OIDC: refresh tokens (#11699)
* test persistCredentials without a pickle key * test setLoggedIn with pickle key * lint * type error * extract token persisting code into function, persist refresh token * store has_refresh_token too * pass refreshToken from oidcAuthGrant into credentials * rest restore session with pickle key * retreive stored refresh token and add to credentials * extract token decryption into function * remove TODO * very messy poc * comments * prettier * comment pedantry * working refresh without persistence * extract token persistence functions to utils * add sugar * implement TokenRefresher class with persistence * tidying * persist idTokenClaims * persist idTokenClaims * tests * remove unused cde * create token refresher during doSetLoggedIn * tidying * also tidying * update Lifecycle test replaceUsingCreds calls * tidy * test tokenrefresher creation in login flow * test token refresher * Update src/utils/oidc/TokenRefresher.ts Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * use literal value for m.authentication Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * improve comments --------- Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
This commit is contained in:
Kerry
GitHub
parent
d115e3c7f8
commit
3a025c4b21
7 changed files with 426 additions and 71 deletions
|
|
@ -27,6 +27,7 @@ import {
|
|||
IStartClientOpts,
|
||||
MatrixClient,
|
||||
MemoryStore,
|
||||
TokenRefreshFunction,
|
||||
} from "matrix-js-sdk/src/matrix";
|
||||
import * as utils from "matrix-js-sdk/src/utils";
|
||||
import { verificationMethods } from "matrix-js-sdk/src/crypto";
|
||||
|
|
@ -122,8 +123,10 @@ export interface IMatrixClientPeg {
|
|||
* homeserver / identity server URLs and active credentials
|
||||
*
|
||||
* @param {IMatrixClientCreds} creds The new credentials to use.
|
||||
* @param {TokenRefreshFunction} tokenRefreshFunction OPTIONAL function used by MatrixClient to attempt token refresh
|
||||
* see {@link ICreateClientOpts.tokenRefreshFunction}
|
||||
*/
|
||||
replaceUsingCreds(creds: IMatrixClientCreds): void;
|
||||
replaceUsingCreds(creds: IMatrixClientCreds, tokenRefreshFunction?: TokenRefreshFunction): void;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -196,8 +199,8 @@ class MatrixClientPegClass implements IMatrixClientPeg {
|
|||
}
|
||||
}
|
||||
|
||||
public replaceUsingCreds(creds: IMatrixClientCreds): void {
|
||||
this.createClient(creds);
|
||||
public replaceUsingCreds(creds: IMatrixClientCreds, tokenRefreshFunction?: TokenRefreshFunction): void {
|
||||
this.createClient(creds, tokenRefreshFunction);
|
||||
}
|
||||
|
||||
private onUnexpectedStoreClose = async (): Promise<void> => {
|
||||
|
|
@ -378,11 +381,13 @@ class MatrixClientPegClass implements IMatrixClientPeg {
|
|||
});
|
||||
}
|
||||
|
||||
private createClient(creds: IMatrixClientCreds): void {
|
||||
private createClient(creds: IMatrixClientCreds, tokenRefreshFunction?: TokenRefreshFunction): void {
|
||||
const opts: ICreateClientOpts = {
|
||||
baseUrl: creds.homeserverUrl,
|
||||
idBaseUrl: creds.identityServerUrl,
|
||||
accessToken: creds.accessToken,
|
||||
refreshToken: creds.refreshToken,
|
||||
tokenRefreshFunction,
|
||||
userId: creds.userId,
|
||||
deviceId: creds.deviceId,
|
||||
pickleKey: creds.pickleKey,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue