Use auth hook to wire in session validation and token refresh#1
Closed
Use auth hook to wire in session validation and token refresh#1
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR implements session validation using authentication hooks to automatically verify and refresh OAuth tokens when needed. This ensures OAuth sessions remain valid without requiring manual intervention.
Key changes:
- Added
sessionValidateauth hook for automatic token refresh - Enhanced security with redirect validation to prevent open redirect attacks
- Updated session structure to use
authProviderandauthProviderMetadataformat
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/index.ts | Adds sessionValidate auth hook for automatic token refresh and session validation |
| src/lib/handlers.ts | Updates session handling to use new metadata format and adds redirect validation |
| src/lib/OAuthProvider.ts | Implements processCallback and refreshTokensWithMetadata methods for session management |
| src/types.ts | Extends interfaces with new auth hooks and security configuration options |
| test/lib/handlers.test.js | Updates test mocks and assertions to match new session structure |
| test/options-watcher.test.js | Adds auth mock object to test scope |
| README.md | Documents new security features and configuration options |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
heskew
changed the title
heskew
force-pushed
the
use-auth-hook
branch
from
f00f348 to
68a7d7a
Compare
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.