-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(auth): improve error handling while refreshing auth tokens #12802
Conversation
}); | ||
}); | ||
|
||
describe('negative cases', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In all the test cases, should we checking for the failure hub event to be dispatched as well along with the throwing of the error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the refreshToken doesn't dispatches hub events. Probably we can test that use case in the token orchestrator
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -384,7 +384,7 @@ | |||
"name": "[Auth] confirmSignIn (Cognito)", | |||
"path": "./dist/esm/auth/index.mjs", | |||
"import": "{ confirmSignIn }", | |||
"limit": "25.70 kB" | |||
"limit": "25.89 kB" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: why are we increasing the limits in this PR?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some APIs depend on fetchAuthSession
and adding additional code to that API might result in a bundle size bump
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, one nit
78341ac
Co-authored-by: Jim Blanchard <jim.l.blanchard@gmail.com>
@@ -113,3 +127,16 @@ export interface OAuthStore { | |||
clearOAuthInflightData(): Promise<void>; | |||
clearOAuthData(): Promise<void>; | |||
} | |||
function isAuthenticated(tokens?: CognitoAuthTokens | null) { | |||
return tokens?.accessToken && tokens?.idToken; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be ||
Description of changes
Main changes:
implicit grant
oauth flow.tokenRefresh_failure
event when the refresh_token is expired.Issue #, if available
Description of how you validated changes
refresh_token
in the Cognito console and was able to see that therefreshToken_failure
event was dispatchedChecklist
yarn test
passesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.