Skip to content

/ ghostery-search-extension

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: Refresh access_token if expired #24

Merged
merged 9 commits into from Nov 5, 2020
+15 −2
Merged

Fix: Refresh access_token if expired #24

Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
ec1a1e0
try to refresh token if get fails
fcjr Nov 5, 2020
8153363
fix race condition
fcjr Nov 5, 2020
5161065
retry fetch properly if recieved 401
fcjr Nov 5, 2020
e84525c
add early return
fcjr Nov 5, 2020
bffc2e5
move refresh to cookieListener
fcjr Nov 5, 2020
38b17bb
remove extra whitespace
fcjr Nov 5, 2020
86b9395
avoid exponential growth of token pool
fcjr Nov 5, 2020
9d5af50
update comment
fcjr Nov 5, 2020
133de00
add back extra refresh
fcjr Nov 5, 2020
File filter
Filter file types
Jump to
Jump to file
Failed to load files.

Always

Just for now

7 src/background.js
View file
Open in desktop
@@ -50,6 +50,9 @@ const cookieListener = (changeInfo) => {

if (removed) {
AccessToken.destroy();
// try to refresh the token incase remove was caused by
// token expiring
AccessToken.refresh();
return;
}

@@ -64,6 +67,10 @@ const lookForAccessToken = async () => {
});
if (cookie) {
AccessToken.set(cookie.value);
} else {
// if token is not found on startup try to refresh
// as it can just be expired
AccessToken.refresh();
};
}

10 src/token-pool.js
View file
Open in desktop
@@ -1,4 +1,5 @@
const PUBLIC_EXP = 65537;
const MIN_TOKENS = 6;

function bnToBase64(bn) {
return sjcl.codec.base64.fromBits(bn.toBits());
@@ -16,7 +17,7 @@ class TokenPool {
async getToken() {
if (this.tokens.length === 0) {
await this.generateTokens();
} else if (this.tokens.length < 6) {
} else if (this.tokens.length < MIN_TOKENS) {
this.generateTokens();
}
return this.tokens.pop();
@@ -39,6 +40,11 @@ class TokenPool {
}

async generateTokens() {
// avoid endless growth of the token pool
if (this.tokens.length >= MIN_TOKENS) {
return;
}

const accessToken = AccessToken.get();
if (!accessToken) {
return;
@@ -83,7 +89,7 @@ class TokenPool {
});
console.warn(`Adding ${res.length} tokens to acquired pool`);
this.tokens.push(...res);
} else if (response.status === 401){
This conversation was marked as resolved by fcjr

This comment has been minimized.

Sign in to view
@sammacbeth

sammacbeth Nov 5, 2020
Contributor

A 401 from the token endpoint means that the access token is expired. Don't we also need to handle this case by forcing a refresh? Cookies are not always deleted immediately on expiry, so we could exhaust our tokens before the cookie listener is called. It would be possible to trigger it by manually deleting the cookie with the cookie API.

This comment has been minimized.

Sign in to view
@fcjr

fcjr Nov 5, 2020
Author Member

Ah yeah, added this back
} else if (response.status === 401) {
// refresh the access token. This will call generateTokens if the refresh is successful
AccessToken.refresh();
}
ProTip! Use n and p to navigate between commits in a pull request.