fix: codeExchange, storage updates, generateAuthUrl fixes

lib/main.test.ts

@@ -39,6 +39,7 @@ describe("index exports", () => {
       "generateRandomString",
       "mapLoginMethodParamsForUrl",
       "sanatizeURL",
+      "exchangeAuthCode",
 
       // session manager
       "MemoryStorage",
@@ -49,6 +50,8 @@ describe("index exports", () => {
 
       // token utils
       "getActiveStorage",
+      "hasActiveStorage",
+      "clearActiveStorage",
       "getClaim",
       "getClaims",
       "getCurrentOrganization",
@@ -60,6 +63,9 @@ describe("index exports", () => {
       "getUserOrganizations",
       "getUserProfile",
       "setActiveStorage",
+
+      // config
+      "frameworkSettings",
     ];
 
     expect(actualExports.sort()).toEqual(expectedExports.sort());

lib/sessionManager/types.ts

@@ -11,6 +11,7 @@ export enum StorageKeys {
   refreshToken = "refreshToken",
   state = "state",
   nonce = "nonce",
+  codeVerifier = "codeVerifier",
 }
 
 export type StorageSettingsType = {
@@ -40,6 +41,14 @@ export abstract class SessionBase<V extends string = StorageKeys>
       ),
     );
   }
+
+  async removeItems(...items: V[]): Awaitable<void> {
+    await Promise.all(
+      items.map((item) => {
+        return this.removeSessionItem(item);
+      }),
+    );
+  }
 }
 
 export interface SessionManager<V extends string = StorageKeys> {
@@ -80,4 +89,10 @@ export interface SessionManager<V extends string = StorageKeys> {
    * @returns {Promise<void>}
    */
   setItems(items: Partial<Record<V, unknown>>): Awaitable<void>;
+
+  /**
+   * Removes multiple items simultaneously.
+   * @param items
+   */
+  removeItems(...items: V[]): Awaitable<void>;
 }

lib/sessionManager/utils.test.ts

@@ -1,4 +1,3 @@
-// utils.test.ts
 import { splitString } from "./utils";
 import { describe, expect, it } from "vitest";
 

lib/sessionManager/utils.ts

@@ -2,9 +2,5 @@ export function splitString(str: string, length: number): string[] {
   if (length <= 0) {
     return [];
   }
-  const result = [];
-  for (let i = 0; i < str.length; i += length) {
-    result.push(str.slice(i, i + length));
-  }
-  return result;
+  return str.match(new RegExp(`.{1,${length}}`, "g")) || [];
 }

lib/utils/exchangeAuthCode.test.ts

@@ -0,0 +1,229 @@
+import { describe, expect, it, vi, beforeEach, afterEach } from "vitest";
+import { exchangeAuthCode } from ".";
+import { MemoryStorage, StorageKeys } from "../sessionManager";
+import { setActiveStorage } from "./token";
+import createFetchMock from "vitest-fetch-mock";
+import { frameworkSettings } from "./exchangeAuthCode";
+
+const fetchMock = createFetchMock(vi);
+
+describe("exchangeAuthCode", () => {
+  beforeEach(() => {
+    fetchMock.enableMocks();
+  });
+
+  afterEach(() => {
+    fetchMock.resetMocks();
+  });
+
+  it("missing state param", async () => {
+    const urlParams = new URLSearchParams();
+    urlParams.append("code", "test");
+
+    const result = await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+
+    expect(result).toStrictEqual({
+      success: false,
+      error: "Invalid state or code",
+    });
+  });
+
+  it("missing code param", async () => {
+    const urlParams = new URLSearchParams();
+    urlParams.append("state", "test");
+
+    const result = await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+
+    expect(result).toStrictEqual({
+      success: false,
+      error: "Invalid state or code",
+    });
+  });
+
+  it("missing active storage", async () => {
+    const urlParams = new URLSearchParams();
+    urlParams.append("state", "test");
+    urlParams.append("code", "test");
+
+    expect(
+      await exchangeAuthCode({
+        urlParams,
+        domain: "http://test.kinde.com",
+        clientId: "test",
+        redirectURL: "http://test.kinde.coma",
+      }),
+    ).toStrictEqual({
+      error: "Authentication storage is not initialized",
+      success: false,
+    });
+  });
+
+  it("state mismatch", async () => {
+    const store = new MemoryStorage();
+    setActiveStorage(store);
+
+    await store.setItems({
+      [StorageKeys.state]: "storedState",
+    });
+
+    const urlParams = new URLSearchParams();
+    urlParams.append("state", "test");
+    urlParams.append("code", "test");
+
+    const result = await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+
+    expect(result).toStrictEqual({
+      success: false,
+      error: "Invalid state; supplied test, expected storedState",
+    });
+  });
+
+  it("should exchange tokens, set storage and clear temp values", async () => {
+    const store = new MemoryStorage();
+    setActiveStorage(store);
+
+    const state = "state";
+
+    await store.setItems({
+      [StorageKeys.state]: state,
+    });
+
+    const input = "hello";
+
+    const urlParams = new URLSearchParams();
+    urlParams.append("code", input);
+    urlParams.append("state", state);
+    urlParams.append("client_id", "test");
+
+    fetchMock.mockResponseOnce(
+      JSON.stringify({
+        access_token: "access_token",
+        refresh_token: "refresh_token",
+        id_token: "id_token",
+      }),
+    );
+
+    const result = await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+    expect(result).toStrictEqual({
+      accessToken: "access_token",
+      refreshToken: "refresh_token",
+      idToken: "id_token",
+      success: true,
+    });
+
+    const postStoredState = await store.getSessionItem(StorageKeys.state);
+    expect(postStoredState).toBeNull();
+    const postCodeVerifier = await store.getSessionItem(
+      StorageKeys.codeVerifier,
+    );
+    expect(postCodeVerifier).toBeNull();
+    expect(fetchMock).toHaveBeenCalledTimes(1);
+    const [url, options] = fetchMock.mock.calls[0];
+    expect(url).toBe("http://test.kinde.com/oauth2/token");
+    expect(options).toMatchObject({
+      method: "POST",
+      headers: {
+        "Content-type": "application/x-www-form-urlencoded; charset=UTF-8",
+      },
+    });
+  });
+
+  it("set the framework and version on header", async () => {
+    const store = new MemoryStorage();
+    setActiveStorage(store);
+
+    const state = "state";
+
+    await store.setItems({
+      [StorageKeys.state]: state,
+    });
+
+    frameworkSettings.framework = "Framework";
+    frameworkSettings.frameworkVersion = "Version";
+
+    const input = "hello";
+
+    const urlParams = new URLSearchParams();
+    urlParams.append("code", input);
+    urlParams.append("state", state);
+    urlParams.append("client_id", "test");
+
+    fetchMock.mockResponseOnce(
+      JSON.stringify({
+        access_token: "access_token",
+        refresh_token: "refresh_token",
+        id_token: "id_token",
+      }),
+    );
+
+    await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+
+    expect(fetchMock).toHaveBeenCalledTimes(1);
+    const [url, options] = fetchMock.mock.calls[0];
+    expect(url).toBe("http://test.kinde.com/oauth2/token");
+    expect(options).toMatchObject({
+      method: "POST",
+      headers: {
+        "Content-type": "application/x-www-form-urlencoded; charset=UTF-8",
+        "Kinde-SDK": "Framework/Version",
+      },
+    });
+  });
+
+  it("should handle token exchange failure", async () => {
+    const store = new MemoryStorage();
+    setActiveStorage(store);
+
+    const state = "state";
+
+    await store.setItems({
+      [StorageKeys.state]: state,
+    });
+
+    const input = "hello";
+
+    const urlParams = new URLSearchParams();
+    urlParams.append("code", input);
+    urlParams.append("state", state);
+    urlParams.append("client_id", "test");
+
+    fetchMock.mockOnce({ status: 500, ok: false, body: "error" });
+
+    const result = await exchangeAuthCode({
+      urlParams,
+      domain: "http://test.kinde.com",
+      clientId: "test",
+      redirectURL: "http://test.kinde.com",
+    });
+
+    expect(result).toStrictEqual({
+      success: false,
+      error: "Token exchange failed: 500 - error",
+    });
+  });
+});