Remove dependency on openid-client@4.9
#151
Comments
paulius-valiunas
changed the title
openid-client@4.9
|
@calebmshafer @wgoehrig @ben-polinsky any preference as to which way to proceed? |
|
It'd be nice if the library allowed us to provide our own agent. Found your discussion thread with the maintainer :) You're right the error handling is tough, but if we have confidence in what got is doing, can't we upgrade openid-client and then copy got's retry implementation, or at least use its error handling as a guide? |
we could, but the file you linked only contains the error classes that are constructed and thrown from all over their code base, and I don't think untangling all of that would be much easier than handling node:http errors. If I were to implement this logic, I would rather attach a debugger, try to reproduce a few different errors and then use https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md as a guide. The source code of got would still be useful because I could look up specific node.js error codes when I'm unsure which one to use. |
|
I think I also lean toward option two - getting rid of the package. |
|
Released in @itwin/oidc-signin-tool_v4.0.0 and @itwin/service-authorization_v1.0.0 |
This version of the package doesn't work well with ES Modules and will potentially have security vulnerabilities as it's not actively maintained. There are two potential solutions:
gottonode:httpand removed retry support - we would have to add our own retry logic and nodejs documentation is not helpful at all for understanding the kind of errors we should handleThe text was updated successfully, but these errors were encountered: