Feat: add support to refresh token absolute lifetime

README.md

@@ -164,6 +164,10 @@ type TAuthConfig = {
   tokenExpiresIn?: number // default: null
   // Can be used if auth provider doesn't return refresh token expiration time in token response
   refreshTokenExpiresIn?: number // default: null
+  // Defines the expiration strategy for the refresh token.
+  // - 'renewable': The refresh token's expiration time is renewed each time it is used, getting a new validity period.
+  // - 'absolute': The refresh token's expiration time is fixed from its initial issuance and does not change, regardless of how many times it is used.
+  refreshTokenExpiryStrategy?: 'renewable' | 'absolute' // default: renewable
   // Whether or not to post 'scope' when refreshing the access token
   refreshWithScope?: boolean // default: true
 }

src/AuthContext.tsx

@@ -123,7 +123,9 @@ export const AuthProvider = ({ authConfig, children }: IAuthProvider) => {
     const refreshTokenExpiresIn = config.refreshTokenExpiresIn ?? getRefreshExpiresIn(tokenExpiresIn, response)
     if (response.refresh_token) {
       setRefreshToken(response.refresh_token)
-      setRefreshTokenExpire(epochAtSecondsFromNow(refreshTokenExpiresIn))
+      if (!refreshTokenExpire || config.refreshTokenExpiryStrategy !== 'absolute') {
+        setRefreshTokenExpire(epochAtSecondsFromNow(refreshTokenExpiresIn))
+      }
     }
   }
 

src/authConfig.ts

@@ -18,6 +18,7 @@ export function createInternalConfig(passedConfig: TAuthConfig): TInternalConfig
     storage = 'local',
     storageKeyPrefix = 'ROCP_',
     refreshWithScope = true,
+    refreshTokenExpiryStrategy = 'renewable',
   }: TAuthConfig = passedConfig
 
   const config: TInternalConfig = {
@@ -32,6 +33,7 @@ export function createInternalConfig(passedConfig: TAuthConfig): TInternalConfig
     storage: storage,
     storageKeyPrefix: storageKeyPrefix,
     refreshWithScope: refreshWithScope,
+    refreshTokenExpiryStrategy: refreshTokenExpiryStrategy,
   }
   validateConfig(config)
   return config

src/types.ts

@@ -77,6 +77,7 @@ export type TAuthConfig = {
   extraLogoutParameters?: TPrimitiveRecord
   tokenExpiresIn?: number
   refreshTokenExpiresIn?: number
+  refreshTokenExpiryStrategy?: 'renewable' | 'absolute'
   storage?: 'session' | 'local'
   storageKeyPrefix?: string
   refreshWithScope?: boolean
@@ -111,6 +112,7 @@ export type TInternalConfig = {
   extraLogoutParameters?: TPrimitiveRecord
   tokenExpiresIn?: number
   refreshTokenExpiresIn?: number
+  refreshTokenExpiryStrategy: 'renewable' | 'absolute'
   storage: 'session' | 'local'
   storageKeyPrefix: string
   refreshWithScope: boolean

tests/auth-util.test.ts

@@ -14,6 +14,7 @@ const authConfig: TInternalConfig = {
   scope: 'someScope openid',
   clearURL: false,
   storage: 'local',
+  refreshTokenExpiryStrategy: 'renewable',
   storageKeyPrefix: 'ROCP_',
   refreshWithScope: true,
   extraAuthParams: {