From 2bb4180cf05662264db4ca7c4d1ae21887011ea9 Mon Sep 17 00:00:00 2001
From: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
Date: Tue, 16 Apr 2024 10:49:48 +0200
Subject: [PATCH] add a method to perform a TokenRequest in a uniform way and
 save the result, so we dont forget to save the refreshToken for instance

---
 .../src/packages/core/auth/auth-flow.ts       | 35 +++++++++++++------
 1 file changed, 25 insertions(+), 10 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/packages/core/auth/auth-flow.ts b/src/Umbraco.Web.UI.Client/src/packages/core/auth/auth-flow.ts
index 82455be922..ecf1c20b98 100644
--- a/src/Umbraco.Web.UI.Client/src/packages/core/auth/auth-flow.ts
+++ b/src/Umbraco.Web.UI.Client/src/packages/core/auth/auth-flow.ts
@@ -141,7 +141,7 @@ export class UmbAuthFlow {
 					codeVerifier = request.internal.code_verifier;
 				}
 
-				await this.#makeRefreshTokenRequest(response.code, codeVerifier);
+				await this.#makeTokenRequest(response.code, codeVerifier);
 				await this.performWithFreshTokens();
 				await this.#saveTokenState();
 
@@ -301,8 +301,8 @@ export class UmbAuthFlow {
 			return Promise.resolve('Missing refreshToken.');
 		}
 
-		if (this.#accessTokenResponse && this.#accessTokenResponse.isValid()) {
-			// do nothing
+		// if the access token is valid, return it
+		if (this.#accessTokenResponse?.isValid()) {
 			return Promise.resolve(this.#accessTokenResponse.accessToken);
 		}
 
@@ -315,9 +315,11 @@ export class UmbAuthFlow {
 			extras: undefined,
 		});
 
-		const response = await this.#tokenHandler.performTokenRequest(this.#configuration, request);
-		this.#accessTokenResponse = response;
-		return response.accessToken;
+		await this.#performTokenRequest(request);
+
+		return this.#accessTokenResponse
+			? Promise.resolve(this.#accessTokenResponse.accessToken)
+			: Promise.resolve('Missing accessToken.');
 	}
 
 	/**
@@ -335,7 +337,7 @@ export class UmbAuthFlow {
 	/**
 	 * This method will make a token request to the server using the authorization code.
 	 */
-	async #makeRefreshTokenRequest(code: string, codeVerifier: string | undefined): Promise<void> {
+	async #makeTokenRequest(code: string, codeVerifier: string | undefined): Promise<void> {
 		const extras: StringMap = {};
 
 		if (codeVerifier) {
@@ -352,8 +354,21 @@ export class UmbAuthFlow {
 			extras: extras,
 		});
 
-		const response = await this.#tokenHandler.performTokenRequest(this.#configuration, request);
-		this.#refreshToken = response.refreshToken;
-		this.#accessTokenResponse = response;
+		await this.#performTokenRequest(request);
+	}
+
+	/**
+	 * This method will make a token request to the server using the refresh token.
+	 * If the request fails, it will sign the user out (clear the token state).
+	 */
+	async #performTokenRequest(request: TokenRequest): Promise<void> {
+		try {
+			const response = await this.#tokenHandler.performTokenRequest(this.#configuration, request);
+			this.#refreshToken = response.refreshToken;
+			this.#accessTokenResponse = response;
+		} catch (error) {
+			console.error('Token request error', error);
+			this.signOut();
+		}
 	}
 }