Support refreshing auth in Kobo script

brookback · brookback · commit 6152b5c5d828 · 2025-03-05T09:13:14.000+02:00
Untested!
diff --git a/script/fetch-kobo-wishlist.ts b/script/fetch-kobo-wishlist.ts
@@ -10,16 +10,10 @@ const TOKEN_PATH = './.kobo';
 // deno run --allow-net --allow-read --allow-write ./script/fetch-kobo-wishlist.ts
 const main = async () => {
     try {
-        const existingToken = await safeRead(TOKEN_PATH);
+        const auth = await acquireAccessToken();
 
-        if (existingToken) console.log('> Found existing access token');
-
-        const accessToken = existingToken || await acquireAccessToken();
-
-        if (!existingToken) await Deno.writeTextFile(TOKEN_PATH, accessToken);
-
-        const settings = await loadInitSettings(accessToken);
-        const wishlist = await fetchWishlist(accessToken, settings.user_wishlist);
+        const settings = await loadInitSettings(auth);
+        const wishlist = await fetchWishlist(auth, settings.user_wishlist);
 
         const books = wishlist.map<WishListBook>((w) => ({
             title: w.ProductMetadata.Book.Title,
@@ -47,17 +41,31 @@ const Kobo = {
         'Mozilla/5.0 (Linux; U; Android 2.0; en-us;) AppleWebKit/538.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/538.1 (Kobo Touch 0373/4.38.23171)',
 };
 
+interface Auth {
+    accessToken: string;
+    refreshToken: string;
+}
+
 // 1. authenticateDevice() with null creds
 // 2. login() does "activation"
 // 3. authenticateDevice() again with user from 1) and key from 2)
-const acquireAccessToken = async () => {
+const acquireAccessToken = async (): Promise<Auth> => {
+    const existingTokens = await readTokens(TOKEN_PATH);
+
+    if (existingTokens) {
+        console.log('> Found existing tokens');
+        return existingTokens;
+    }
+
     console.log('> Acquiring new access token');
     const { user } = await authenticateDevice(null, null);
     const userKey = await login();
 
-    const { accessToken } = await authenticateDevice(user, userKey);
+    const { auth } = await authenticateDevice(user, userKey);
+
+    if (!existingTokens) await writeTokens(auth);
 
-    return accessToken;
+    return auth;
 };
 
 const waitForActivation = async (activationUrl: string) => {
@@ -174,24 +182,25 @@ const authenticateDevice = async (user: User | null, userKey: string | null) =>
     }
 
     const accessToken: string = json.AccessToken;
+    const refreshToken: string = json.RefreshToken;
 
     if (userKey) {
         user.key = userKey;
     }
 
-    return { user, accessToken };
+    return { user, auth: { accessToken, refreshToken } };
 };
 
 type Settings = {
     user_wishlist: string;
     [k: string]: unknown;
 };
 
-const loadInitSettings = async (accessToken: string): Promise<Settings> => {
+const loadInitSettings = async (auth: Auth): Promise<Settings> => {
     const res = await fetch('https://storeapi.kobo.com/v1/initialization', {
         headers: {
             ...defaultHeaders(true),
-            ...authHeaders(accessToken),
+            ...authHeaders(auth.accessToken),
         },
     });
 
@@ -212,7 +221,60 @@ const login = async () => {
     return userKey;
 };
 
-const fetchWishlist = async (accessToken: string, wishlistUrl: string) => {
+const refreshAuth = async (auth: Auth): Promise<Auth> => {
+    const postData = {
+        'AppVersion': Kobo.ApplicationVersion,
+        'ClientKey': encodeBase64(Kobo.DefaultPlatformId),
+        'PlatformId': Kobo.DefaultPlatformId,
+        'RefreshToken': auth.refreshToken,
+    };
+
+    const res = await fetch('https://storeapi.kobo.com/v1/auth/refresh', {
+        method: 'POST',
+        body: JSON.stringify(postData),
+        headers: {
+            ...authHeaders(auth.accessToken),
+            ...defaultHeaders(true),
+        },
+    });
+
+    if (!res.ok) throw new Error(`authenticateDevice: Bad status ${res.status}`);
+
+    const json = await res.json();
+
+    if (json.TokenType != 'Bearer') {
+        throw new Error(`refreshAuth: returned with an unsupported token type: ${json.TokenType}`);
+    }
+
+    return { accessToken: json.AccessToken as string, refreshToken: json.RefreshToken as string };
+};
+
+const fetchWithRefresh = async (auth: Auth, input: RequestInfo | URL, init?: RequestInit) => {
+    const req = new Request(input, init);
+    const res = await fetch(req);
+
+    if (res.status != 401) return res;
+
+    console.log(`> Got status 401, refreshing auth`);
+
+    // Need to refresh auth
+    const newTokens = await refreshAuth(auth);
+    const retriedReq = req.clone();
+
+    const { Authorization: bearer } = authHeaders(newTokens.accessToken);
+    retriedReq.headers.set('Authorization', bearer);
+
+    const retried = await fetch(retriedReq);
+
+    if (retried.ok) {
+        console.log(`> Writing new auth tokens after refresh`);
+        await writeTokens(newTokens);
+    }
+
+    return retried;
+};
+
+const fetchWishlist = async (auth: Auth, wishlistUrl: string) => {
     const items = [];
     let page = 0;
 
@@ -221,10 +283,10 @@ const fetchWishlist = async (accessToken: string, wishlistUrl: string) => {
         url.searchParams.append('PageIndex', String(page));
         url.searchParams.append('PageSize', '100');
 
-        const res = await fetch(url, {
+        const res = await fetchWithRefresh(auth, url, {
             headers: {
                 ...defaultHeaders(true),
-                ...authHeaders(accessToken),
+                ...authHeaders(auth.accessToken),
             },
         });
 
@@ -271,9 +333,13 @@ const printOverwrite = async (str: string) => {
     await Deno.stdout.write(enc);
 };
 
-const safeRead = async (path: string) => {
+const readTokens = async (path: string): Promise<Auth | null> => {
     try {
-        return await Deno.readTextFile(path);
+        const str = await Deno.readTextFile(path);
+        if (!str.trim().length) return null;
+        const tokens = str.split('\n');
+        if (tokens.length < 2) return null;
+        return { accessToken: tokens[0], refreshToken: tokens[1] };
     } catch (ex) {
         if (!(ex instanceof Deno.errors.NotFound)) {
             throw ex;
@@ -283,6 +349,10 @@ const safeRead = async (path: string) => {
     }
 };
 
+const writeTokens = async (tokens: Auth) => {
+    await Deno.writeTextFile(TOKEN_PATH, `${tokens.accessToken}\n${tokens.refreshToken}`);
+};
+
 const randomHexString = (len: number) => {
     const bytes = new Uint8Array(len);
     crypto.getRandomValues(bytes);
