages/js/package.json

@@ -18,7 +18,7 @@
     "report": "WITH_REPORT=true npm run package"
   },
   "dependencies": {
-    "@silverhand/essentials": "^1.1.4",
+    "@silverhand/essentials": "^1.1.5",
     "jose": "^4.3.8",
     "js-base64": "^3.7.2",
     "lodash.get": "^4.4.2",
@@ -43,6 +43,7 @@
     "text-encoder": "^0.0.4",
     "ts-jest": "^27.0.4",
     "ts-loader": "^9.2.6",
+    "type-fest": "^2.10.0",
     "typescript": "^4.3.5",
     "webpack": "^5.58.2",
     "webpack-bundle-analyzer": "^4.5.0",

packages/js/src/consts/index.ts

@@ -0,0 +1,3 @@
+export const ContentType = {
+  formUrlEncoded: { 'Content-Type': 'application/x-www-form-urlencoded' },
+};

packages/js/src/core/fetch-token.test.ts

@@ -0,0 +1,40 @@
+import { conditional, isNode } from '@silverhand/essentials';
+
+import { fetchTokenByRefreshToken, RefreshTokenTokenResponse } from './fetch-token';
+
+describe('fetch access token by providing valid refresh token', () => {
+  test('get token response', async () => {
+    const mockedOidcResponse = {
+      access_token: 'access_token',
+      refresh_token: 'refresh_token',
+      id_token: 'id_token',
+      scope: 'read register manage',
+      expires_in: 3600,
+    };
+
+    const expectedTokenResponse: RefreshTokenTokenResponse = {
+      accessToken: 'access_token',
+      refreshToken: 'refresh_token',
+      idToken: 'id_token',
+      scope: ['read', 'register', 'manage'],
+      expiresIn: 3600,
+    };
+
+    const fetchFunction = jest.fn().mockResolvedValue({
+      ok: true,
+      json: async () => mockedOidcResponse,
+    });
+
+    const tokenResponse = await fetchTokenByRefreshToken(
+      {
+        clientId: 'client_id',
+        tokenEndPoint: 'https://logto.dev/oidc/token',
+        refreshToken: 'refresh_token',
+        scope: ['read', 'register', 'manage'],
+      },
+      conditional(isNode() && fetchFunction)
+    );
+
+    expect(tokenResponse).toMatchObject(expectedTokenResponse);
+  });
+});

packages/js/src/core/fetch-token.ts

@@ -0,0 +1,64 @@
+import { KeysToCamelCase } from '@silverhand/essentials';
+import { string, number, assert, type, optional, Infer } from 'superstruct';
+import { Except } from 'type-fest';
+
+import { ContentType } from '../consts';
+import { createRequester } from '../utils/requester';
+
+export interface FetchTokenByRefreshTokenParameters {
+  clientId: string;
+  tokenEndPoint: string;
+  refreshToken: string;
+  resource?: string;
+  scope?: string[];
+}
+
+const TokenResponseSchema = type({
+  access_token: string(),
+  refresh_token: string(),
+  id_token: string(),
+  scope: optional(string()),
+  expires_in: number(),
+});
+
+export type RefreshTokenTokenResponse = Except<
+  KeysToCamelCase<Infer<typeof TokenResponseSchema>>,
+  'scope'
+> & {
+  scope?: string[];
+};
+
+export const fetchTokenByRefreshToken = async (
+  { clientId, tokenEndPoint, refreshToken, resource, scope }: FetchTokenByRefreshTokenParameters,
+  fetchFunction?: typeof fetch
+): Promise<RefreshTokenTokenResponse> => {
+  const parameters = new URLSearchParams();
+  parameters.append('client_id', clientId);
+  parameters.append('refresh_token', refreshToken);
+
+  if (resource) {
+    parameters.append('resource', resource);
+  }
+
+  if (scope?.length) {
+    parameters.append('scope', scope.join(' '));
+  }
+
+  const requester = createRequester(fetchFunction);
+  const response = await requester(tokenEndPoint, {
+    method: 'POST',
+    headers: ContentType.formUrlEncoded,
+    body: parameters,
+  });
+
+  assert(response, TokenResponseSchema);
+  const { access_token, refresh_token, id_token, scope: response_scope, expires_in } = response;
+
+  return {
+    accessToken: access_token,
+    refreshToken: refresh_token,
+    idToken: id_token,
+    scope: response_scope?.split(' '),
+    expiresIn: expires_in,
+  };
+};