public setTokens()

in libs/@guardian/identity-auth/src/tokenManager.ts [78:125]

• 33 lines of code
• 2 McCabe index (conditional complexity)

	public setTokens(tokens: Tokens<AC, IC>): void {
		// setup the valid token types
		const tokenTypes: TokenType[] = ['accessToken', 'idToken'];

		// check if there are existing tokens in storage
		const existingTokens = this.getTokensSync();

		// setup the storage objects
		const accessTokenStorage: AccessTokenStorage = {
			accessToken: tokens.accessToken.accessToken,
			clockSkew: tokens.accessToken.clockSkew,
		};

		const idTokenStorage: IDTokenStorage = {
			idToken: tokens.idToken.idToken,
			nonce: tokens.idToken.nonce,
			clockSkew: tokens.idToken.clockSkew,
		};

		// set the new tokens in storage
		this.#storage.set(
			this.#accessTokenKey,
			accessTokenStorage,
			new Date(tokens.accessToken.expiresAt * 1000),
		);
		this.#storage.set(
			this.#idTokenKey,
			idTokenStorage,
			// use access token expiry as id token expiry as id token is always 1 hour
			// while the access token can be between 5 mins and 24 hours
			// the id token is refreshed at the same time as the access token, and is tied to
			// a given access token using the at_hash claim, so it is safe to use the access token expiry
			new Date(tokens.accessToken.expiresAt * 1000),
		);

		// emit events for each token type
		tokenTypes.forEach((tokenType) => {
			const newToken = tokens[tokenType];
			const existingToken = existingTokens?.[tokenType];

			if (existingToken) {
				this.#emitRemoved(tokenType, existingToken);
				this.#emitAdded(tokenType, newToken);
			} else {
				this.#emitAdded(tokenType, newToken);
			}
		});
	}