( credentialSetId: string, providerId: string )
| 648 | } |
| 649 | |
| 650 | export async function getCredentialsForCredentialSet( |
| 651 | credentialSetId: string, |
| 652 | providerId: string |
| 653 | ): Promise<CredentialSetCredential[]> { |
| 654 | logger.info(`Getting credentials for credential set ${credentialSetId}, provider ${providerId}`) |
| 655 | |
| 656 | const members = await db |
| 657 | .select({ userId: credentialSetMember.userId }) |
| 658 | .from(credentialSetMember) |
| 659 | .where( |
| 660 | and( |
| 661 | eq(credentialSetMember.credentialSetId, credentialSetId), |
| 662 | eq(credentialSetMember.status, 'active') |
| 663 | ) |
| 664 | ) |
| 665 | |
| 666 | logger.info(`Found ${members.length} active members in credential set ${credentialSetId}`) |
| 667 | |
| 668 | if (members.length === 0) { |
| 669 | logger.warn(`No active members found for credential set ${credentialSetId}`) |
| 670 | return [] |
| 671 | } |
| 672 | |
| 673 | const userIds = members.map((m) => m.userId) |
| 674 | logger.debug(`Member user IDs: ${userIds.join(', ')}`) |
| 675 | |
| 676 | const credentials = await db |
| 677 | .select({ |
| 678 | id: account.id, |
| 679 | userId: account.userId, |
| 680 | providerId: account.providerId, |
| 681 | accessToken: account.accessToken, |
| 682 | refreshToken: account.refreshToken, |
| 683 | accessTokenExpiresAt: account.accessTokenExpiresAt, |
| 684 | }) |
| 685 | .from(account) |
| 686 | .where(and(inArray(account.userId, userIds), eq(account.providerId, providerId))) |
| 687 | |
| 688 | logger.info( |
| 689 | `Found ${credentials.length} credentials with provider ${providerId} for ${members.length} members` |
| 690 | ) |
| 691 | |
| 692 | const results: CredentialSetCredential[] = [] |
| 693 | |
| 694 | for (const cred of credentials) { |
| 695 | const now = new Date() |
| 696 | const tokenExpiry = cred.accessTokenExpiresAt |
| 697 | const shouldRefresh = |
| 698 | !!cred.refreshToken && (!cred.accessToken || (tokenExpiry && tokenExpiry < now)) |
| 699 | |
| 700 | let accessToken = cred.accessToken |
| 701 | |
| 702 | if (shouldRefresh && cred.refreshToken) { |
| 703 | const fresh = await performCoalescedRefresh({ |
| 704 | accountId: cred.id, |
| 705 | providerId, |
| 706 | refreshToken: cred.refreshToken, |
| 707 | userId: cred.userId, |
no test coverage detected