Skip to content
This repository has been archived by the owner on Oct 24, 2024. It is now read-only.

feat: handle onSessionExpired, add isAuthenticated option #648

Merged
merged 3 commits into from
Jan 17, 2020
Merged

feat: handle onSessionExpired, add isAuthenticated option #648

merged 3 commits into from
Jan 17, 2020

Conversation

aarongranick-okta
Copy link
Contributor

@aarongranick-okta aarongranick-okta commented Jan 11, 2020
edited
Loading

Adds a default handler for onSessionExpired
Adds a new option isAuthenticated which works with onAuthRequired

Also:

  • expose TokenManager
  • add documentation for postLogoutRedirectUri
  • add missing unit tests
  • minor refactor (okta-vue)

PR Checklist

Please check if your PR fulfills the following requirements:

  • The commit message follows our guidelines
  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Adding Tests
  • Build related changes
  • CI related changes
  • Documentation changes
  • Other... Please describe:

What is the current behavior?

Currently failure while auto-renewing a token will emit an "error" event from the okta-auth-js internal TokenManager. This behavior is unchanged, however TokenManager was not exposed by this SDK, nor was this behavior documented, so it was previously very difficult or impossible to listen for this event using this SDK. If the session has expired, the user will need to reload the page to re-enter login flow.

Issue Number: 257120

What is the new behavior?

A default handler is added for onSessionExpired (option was added in [email protected])

This is called in the case of session is expired or was closed outside the application. Currently this will only be detected if there is failure to renew accessToken when autoRenew is true.

Does this PR introduce a breaking change?

  • Yes
  • No

(see notes above. I consider unhandled session expiration to be a bug. If a customer was accessing the TokenManager and listening to the event (as a workaround) they no longer need to do this)

Other information

Reviewers

@aarongranick-okta aarongranick-okta mentioned this pull request Jan 13, 2020
Closed
14 tasks
swiftone
swiftone approved these changes Jan 13, 2020
View reviewed changes
Copy link
Contributor

@swiftone swiftone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Important doc updates here.

@aarongranick-okta aarongranick-okta merged commit 40155af into master Jan 17, 2020
@aarongranick-okta aarongranick-okta deleted the ag-session-expired-OKTA-257120 branch January 17, 2020 18:13
@geekytime
Copy link

Is there any chance that we can get a new version of @okta/okta-vue published soon that includes these changes?

@swiftone
Copy link
Contributor

@geekytime - Yes, that's an entirely reasonable request! Give us a bit to get the ducks in a row, and we'll take care of that.

@swiftone
Copy link
Contributor

@geekytime - https://github.com/okta/okta-oidc-js/releases/tag/%40okta%2Fokta-vue%401.3.0

Thanks for pointing out our oversight!

@snyk-bot snyk-bot mentioned this pull request Mar 21, 2020
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@swiftone swiftone swiftone approved these changes

@robertjd robertjd Awaiting requested review from robertjd

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aarongranick-okta @geekytime @swiftone