Gateway token frefresh

src/gateway/opcodes/Identify.ts

@@ -52,6 +52,8 @@ import {
 	VoiceState,
 	UserSettingsProtos,
 	IpDataClient,
+	generateToken,
+	CurrentTokenFormatVersion,
 } from "@spacebar/util";
 import { check } from "./instanceOf";
 import { In } from "typeorm";
@@ -586,6 +588,10 @@ export async function onIdentify(this: WebSocket, data: Payload) {
 		},
 		game_relationships: [],
 	};
+
+	if(this.capabilities.has(Capabilities.FLAGS.AUTH_TOKEN_REFRESH) && tokenData.tokenVersion != CurrentTokenFormatVersion) {
+		d.auth_token = await generateToken(this.user_id);
+	}
 	const buildReadyEventDataTime = taskSw.getElapsedAndReset();
 	const _trace = [
 		gatewayShardName,

src/util/interfaces/Event.ts

@@ -132,6 +132,7 @@ export interface ReadyEventData {
 		flags: number;
 	};
 	game_relationships: never[]; // what is this?
+	auth_token?: string; // if enabled in capabilities
 	_trace?: string[]; // trace of the request, used for debugging
 }
 

src/util/util/Token.ts

@@ -33,7 +33,7 @@ import { TimeSpan } from "./Timespan";
 /// 1 - Initial version with HS256
 /// 2 - Switched to ES512
 /// 3 - Add version, device id to token payload
-export const CurrentKeyFormatVersion: number = 3;
+export const CurrentTokenFormatVersion: number = 3;
 
 export type UserTokenData = {
 	user: User;
@@ -159,7 +159,7 @@ export const checkToken = (
 	});
 };
 
-export async function generateToken(id: string, isAdminSession: boolean = false) {
+export async function generateToken(id: string, isAdminSession: boolean = false): Promise<string | undefined> {
 	const iat = Math.floor(Date.now() / 1000);
 	const keyPair = await loadOrGenerateKeypair();
 
@@ -183,7 +183,7 @@ export async function generateToken(id: string, isAdminSession: boolean = false)
 	await newSession.save();
 
 	return new Promise((res, rej) => {
-		const payload = { id, iat, kid: keyPair.fingerprint, ver: CurrentKeyFormatVersion, did: newSession.session_id } as UserTokenData["decoded"];
+		const payload = { id, iat, kid: keyPair.fingerprint, ver: CurrentTokenFormatVersion, did: newSession.session_id } as UserTokenData["decoded"];
 		jwt.sign(
 			payload,
 			keyPair.privateKey,