✨ Handle expired user tokens without refresh tokens

Author: Peter Bryant

lib/src/token_expired_exception.dart

@@ -0,0 +1,29 @@
+// 🌎 Project imports:
+import 'package:passputter/src/oauth_token.dart';
+
+/// Thrown when an expired [OAuthToken] is used and cannot be refreshed.
+class TokenExpiredException implements Exception {
+  /// Constructs a [TokenExpiredException]
+  const TokenExpiredException(
+    this.expiredToken, [
+    this.message = 'OAuth token has expired',
+  ]) : super();
+
+  /// The [OAuthToken] which has expired.
+  final OAuthToken expiredToken;
+
+  /// The error message
+  final String message;
+
+  @override
+  bool operator ==(Object other) {
+    if (identical(this, other)) return true;
+
+    return other is TokenExpiredException &&
+        other.expiredToken == expiredToken &&
+        other.message == message;
+  }
+
+  @override
+  int get hashCode => expiredToken.hashCode ^ message.hashCode;
+}

lib/src/user_token_interceptor.dart

@@ -5,6 +5,7 @@ import 'package:dio/dio.dart';
 // 🌎 Project imports:
 import 'package:passputter/passputter.dart';
 import 'package:passputter/src/oauth_api_interface.dart';
+import 'package:passputter/src/token_expired_exception.dart';
 
 /// Adds a user bearer token to the Authorizaton header of each request
 class UserTokenInterceptor extends Interceptor {
@@ -40,20 +41,31 @@ class UserTokenInterceptor extends Interceptor {
     final token = tokenStorage.userToken;
     if (token != null) {
       if (token.expiresAt != null && token.expiresAt!.isBefore(clock.now())) {
-        try {
-          final newToken = await oAuthApi.getRefreshedToken(
-            refreshToken: token.refreshToken,
-            clientId: clientId,
-            clientSecret: clientSecret,
-          );
+        final refreshToken = token.refreshToken;
+        if (refreshToken != null) {
+          try {
+            final newToken = await oAuthApi.getRefreshedToken(
+              refreshToken: refreshToken,
+              clientId: clientId,
+              clientSecret: clientSecret,
+            );
 
-          await tokenStorage.saveUserToken(newToken);
+            await tokenStorage.saveUserToken(newToken);
 
-          options.headers['Authorization'] = 'Bearer ${newToken.token}';
+            options.headers['Authorization'] = 'Bearer ${newToken.token}';
 
-          return handler.next(options);
-        } on DioError catch (e) {
-          return handler.reject(e);
+            return handler.next(options);
+          } on DioError catch (e) {
+            return handler.reject(e);
+          }
+        } else {
+          return handler.reject(
+            DioError(
+              requestOptions: options,
+              type: DioErrorType.other,
+              error: TokenExpiredException(token),
+            ),
+          );
         }
       } else {
         options.headers['Authorization'] = 'Bearer ${token.token}';

test/src/oauth_api_impl_test.dart

@@ -42,8 +42,8 @@ void main() {
           requestOptions: RequestOptions(path: endpoint),
           statusCode: 200,
           data: '''{
-            "accessToken": "token",
-            "refreshToken": "refresh"
+            "access_token": "token",
+            "refresh_token": "refresh"
           }''',
         ),
       );
@@ -105,8 +105,8 @@ void main() {
           requestOptions: RequestOptions(path: endpoint),
           statusCode: 200,
           data: '''{
-            "accessToken": "token",
-            "refreshToken": "refresh"
+            "access_token": "token",
+            "refresh_token": "refresh"
           }''',
         ),
       );
@@ -173,8 +173,8 @@ void main() {
           requestOptions: RequestOptions(path: endpoint),
           statusCode: 200,
           data: '''{
-            "accessToken": "token",
-            "refreshToken": "refresh"
+            "access_token": "token",
+            "refresh_token": "refresh"
           }''',
         ),
       );

test/src/oauth_token_test.dart

@@ -10,8 +10,8 @@ void main() {
   group('fromMap', () {
     test('without expiry parses successfully', () {
       final map = <String, dynamic>{
-        'accessToken': 'token',
-        'refreshToken': 'refresh',
+        'access_token': 'token',
+        'refresh_token': 'refresh',
       };
 
       const expected = OAuthToken(
@@ -23,13 +23,30 @@ void main() {
       expect(OAuthToken.fromMap(map), equals(expected));
     });
 
-    test('with expiry parses successfully', () {
+    test('without refresh token parses successfully', () {
       final clock = Clock.fixed(DateTime(2021, 5, 1));
 
       final map = <String, dynamic>{
-        'accessToken': 'token',
-        'refreshToken': 'refresh',
-        'expiresIn': 1000,
+        'access_token': 'token',
+        'expires_in': 1000,
+      };
+
+      final expected = OAuthToken(
+        token: 'token',
+        refreshToken: null,
+        expiresAt: clock.now().add(1000.seconds),
+      );
+
+      expect(OAuthToken.fromMap(map, clock), equals(expected));
+    });
+
+    test('with all arguments parses successfully', () {
+      final clock = Clock.fixed(DateTime(2021, 5, 1));
+
+      final map = <String, dynamic>{
+        'access_token': 'token',
+        'refresh_token': 'refresh',
+        'expires_in': 1000,
       };
 
       final expected = OAuthToken(
@@ -41,4 +58,40 @@ void main() {
       expect(OAuthToken.fromMap(map, clock), equals(expected));
     });
   });
+
+  group('equality', () {
+    test('equal tokens are evaluated as equal', () {
+      const t1 = OAuthToken(
+        token: 'token',
+        refreshToken: null,
+        expiresAt: null,
+      );
+
+      const t2 = OAuthToken(
+        token: 'token',
+        refreshToken: null,
+        expiresAt: null,
+      );
+
+      expect(t1 == t2, isTrue);
+      expect(t1.hashCode == t2.hashCode, isTrue);
+    });
+
+    test('non-equal tokens are not evaluated as equal', () {
+      const t1 = OAuthToken(
+        token: 'token',
+        refreshToken: null,
+        expiresAt: null,
+      );
+
+      const t2 = OAuthToken(
+        token: 'token2',
+        refreshToken: 'refresh',
+        expiresAt: null,
+      );
+
+      expect(t1 == t2, isFalse);
+      expect(t1.hashCode == t2.hashCode, isFalse);
+    });
+  });
 }

test/src/token_expired_exception_test.dart

@@ -0,0 +1,55 @@
+// 📦 Package imports:
+import 'package:test/test.dart';
+
+// 🌎 Project imports:
+import 'package:passputter/src/oauth_token.dart';
+import 'package:passputter/src/token_expired_exception.dart';
+
+void main() {
+  test('equal exceptions are evaluated as equal', () async {
+    const token = OAuthToken(
+      token: 'token',
+      refreshToken: null,
+      expiresAt: null,
+    );
+    const t1 = TokenExpiredException(token);
+    const t2 = TokenExpiredException(token);
+
+    expect(t1 == t2, isTrue);
+    expect(t1.hashCode == t2.hashCode, isTrue);
+  });
+
+  test('exceptions with different tokens are not evaluated as equal', () async {
+    const token1 = OAuthToken(
+      token: 'token',
+      refreshToken: null,
+      expiresAt: null,
+    );
+    const token2 = OAuthToken(
+      token: 'token2',
+      refreshToken: null,
+      expiresAt: null,
+    );
+    const t1 = TokenExpiredException(token1);
+    const t2 = TokenExpiredException(token2);
+
+    expect(t1 == t2, isFalse);
+    expect(t1.hashCode == t2.hashCode, isFalse);
+  });
+
+  test(
+    'exceptions with different messages are not evaluated as equal',
+    () async {
+      const token = OAuthToken(
+        token: 'token',
+        refreshToken: null,
+        expiresAt: null,
+      );
+      const t1 = TokenExpiredException(token);
+      const t2 = TokenExpiredException(token, 'A different message');
+
+      expect(t1 == t2, isFalse);
+      expect(t1.hashCode == t2.hashCode, isFalse);
+    },
+  );
+}

test/src/user_token_interceptor_test.dart

@@ -9,6 +9,7 @@ import 'package:time/time.dart';
 import 'package:passputter/passputter.dart';
 import 'package:passputter/src/oauth_api_interface.dart';
 import 'package:passputter/src/oauth_token.dart';
+import 'package:passputter/src/token_expired_exception.dart';
 
 class MockOAuthApi extends Mock implements OAuthApiInterface {}
 
@@ -21,6 +22,16 @@ void main() {
   late Clock clock;
   late UserTokenInterceptor interceptor;
 
+  setUpAll(() {
+    registerFallbackValue<DioError>(
+      DioError(
+        requestOptions: RequestOptions(
+          path: 'path',
+        ),
+      ),
+    );
+  });
+
   setUp(() {
     tokenStorage = InMemoryTokenStorage();
     oAuthApi = MockOAuthApi();
@@ -91,6 +102,34 @@ void main() {
     );
   });
 
+  test(
+    'throws error if token has expired and there is no refresh token',
+    () async {
+      final token = OAuthToken(
+        token: 'token',
+        expiresAt: clock.now().subtract(30.days),
+        refreshToken: null,
+      );
+
+      await tokenStorage.saveUserToken(token);
+
+      await interceptor.onRequest(tRequest, handler);
+
+      final captured = verify(() => handler.reject(captureAny())).captured;
+
+      expect(
+        captured.last,
+        isA<DioError>().having(
+          (e) => e.error,
+          'error',
+          isA<TokenExpiredException>(),
+        ),
+      );
+
+      verifyZeroInteractions(oAuthApi);
+    },
+  );
+
   test('rejects request if token refresh fails', () async {
     final token = OAuthToken(
       token: 'token',