From f0ffb7ee6a4348a83afde491abe3fffb8e2b76d6 Mon Sep 17 00:00:00 2001
From: louis <louis@lemoncloud.io>
Date: Thu, 26 Sep 2024 17:58:52 +0900
Subject: [PATCH] feat: add refreshCachedTokenV2 method

---
 src/core/aws-web.core.ts | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/src/core/aws-web.core.ts b/src/core/aws-web.core.ts
index abf42e2..576bd52 100644
--- a/src/core/aws-web.core.ts
+++ b/src/core/aws-web.core.ts
@@ -271,6 +271,43 @@ export class AWSWebCore implements WebCoreService {
         return await this.buildCredentialsByToken(refreshToken);
     }
 
+    /**
+     * Refreshes the cached token new version
+     * @param {string} [domain=''] - The domain for the refresh request.
+     * @param {string} [url=''] - The request url for refresh token
+     * @returns {Promise<AWS.Credentials | null>} - The AWS credentials or null if refresh fails.
+     */
+    async refreshCachedTokenV2(domain: string = '', url: string = '') {
+        const cached = await this.tokenStorage.getCachedOAuthToken();
+        const payload = {
+            authId: cached.authId,
+            accountId: cached.accountId,
+            identityId: cached.identityId,
+            identityToken: cached.identityToken,
+        };
+        const current = new Date().toISOString();
+        const signature = calcSignature(payload, current);
+
+        let body: RefreshTokenBody = { current, signature };
+        if (domain && domain.length > 0) {
+            body = { ...body, domain };
+        }
+
+        const response: HttpResponse<any> = await this.signedRequest(
+            'POST',
+            url ? url : `${this.config.oAuthEndpoint}/oauth/${cached.authId}/refresh`,
+            {},
+            { ...body }
+        );
+        const refreshToken = {
+            ...response.data.Token,
+            identityToken: response.data.Token?.identityToken || cached.identityToken,
+            identityPoolId: cached.identityPoolId,
+        };
+        this.logger.info('success to refresh token');
+        return await this.buildCredentialsByToken(refreshToken);
+    }
+
     /**
      * Changes the user site and returns new AWS credentials.
      *