feat: Auth refresh token

apps/api-gateway/src/authz/authz.controller.ts

@@ -27,6 +27,7 @@ import { CustomExceptionFilter } from 'apps/api-gateway/common/exception-handler
 import { ResetPasswordDto } from './dtos/reset-password.dto';
 import { ForgotPasswordDto } from './dtos/forgot-password.dto';
 import { ResetTokenPasswordDto } from './dtos/reset-token-password';
+import { RefreshTokenDto } from './dtos/refresh-token.dto';
 
 
 @Controller('auth')
@@ -176,5 +177,24 @@ export class AuthzController {
 
   }
 
+  @Post('/refresh-token')
+  @ApiOperation({
+    summary: 'Token from refresh token',
+    description: 'Get a new token from a refresh token'
+  })
+  @ApiResponse({ status: HttpStatus.OK, description: 'Success', type: ApiResponseDto })
+  async refreshToken(
+    @Body() refreshTokenDto: RefreshTokenDto,
+    @Res() res: Response): Promise<Response> {      
+      const tokenData = await this.authzService.refreshToken(refreshTokenDto.refreshToken);
+      const finalResponse: IResponseType = {
+        statusCode: HttpStatus.OK,
+        message: ResponseMessages.user.success.refreshToken,
+        data: tokenData
+      };
+
+      return res.status(HttpStatus.OK).json(finalResponse);
+
+  }
 
 }

apps/api-gateway/src/authz/authz.service.ts

@@ -58,6 +58,10 @@ export class AuthzService extends BaseService {
     return this.sendNatsMessage(this.authServiceProxy, 'user-set-token-password', resetTokenPasswordDto);
   }
 
+  async refreshToken(refreshToken: string): Promise<ISignInUser> {
+    return this.sendNatsMessage(this.authServiceProxy, 'refresh-token-details', refreshToken);
+  }
+
   async addUserDetails(userInfo: AddUserDetailsDto): Promise<string> {
     const payload = { userInfo };
     return this.sendNatsMessage(this.authServiceProxy, 'add-user', payload);

apps/api-gateway/src/authz/dtos/refresh-token.dto.ts

@@ -0,0 +1,14 @@
+import { IsNotEmpty } from 'class-validator';
+
+import { ApiProperty } from '@nestjs/swagger';
+import { Transform } from 'class-transformer';
+import {  trim } from '@credebl/common/cast.helper';
+
+export class RefreshTokenDto {
+
+    @ApiProperty()
+    @Transform(({ value }) => trim(value))
+    @IsNotEmpty({ message: 'refreshToken is required.' })
+    refreshToken: string;
+
+}

apps/user/src/user.controller.ts

@@ -44,6 +44,11 @@ export class UserController {
    return loginRes;
   }
 
+  @MessagePattern({ cmd: 'refresh-token-details' })
+  async refreshTokenDetails(refreshToken: string): Promise<ISignInUser> {
+   return this.userService.refreshTokenDetails(refreshToken);   
+  }
+
   @MessagePattern({ cmd: 'user-reset-password' })
   async resetPassword(payload: IUserResetPassword): Promise<IResetPasswordResponse> {
    return this.userService.resetPassword(payload);

apps/user/src/user.service.ts

@@ -374,6 +374,23 @@ export class UserService {
     }
   }
 
+  async refreshTokenDetails(refreshToken: string): Promise<ISignInUser> {
+
+    try {
+        try {
+          const tokenResponse = await this.clientRegistrationService.getAccessToken(refreshToken);
+          return tokenResponse;
+        } catch (error) {
+          throw new BadRequestException(ResponseMessages.user.error.invalidRefreshToken);
+        }
+
+    } catch (error) {
+      this.logger.error(`In refreshTokenDetails : ${JSON.stringify(error)}`);
+      throw new RpcException(error.response ? error.response : error);
+
+    }
+  }
+
   async updateFidoVerifiedUser(email: string, isFidoVerified: boolean, password: string): Promise<boolean> {
     if (isFidoVerified) {
       await this.userRepository.addUserPassword(email.toLowerCase(), password);

libs/client-registration/src/client-registration.service.ts

@@ -787,10 +787,6 @@ export class ClientRegistrationService {
       payload.refresh_token = refreshToken;
       payload.client_secret = process.env.KEYCLOAK_MANAGEMENT_CLIENT_SECRET;
 
-
-      this.logger.log(`access Token for platform Payload: ${JSON.stringify(payload)}`);
-
-
       if (
         'refresh_token' !== payload.grant_type ||
         !payload.client_id ||
@@ -801,23 +797,23 @@ export class ClientRegistrationService {
         throw new Error('Invalid inputs while getting token.');
       }
 
-      const strURL = await this.keycloakUrlService.GetSATURL('credebl-platform');
-      this.logger.log(`getToken URL: ${strURL}`);
       const config = {
         headers: {
           'Content-Type': 'application/x-www-form-urlencoded'
         }
       };
 
       const tokenResponse = await this.commonService.httpPost(
-        await this.keycloakUrlService.GetSATURL('credebl-platform'),
+        await this.keycloakUrlService.GetSATURL(process.env.KEYCLOAK_REALM),
         qs.stringify(payload)
         , config);
 
       return tokenResponse;
 
     } catch (error) {
-
+      this.logger.error(
+        `Error in getAccessToken ${JSON.stringify(error)}`
+      );
       throw error;
     }
   }

libs/common/src/response-messages/index.ts

@@ -23,7 +23,8 @@ export const ResponseMessages = {
             updateUserProfile:'User profile updated successfully',
             resetPassword: 'Password reset successfully',
             degreeCertificate: 'Degree Certificate shared successfully',
-            resetPasswordLink: 'Reset password link has been sent to your mail'
+            resetPasswordLink: 'Reset password link has been sent to your mail',
+            refreshToken: 'Token details fetched successfully'
         },
         error: {
             exists: 'User already exists',
@@ -60,7 +61,8 @@ export const ResponseMessages = {
             resetSamePassword: 'New password should not be the current password',
             resetPasswordLink: 'Unable to create reset password token',
             invalidResetLink: 'Invalid or expired reset password link',
-            invalidAccessToken: 'Authentication failed'
+            invalidAccessToken: 'Authentication failed',
+            invalidRefreshToken: 'Invalid refreshToken provided'
         }
     },
     organisation: {