WIP:refresh token flow modification

Signed-off-by: shitrerohit <[email protected]>

Author: shitrerohit

apps/user/interfaces/user.interface.ts

@@ -192,6 +192,13 @@ export interface ISession {
   sessionType?: string;
 }
 
+export interface IUpdateAccountDetails {
+  accessToken: string;
+  refreshToken?: string;
+  expiresAt: number;
+  accountId: string;
+}
+
 export interface ISessionDetails extends ISession {
   id: string;
   createdAt: Date;

apps/user/repositories/user.repository.ts

@@ -5,6 +5,7 @@ import {
   ISendVerificationEmail,
   ISession,
   IShareUserCertificate,
+  IUpdateAccountDetails,
   IUserDeletedActivity,
   IUserInformation,
   IUsersProfile,
@@ -724,6 +725,38 @@ export class UserRepository {
     }
   }
 
+  async fetchAccountByRefreshToken(userId: string, refreshToken: string): Promise<account> {
+    try {
+      return await this.prisma.account.findUnique({
+        where: {
+          userId,
+          refreshToken
+        }
+      });
+    } catch (error) {
+      this.logger.error(`Error in getting account details: ${error.message} `);
+      throw error;
+    }
+  }
+
+  async updateAccountDetailsById(accountDetails: IUpdateAccountDetails): Promise<account> {
+    try {
+      return await this.prisma.account.update({
+        where: {
+          id: accountDetails.accountId
+        },
+        data: {
+          accessToken: accountDetails.accessToken,
+          refreshToken: accountDetails.refreshToken,
+          expiresAt: accountDetails.expiresAt
+        }
+      });
+    } catch (error) {
+      this.logger.error(`Error in getting account details: ${error.message} `);
+      throw error;
+    }
+  }
+
   async updateAccountDetails(accountDetails: ISession): Promise<account> {
     try {
       const userAccountDetails = await this.prisma.account.update({
@@ -980,4 +1013,18 @@ export class UserRepository {
       throw error;
     }
   }
+
+  async deleteSessionRecordByRefreshToken(refreshToken: string): Promise<session> {
+    try {
+      const userSession = await this.prisma.session.delete({
+        where: {
+          refreshToken
+        }
+      });
+      return userSession;
+    } catch (error) {
+      this.logger.error(`Error in logging out user: ${error.message}`);
+      throw error;
+    }
+  }
 }

apps/user/src/user.service.ts

@@ -41,7 +41,8 @@ import {
   IEcosystemConfig,
   IUserForgotPassword,
   ISessionDetails,
-  ISessions
+  ISessions,
+  IUpdateAccountDetails
 } from '../interfaces/user.interface';
 import { AcceptRejectInvitationDto } from '../dtos/accept-reject-invitation.dto';
 import { UserActivityService } from '@credebl/user-activity';
@@ -545,11 +546,50 @@ export class UserService {
       try {
         const data = jwt.decode(refreshToken) as jwt.JwtPayload;
         const userByKeycloakId = await this.userRepository.getUserByKeycloakId(data?.sub);
+        this.logger.debug(`User details::;${JSON.stringify(userByKeycloakId)}`);
         const tokenResponse = await this.clientRegistrationService.getAccessToken(
           refreshToken,
           userByKeycloakId?.['clientId'],
           userByKeycloakId?.['clientSecret']
         );
+        this.logger.debug(`tokenResponse::::${JSON.stringify(tokenResponse)}`);
+        // Fetch the details from account table based on userid and refresh token
+        const userAccountDetails = await this.userRepository.fetchAccountByRefreshToken(
+          userByKeycloakId?.['id'],
+          refreshToken
+        );
+        // Update the account details with latest access token, refresh token and exp date
+        if (!userAccountDetails) {
+          throw new NotFoundException(ResponseMessages.user.error.userAccountNotFound);
+        }
+        const updateAccountDetails: IUpdateAccountDetails = {
+          accessToken: tokenResponse.access_token,
+          // refreshToken: tokenResponse.refresh_token,
+          expiresAt: tokenResponse.expires_in,
+          accountId: userAccountDetails.id
+        };
+        const updateAccountDetailsResponse = await this.userRepository.updateAccountDetailsById(updateAccountDetails);
+        // Delete the preveious session record and create new one
+        if (!updateAccountDetailsResponse) {
+          throw new InternalServerErrorException(ResponseMessages.user.error.errorInUpdateAccountDetails);
+        }
+        const deletePreviousSession = await this.userRepository.deleteSessionRecordByRefreshToken(refreshToken);
+        if (!deletePreviousSession) {
+          throw new InternalServerErrorException(ResponseMessages.user.error.errorInDeleteSession);
+        }
+        const sessionData = {
+          sessionToken: tokenResponse.access_token,
+          userId: userByKeycloakId?.['id'],
+          expires: tokenResponse.expires_in,
+          // refreshToken: tokenResponse.refresh_token,
+          sessionType: SessionType.USER_SESSION,
+          accountId: updateAccountDetailsResponse.id
+        };
+        const addSessionDetails = await this.userRepository.createSession(sessionData);
+        if (!addSessionDetails) {
+          throw new InternalServerErrorException(ResponseMessages.user.error.errorInSessionCreation);
+        }
+
         return tokenResponse;
       } catch (error) {
         throw new BadRequestException(ResponseMessages.user.error.invalidRefreshToken);

libs/common/src/response-messages/index.ts

@@ -66,7 +66,11 @@ export const ResponseMessages = {
       invalidResetLink: 'Invalid or expired reset password link',
       invalidAccessToken: 'Authentication failed',
       invalidRefreshToken: 'Invalid refreshToken provided',
-      userOrgsLimit: 'Limit reached: You can be associated with or create maximum 10 organizations.'
+      userOrgsLimit: 'Limit reached: You can be associated with or create maximum 10 organizations.',
+      errorInUpdateAccountDetails: 'Error in updating the account details',
+      errorInDeleteSession: 'Error in deleting the session',
+      errorInSessionCreation: 'Error in create session',
+      userAccountNotFound: 'User account not found'
     }
   },
   organisation: {