File size: 2,012 Bytes
fc93158 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 | export type ScopeTokenProvider = {
getAccessToken: (scope: string) => Promise<string>;
};
function isAuthFailureStatus(status: number): boolean {
return status === 401 || status === 403;
}
export async function fetchWithBearerAuthScopeFallback(params: {
url: string;
scopes: readonly string[];
tokenProvider?: ScopeTokenProvider;
fetchFn?: typeof fetch;
requestInit?: RequestInit;
requireHttps?: boolean;
shouldAttachAuth?: (url: string) => boolean;
shouldRetry?: (response: Response) => boolean;
}): Promise<Response> {
const fetchFn = params.fetchFn ?? fetch;
let parsedUrl: URL;
try {
parsedUrl = new URL(params.url);
} catch {
throw new Error(`Invalid URL: ${params.url}`);
}
if (params.requireHttps === true && parsedUrl.protocol !== "https:") {
throw new Error(`URL must use HTTPS: ${params.url}`);
}
const fetchOnce = (headers?: Headers): Promise<Response> =>
fetchFn(params.url, {
...params.requestInit,
...(headers ? { headers } : {}),
});
const firstAttempt = await fetchOnce();
if (firstAttempt.ok) {
return firstAttempt;
}
if (!params.tokenProvider) {
return firstAttempt;
}
const shouldRetry =
params.shouldRetry ?? ((response: Response) => isAuthFailureStatus(response.status));
if (!shouldRetry(firstAttempt)) {
return firstAttempt;
}
if (params.shouldAttachAuth && !params.shouldAttachAuth(params.url)) {
return firstAttempt;
}
for (const scope of params.scopes) {
try {
const token = await params.tokenProvider.getAccessToken(scope);
const authHeaders = new Headers(params.requestInit?.headers);
authHeaders.set("Authorization", `Bearer ${token}`);
const authAttempt = await fetchOnce(authHeaders);
if (authAttempt.ok) {
return authAttempt;
}
if (!shouldRetry(authAttempt)) {
continue;
}
} catch {
// Ignore token/fetch errors and continue trying remaining scopes.
}
}
return firstAttempt;
}
|