fix (refresh-token): handle error in refresh-token plugin and fix ref…

…reshOnlyToken type (#667)

Co-authored-by: Marsel Shayhin <18054980+phoenix-ru@users.noreply.github.com>

docs/content/2.configuration/2.nuxt-config.md

@@ -292,10 +292,10 @@ type ProviderRefresh = {
   },
     /**
    *  When refreshOnlyToken is set, only the token will be refreshed 
-   *
-   *
+   * 
+   * @default true
    */
-  refreshOnlyToken?: true;
+  refreshOnlyToken?: boolean;
   /**
    * Pages that `nuxt-auth` needs to know the location off for redirects.
    */

src/runtime/plugins/refresh-token.server.ts

@@ -24,52 +24,57 @@ export default defineNuxtPlugin({
         [configToken.token.headerName]: token.value
       } as HeadersInit)
 
-      const response = await _fetch<Record<string, any>>(nuxtApp, path, {
-        method,
-        body: {
-          refreshToken: refreshToken.value
-        },
-        headers
-      })
+      try {
+        const response = await _fetch<Record<string, any>>(nuxtApp, path, {
+          method,
+          body: {
+            refreshToken: refreshToken.value
+          },
+          headers
+        })
 
-      const extractedToken = jsonPointerGet(
-        response,
-        provider.token.signInResponseTokenPointer
-      )
-      if (typeof extractedToken !== 'string') {
-        console.error(
-          `Auth: string token expected, received instead: ${JSON.stringify(
-            extractedToken
-          )}. Tried to find token at ${
-            provider.token.signInResponseTokenPointer
-          } in ${JSON.stringify(response)}`
-        )
-        return
-      }
-
-      // check if refereshTokenOnly
-      if (!configToken.refreshOnlyToken) {
-        const extractedRefreshToken = jsonPointerGet(
+        const extractedToken = jsonPointerGet(
           response,
-          provider.refreshToken.signInResponseRefreshTokenPointer
+          provider.token.signInResponseTokenPointer
         )
-        if (typeof extractedRefreshToken !== 'string') {
+        if (typeof extractedToken !== 'string') {
           console.error(
             `Auth: string token expected, received instead: ${JSON.stringify(
-              extractedRefreshToken
+              extractedToken
             )}. Tried to find token at ${
-              provider.refreshToken.signInResponseRefreshTokenPointer
+              provider.token.signInResponseTokenPointer
             } in ${JSON.stringify(response)}`
           )
           return
-        } else {
-          rawRefreshToken.value = extractedRefreshToken
         }
-      }
 
-      rawToken.value = extractedToken
+        // check if refereshTokenOnly
+        if (!configToken.refreshOnlyToken) {
+          const extractedRefreshToken = jsonPointerGet(
+            response,
+            provider.refreshToken.signInResponseRefreshTokenPointer
+          )
+          if (typeof extractedRefreshToken !== 'string') {
+            console.error(
+              `Auth: string token expected, received instead: ${JSON.stringify(
+                extractedRefreshToken
+              )}. Tried to find token at ${
+                provider.refreshToken.signInResponseRefreshTokenPointer
+              } in ${JSON.stringify(response)}`
+            )
+            return
+          } else {
+            rawRefreshToken.value = extractedRefreshToken
+          }
+        }
 
-      lastRefreshedAt.value = new Date()
+        rawToken.value = extractedToken
+
+        lastRefreshedAt.value = new Date()
+      } catch (err) {
+        rawRefreshToken.value = null
+        rawToken.value = null
+      }
     }
   }
 })

src/runtime/types.ts

@@ -201,8 +201,9 @@ export type ProviderLocalRefresh = Omit<ProviderLocal, 'type'> & {
   /**
    *  When refreshOnlyToken is set, only the token will be refreshed
    *
+   * @default true
    */
-  refreshOnlyToken?: true;
+  refreshOnlyToken?: boolean;
 
   refreshToken?: {
     /**