Realm Web: Refresh access token #3020
Conversation
kraenhansen
force-pushed
the
kh/web/refresh-access-token
branch
2 times, most recently
from
dfbdae6 to
99cc607
Compare
kraenhansen
force-pushed
the
kh/web/more-credentials
branch
from
6d12656 to
98e6ade
Compare
kraenhansen
force-pushed
the
kh/web/refresh-access-token
branch
from
99cc607 to
87ca3a9
Compare
packages/realm-web/src/App.test.ts
Outdated
| }, | ||
| { bar: "baz" }, | ||
| ]); | ||
| // Login with an aanonymous user |
There was a problem hiding this comment.
| // Login with an aanonymous user | |
| // Login with an anonymous user |
packages/realm-web/src/User.ts
Outdated
| this._accessToken = accessToken; | ||
| this.storage.accessToken = accessToken; | ||
| } else { | ||
| throw new Error("Expected a 'access_token' in the response"); |
There was a problem hiding this comment.
| throw new Error("Expected a 'access_token' in the response"); | |
| throw new Error("Expected an 'access_token' in the response"); |
| @@ -124,6 +88,8 @@ export class DefaultNetworkTransport implements NetworkTransport { | |||
| contentType.startsWith("application/json") | |||
| ) { | |||
| throw new MongoDBRealmError( | |||
| request.method, | |||
| request.url, | |||
| response.status, | |||
| response.statusText, | |||
| await response.json(), | |||
There was a problem hiding this comment.
(void comment) Is this actually awaited before thrown? I'm more & more impressed with TS.
There was a problem hiding this comment.
Is what awaited? (or is your "void comment" because I forced pushed a change? 😺 )
| const credentials = Credentials.anonymous(); | ||
| await app.logIn(credentials, false); | ||
| // Send a request (which will fail) | ||
| try { |
There was a problem hiding this comment.
I think this try/catch could be simplified with chai-as-promised (not tested though):
expect(app.functions.foo({ bar: "baz" })).eventually.throws(MongoDBRealmError)
.property("message", "Request failed (POST http://invalid): invalid session (status 401)");There was a problem hiding this comment.
Yeah I agree, I did have a look at it when writing this. I didn't like the way they're loading in that plugin.
| const { access_token: accessToken } = response; | ||
| if (typeof accessToken === "string") { | ||
| this._accessToken = accessToken; | ||
| this.storage.accessToken = accessToken; |
There was a problem hiding this comment.
Why store it in 2 places? Is this._accessToken to allow continued use in different tabs?
There was a problem hiding this comment.
this.storage persists it to local storage. It's very frequently used and I don't want to hit localStorage on every request to the server, so the user stores its token as a property as well, which is hydrated from the storage at its convenience.
| user && | ||
| retries === 0 && | ||
| err instanceof MongoDBRealmError && | ||
| err.statusCode === 401 |
There was a problem hiding this comment.
Could there be a case where the endpoint returns 403 (forbidden) from an outdated token - if a user has been granted new/extended access, but the client has not updated its access token yet?
(I guess this depends on how much of the access rights are stored in the JWT).
There was a problem hiding this comment.
I don't think so ... it seems to me only 401 are returned when a refresh of the access token would resolve the issue.
| fetchAndParse<RequestBody extends any, ResponseBody extends any>( | ||
| request: Request<RequestBody>, | ||
| ): Promise<ResponseBody>; | ||
| fetchWithCallbacks<RequestBody extends any>( |
There was a problem hiding this comment.
Just wondering why fetch with parsing is promise-based, and fetch without parsing (or limited parsing) is callback-based?
There was a problem hiding this comment.
Because when Realm JS is using this, its easier to consume from JS if a handler can be passed when invoked instead of having to call methods on the returned promise. Makes sense?
kraenhansen
force-pushed
the
kh/web/refresh-access-token
branch
from
87ca3a9 to
743b71d
Compare
kraenhansen
force-pushed
the
kh/web/more-credentials
branch
2 times, most recently
from
97777a8 to
65e2025
Compare
kraenhansen
force-pushed
the
kh/web/refresh-access-token
branch
from
743b71d to
97731f8
Compare
|
I just published realm-network-transport v0.6.0 off this branch. |
kraenhansen
force-pushed
the
kh/web/more-credentials
branch
from
65e2025 to
a9e52ca
Compare
kraenhansen
force-pushed
the
kh/web/refresh-access-token
branch
from
abd3a52 to
0719c04
Compare
What, How & Why?
This fixes the first part of #2965 (refreshing tokens upon the first 401 response.
Note: This should be rebased on
v10once the current base has been merged.☑️ ToDos
Compatibilitylabel is updated or copied from previous entryBreakinglabel has been applied or is not necessary