Added callback isResponseUnauthorized to config

Domagoj Rukavina · Domagoj Rukavina · commit 90d03ecb15db · 2017-06-09T14:05:17.000+02:00
- allows external function to specify whether response should be considered unauthorized
diff --git a/README.md b/README.md
@@ -43,6 +43,11 @@ config: {
   // When set, response which invalidates token will be resolved after the token has been renewed
   // in effect, token will be loaded in sync with response, otherwise renew will run async to response
   shouldWaitForTokenRenewal: boolean,
+  
+  // Checks if response should be considered unauthorized (by default only 401 responses are 
+  // considered unauthorized). Override this method if you need to trigger token renewal for 
+  // other response statuses.
+  isResponseUnauthorized: (response) => boolean,
    
   // (Required) Adds authorization for intercepted requests
   authorizeRequest: (request, accessToken) => authorizedRequest,
diff --git a/src/AccessTokenProvider.js b/src/AccessTokenProvider.js
@@ -1,7 +1,3 @@
-import {
-  isResponseUnauthorized,
-} from './services/http';
-
 /**
  * Provides a way for renewing access token with correct refresh token. It will automatically
  * dispatch a call to server with request provided via config. It also ensures that
@@ -39,7 +35,6 @@ export default class AccessTokenProvider {
   renew() {
     // if token resolver is not authorized it should just resolve
     if (!this.isAuthorized()) {
-      console.warn('Please authorize provider before renewing or check shouldIntercept config.');
       return Promise.resolve();
     }
 
@@ -89,7 +84,7 @@ export default class AccessTokenProvider {
   handleFetchAccessTokenResponse(response) {
     this.renewAccessTokenPromise = null;
 
-    if (isResponseUnauthorized(response)) {
+    if (this.config.isResponseUnauthorized(response)) {
       this.clear();
       return null;
     }
diff --git a/src/FetchInterceptor.js b/src/FetchInterceptor.js
@@ -1,9 +1,7 @@
 import {
   ERROR_INVALID_CONFIG,
 } from './const';
-import {
-  isResponseUnauthorized,
-} from './services/http';
+import * as http from './services/http';
 import TokenExpiredException from './services/TokenExpiredException';
 import RetryCountExceededException from './services/RetryCountExceededException';
 import AccessTokenProvider from './AccessTokenProvider';
@@ -22,6 +20,7 @@ export default class FetchInterceptor {
       createAccessTokenRequest: null,
       shouldIntercept: () => true,
       shouldInvalidateAccessToken: () => false,
+      isResponseUnauthorized: http.isResponseUnauthorized,
       parseAccessToken: null,
       authorizeRequest: null,
       onAccessTokenChange: null,
@@ -66,6 +65,11 @@ export default class FetchInterceptor {
    * (Required) Adds authorization for intercepted requests
    *   authorizeRequest: (request, accessToken) => authorizedRequest,
    *
+   * Checks if response should be considered unauthorized (by default only 401 responses are
+   * considered unauthorized. Override this method if you need to trigger token renewal for
+   * other response statuses.
+   *   isResponseUnauthorized: (response) => boolean,
+   *
    * Number of retries after initial request was unauthorized
    *   fetchRetryCount: 1,
    *
@@ -311,6 +315,7 @@ export default class FetchInterceptor {
 
   handleResponse(requestContext) {
     const { shouldIntercept, response, fetchResolve, fetchReject } = requestContext;
+    const { isResponseUnauthorized } = this.config;
 
     // can only be empty on network errors
     if (!response) {
diff --git a/test/fetchInterceptor.spec.js b/test/fetchInterceptor.spec.js
@@ -24,6 +24,7 @@ const configuration = config => ({
   },
   onAccessTokenChange: null,
   onResponse: null,
+  isResponseUnauthorized: response => response.status === 401,
   ...config,
 });
 
@@ -410,6 +411,26 @@ describe('fetch-intercept', function () {
         done(error);
       });
     });
+
+    it('should fetch successfully with access token expired and status 403', function (done) {
+      fetchInterceptor.configure(configuration({
+        isResponseUnauthorized: (response) => response.status === 403
+      }));
+      // set expired access token
+      fetchInterceptor.authorize('refresh_token', 'token1');
+
+      fetch('http://localhost:5000/401/1?respondStatus=403').then(response => {
+        expect(response.status).to.be.equal(200);
+        return response.json();
+      })
+        .then(data => {
+          expect(data.value).to.be.equal('1');
+          done();
+        })
+        .catch(error => {
+          done(error);
+        });
+    });
   });
 
   describe('refresh token is invalid', () => {
diff --git a/test/helpers/server.js b/test/helpers/server.js
@@ -16,17 +16,18 @@ app.get('/200', function(req, res) {
 function handleUnauthorizedRequest(req, res ){
   const response = () => {
     const token = req.header('authorization') && req.header('authorization').split(' ')[1];
+    const responseStatus = req.query.respondStatus || 401;
 
     if (token === EXPIRED_TOKEN) {
-      res.status(401).send();
+      res.status(responseStatus).send();
     } else if (token === VALID_TOKEN) {
       if (req.query.invalidate){
         res.set('invalidates-token', true);
       }
 
       res.json({ 'value': req.params.id });
     } else {
-      res.status(401).send();
+      res.status(responseStatus).send();
     }
   };
 
