Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide a clean mechanism to lock refresh tokens to sdk versions #1074

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Provide a clean mechanism to lock refresh tokens to sdk versions #1074

wants to merge 3 commits into from
+309 −63

Conversation

ericanderson
Copy link
Member

@ericanderson ericanderson commented Jan 7, 2025
edited
Loading

Fixes #1073

Example usage would be:

import { $osdkMetadata } from "@mygenerated/osdk";

createPublicOauthClient(myClientId, foundryUrl, "/auth/callback", { refreshTokenMarker: $osdkMetadata.extraUserAgent });

@ericanderson ericanderson linked an issue Jan 7, 2025 that may be closed by this pull request
Tokens with outdated permissions cause 403 errors when user loads new version of app; provide way to get new token with new permissions on load #1073
Open
ericanderson
ericanderson commented Jan 7, 2025
View reviewed changes
packages/oauth/src/common.test.ts
$refreshTokenMarker: undefined,
};

const oldLocalStorageKey = `@osdk/oauth : refresh : ${client.client_id}`;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ensure that people not using this feature won't get logged out on upgrade of @osdk/oauth

packages/oauth/src/common.test.ts Outdated
$refreshTokenMarker: "magic_marker_friend",
};

const localStorageKey =
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Make sure that if you do specify the refreshTokenMarker that it is used.

packages/oauth/src/common.ts
@@ -237,7 +243,7 @@ export function createAuthorizationServer(
| "revocation_endpoint"
>
> {
const issuer = `${new URL(ctxPath, url)}`;
const issuer = `${new URL(ctxPath, url + "/")}`;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix an issue where Tim's tests weren't working if you forgot trailing slash

packages/oauth/package.json
@@ -24,6 +24,7 @@
"clean": "rm -rf lib dist types build tsconfig.tsbuildinfo",
"fix-lint": "eslint . --fix && dprint fmt --config $(find-up dprint.json)",
"lint": "eslint . && dprint check --config $(find-up dprint.json)",
"test": "vitest run --pool=forks",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Tim's changes were not properly failing build due to this not being present.

@ericanderson ericanderson changed the title Provide a clean mechanism to lock refresh tokens to generated sdk ver… Provide a clean mechanism to lock refresh tokens to sdk versions Jan 7, 2025
ssanjay1
ssanjay1 previously approved these changes Jan 8, 2025
View reviewed changes
@policy-bot policy-bot bot dismissed ssanjay1’s stale review January 8, 2025 20:27

Invalidated by push of d717767

@ericanderson ericanderson force-pushed the 1073-tokens-with-outdated-permissions-cause-403-errors-when-user-loads-new-version-of-app-provide-way-to-get-new-token-with-new-permissions-on-load branch from 1c60479 to dee814c Compare January 13, 2025 22:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ssanjay1 ssanjay1 ssanjay1 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@ericanderson @ssanjay1