chore(release): 0.26.2 [skip ci]

## [0.26.2](https://github.com/sasjs/server/compare/v0.26.1...v0.26.2) (2022-11-15)

### Bug Fixes

* comments ([7ae862c](7ae862c5ce))

CHANGELOG.md

@@ -1,3 +1,30 @@
+## [0.26.2](https://github.com/sasjs/server/compare/v0.26.1...v0.26.2) (2022-11-15)
+
+
+### Bug Fixes
+
+* comments ([7ae862c](https://github.com/sasjs/server/commit/7ae862c5ce720e9483d4728f4295dede4f849436))
+
+## [0.26.1](https://github.com/sasjs/server/compare/v0.26.0...v0.26.1) (2022-11-15)
+
+
+### Bug Fixes
+
+* change the expiration of access/refresh tokens from days to seconds ([bb05493](https://github.com/sasjs/server/commit/bb054938c5bd0535ae6b9da93ba0b14f9b80ddcd))
+
+# [0.26.0](https://github.com/sasjs/server/compare/v0.25.1...v0.26.0) (2022-11-13)
+
+
+### Bug Fixes
+
+* **web:** dispose monaco editor actions in return of useEffect ([acc25cb](https://github.com/sasjs/server/commit/acc25cbd686952d3f1c65e57aefcebe1cb859cc7))
+
+
+### Features
+
+* make access token duration configurable when creating client/secret ([2413c05](https://github.com/sasjs/server/commit/2413c05fea3960f7e5c3c8b7b2f85d61314f08db))
+* make refresh token duration configurable ([abd5c64](https://github.com/sasjs/server/commit/abd5c64b4a726e3f17594a98111b6aa269b71fee))
+
 ## [0.25.1](https://github.com/sasjs/server/compare/v0.25.0...v0.25.1) (2022-11-07)
 
 

api/package-lock.json

@@ -7092,9 +7092,9 @@
       "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A=="
     },
     "node_modules/minimatch": {
-      "version": "3.0.4",
+      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
       "dependencies": {
         "brace-expansion": "^1.1.7"
       },
@@ -15592,9 +15592,9 @@
       "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A=="
     },
     "minimatch": {
-      "version": "3.0.4",
+      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
       "requires": {
         "brace-expansion": "^1.1.7"
       }

api/public/swagger.yaml

@@ -57,6 +57,16 @@ components:
                     type: string
                     description: 'Client Secret'
                     example: someRandomCryptoString
+                accessTokenExpiration:
+                    type: number
+                    format: double
+                    description: 'Number of seconds after which access token will expire. Default is 86400 (1 day)'
+                    example: 86400
+                refreshTokenExpiration:
+                    type: number
+                    format: double
+                    description: 'Number of seconds after which access token will expire. Default is 2592000 (30 days)'
+                    example: 2592000
             required:
                 - clientId
                 - clientSecret
@@ -680,7 +690,11 @@ paths:
                             examples:
                                 'Example 1':
                                     value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString}
-            summary: 'Create client with the following attributes: ClientId, ClientSecret. Admin only task.'
+                                'Example 2':
+                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}
+                                'Example 3':
+                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}
+            summary: "Admin only task. Create client with the following attributes:\nClientId,\nClientSecret,\naccessTokenExpiration (optional),\nrefreshTokenExpiration (optional)"
             tags:
                 - Client
             security:

api/src/controllers/auth.ts

@@ -8,6 +8,7 @@ import {
   removeTokensInDB,
   saveTokensInDB
 } from '../utils'
+import Client from '../model/Client'
 
 @Route('SASjsApi/auth')
 @Tags('Auth')
@@ -83,8 +84,17 @@ const token = async (data: any): Promise<TokenResponse> => {
     }
   }
 
-  const accessToken = generateAccessToken(userInfo)
+  const client = await Client.findOne({ clientId })
-  const refreshToken = generateRefreshToken(userInfo)
+  if (!client) throw new Error('Invalid clientId.')
+
+  const accessToken = generateAccessToken(
+    userInfo,
+    client.accessTokenExpiration
+  )
+  const refreshToken = generateRefreshToken(
+    userInfo,
+    client.refreshTokenExpiration
+  )
 
   await saveTokensInDB(userInfo.userId, clientId, accessToken, refreshToken)
 
@@ -92,8 +102,17 @@ const token = async (data: any): Promise<TokenResponse> => {
 }
 
 const refresh = async (userInfo: InfoJWT): Promise<TokenResponse> => {
-  const accessToken = generateAccessToken(userInfo)
+  const client = await Client.findOne({ clientId: userInfo.clientId })
-  const refreshToken = generateRefreshToken(userInfo)
+  if (!client) throw new Error('Invalid clientId.')
+
+  const accessToken = generateAccessToken(
+    userInfo,
+    client.accessTokenExpiration
+  )
+  const refreshToken = generateRefreshToken(
+    userInfo,
+    client.refreshTokenExpiration
+  )
 
   await saveTokensInDB(
     userInfo.userId,

api/src/controllers/client.ts

@@ -1,18 +1,27 @@
 import { Security, Route, Tags, Example, Post, Body } from 'tsoa'
 
-import Client, { ClientPayload } from '../model/Client'
+import Client, {
+  ClientPayload,
+  NUMBER_OF_SECONDS_IN_A_DAY
+} from '../model/Client'
 
 @Security('bearerAuth')
 @Route('SASjsApi/client')
 @Tags('Client')
 export class ClientController {
   /**
-   * @summary Create client with the following attributes: ClientId, ClientSecret. Admin only task.
+   * @summary Admin only task. Create client with the following attributes:
+   * ClientId,
+   * ClientSecret,
+   * accessTokenExpiration (optional),
+   * refreshTokenExpiration (optional)
    *
    */
   @Example<ClientPayload>({
     clientId: 'someFormattedClientID1234',
-    clientSecret: 'someRandomCryptoString'
+    clientSecret: 'someRandomCryptoString',
+    accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+    refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
   })
   @Post('/')
   public async createClient(
@@ -22,8 +31,13 @@ export class ClientController {
   }
 }
 
-const createClient = async (data: any): Promise<ClientPayload> => {
+const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
-  const { clientId, clientSecret } = data
+  const {
+    clientId,
+    clientSecret,
+    accessTokenExpiration,
+    refreshTokenExpiration
+  } = data
 
   // Checking if client is already in the database
   const clientExist = await Client.findOne({ clientId })
@@ -32,13 +46,17 @@ const createClient = async (data: any): Promise<ClientPayload> => {
   // Create a new client
   const client = new Client({
     clientId,
-    clientSecret
+    clientSecret,
+    accessTokenExpiration,
+    refreshTokenExpiration
   })
 
   const savedClient = await client.save()
 
   return {
     clientId: savedClient.clientId,
-    clientSecret: savedClient.clientSecret
+    clientSecret: savedClient.clientSecret,
+    accessTokenExpiration: savedClient.accessTokenExpiration,
+    refreshTokenExpiration: savedClient.refreshTokenExpiration
   }
 }

api/src/model/Client.ts

@@ -1,5 +1,6 @@
 import mongoose, { Schema } from 'mongoose'
 
+export const NUMBER_OF_SECONDS_IN_A_DAY = 86400
 export interface ClientPayload {
   /**
    * Client ID
@@ -11,6 +12,16 @@ export interface ClientPayload {
    * @example "someRandomCryptoString"
    */
   clientSecret: string
+  /**
+   * Number of seconds after which access token will expire. Default is 86400 (1 day)
+   * @example 86400
+   */
+  accessTokenExpiration?: number
+  /**
+   * Number of seconds after which access token will expire. Default is 2592000 (30 days)
+   * @example 2592000
+   */
+  refreshTokenExpiration?: number
 }
 
 const ClientSchema = new Schema<ClientPayload>({
@@ -21,6 +32,14 @@ const ClientSchema = new Schema<ClientPayload>({
   clientSecret: {
     type: String,
     required: true
+  },
+  accessTokenExpiration: {
+    type: Number,
+    default: NUMBER_OF_SECONDS_IN_A_DAY
+  },
+  refreshTokenExpiration: {
+    type: Number,
+    default: NUMBER_OF_SECONDS_IN_A_DAY * 30
   }
 })
 

api/src/utils/generateAccessToken.ts

@@ -1,7 +1,8 @@
 import jwt from 'jsonwebtoken'
 import { InfoJWT } from '../types'
+import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client'
 
-export const generateAccessToken = (data: InfoJWT) =>
+export const generateAccessToken = (data: InfoJWT, expiry?: number) =>
   jwt.sign(data, process.secrets.ACCESS_TOKEN_SECRET, {
-    expiresIn: '1day'
+    expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY
   })

api/src/utils/generateRefreshToken.ts

@@ -1,7 +1,8 @@
 import jwt from 'jsonwebtoken'
 import { InfoJWT } from '../types'
+import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client'
 
-export const generateRefreshToken = (data: InfoJWT) =>
+export const generateRefreshToken = (data: InfoJWT, expiry?: number) =>
   jwt.sign(data, process.secrets.REFRESH_TOKEN_SECRET, {
-    expiresIn: '30 days'
+    expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY
   })

api/src/utils/validation.ts

@@ -88,7 +88,9 @@ export const updateUserValidation = (
 export const registerClientValidation = (data: any): Joi.ValidationResult =>
   Joi.object({
     clientId: Joi.string().required(),
-    clientSecret: Joi.string().required()
+    clientSecret: Joi.string().required(),
+    accessTokenExpiration: Joi.number(),
+    refreshTokenExpiration: Joi.number()
   }).validate(data)
 
 export const registerPermissionValidation = (data: any): Joi.ValidationResult =>

web/src/containers/Studio/internal/hooks/useEditor.ts

@@ -49,7 +49,7 @@ const useEditor = ({
   const [openFilePathInputModal, setOpenFilePathInputModal] = useState(false)
   const [showDiff, setShowDiff] = useState(false)
 
-  const editorRef = useRef(null as any)
+  const editorRef = useRef<monaco.editor.IStandaloneCodeEditor | null>(null)
 
   const handleEditorDidMount: EditorDidMount = (editor) => {
     editorRef.current = editor
@@ -199,7 +199,7 @@ const useEditor = ({
   }
 
   useEffect(() => {
-    editorRef.current.addAction({
+    const saveFileAction = editorRef.current?.addAction({
       // An unique identifier of the contributed action.
       id: 'save-file',
 
@@ -209,6 +209,8 @@ const useEditor = ({
       // An optional array of keybindings for the action.
       keybindings: [monaco.KeyMod.CtrlCmd | monaco.KeyCode.KeyS],
 
+      contextMenuGroupId: '9_cutcopypaste',
+
       // Method that will be executed when the action is triggered.
       // @param editor The editor instance is passed in as a convenience
       run: () => {
@@ -217,7 +219,7 @@ const useEditor = ({
       }
     })
 
-    editorRef.current.addAction({
+    const runCodeAction = editorRef.current?.addAction({
       // An unique identifier of the contributed action.
       id: 'run-code',
 
@@ -229,14 +231,17 @@ const useEditor = ({
 
       contextMenuGroupId: 'navigation',
 
-      contextMenuOrder: 1,
-
       // Method that will be executed when the action is triggered.
       // @param editor The editor instance is passed in as a convenience
       run: function () {
         runCode(getSelection(editorRef.current as any) || fileContent)
       }
     })
+
+    return () => {
+      saveFileAction?.dispose()
+      runCodeAction?.dispose()
+    }
   }, [fileContent, prevFileContent, selectedFilePath, saveFile, runCode])
 
   useEffect(() => {