Skip to content

feat(auth): add handling for oauth token skew time#63

Merged
sufyankhanrao merged 2 commits intomainfrom
62-oauth-skew-time-support
May 30, 2024
Merged

feat(auth): add handling for oauth token skew time#63
sufyankhanrao merged 2 commits intomainfrom
62-oauth-skew-time-support

Conversation

@sufyankhanrao
Copy link
Copy Markdown
Collaborator

@sufyankhanrao sufyankhanrao commented May 28, 2024
edited
Loading

What

This PR updates the is_token_expired utility method to minimize the impact of clock skew between client and server during OAuth token validation.

Why

  1. Honors provided skew buffer.
  2. Accounts for round-trip time for a more accurate expiry calculation. Improves token validation reliability and reduces unnecessary token refreshes.

Closes #62

Type of change

Select multiple if applicable.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause a breaking change)
  • Tests (adds or updates tests)
  • Documentation (adds or updates documentation)
  • Refactor (style improvements, performance improvements, code refactoring)
  • Revert (reverts a commit)
  • CI/Build (adds or updates a script, change in external dependencies)

Dependency Change

If a new dependency is being added, please ensure that it adheres to the following guideline https://github.com/apimatic/apimatic-codegen/wiki/Policy-of-adding-new-dependencies-in-the-core-libraries

Breaking change

If the PR is introducing a breaking change, please ensure that it adheres to the following guideline https://github.com/apimatic/apimatic-codegen/wiki/Guidelines-for-maintaining-core-libraries

Testing

List the steps that were taken to test the changes

Checklist

  • My code follows the coding conventions
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have added new unit tests

@sufyankhanrao
feat(auth): add handling for oauth token skew time
d33370c 
This commit updates the get_token_expiry method to minimize the impact of clock skew between client and server during OAuth token validation.

Removes fixed skew buffer addition.
Implements logic to retrieve server time for expiry calculation (implementation details depend on the OAuth library).
Accounts for round-trip time for a more accurate expiry calculation.
Improves token validation reliability and reduces unnecessary token refreshes.

closes #62
@sufyankhanrao sufyankhanrao added the enhancement New feature or request label May 28, 2024
@sufyankhanrao sufyankhanrao self-assigned this May 28, 2024
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 29, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@sufyankhanrao sufyankhanrao requested a review from asadali214 May 29, 2024 11:46
asadali214
asadali214 approved these changes May 30, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@asadali214 asadali214 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sufyankhanrao sufyankhanrao merged commit ee63212 into main May 30, 2024
@sufyankhanrao sufyankhanrao deleted the 62-oauth-skew-time-support branch May 30, 2024 06:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@asadali214 asadali214 asadali214 approved these changes

Assignees

@sufyankhanrao sufyankhanrao

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement Skew Time for OAuth Token Expiry

2 participants

@sufyankhanrao @asadali214