Skip to content

108 refresh token #114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

108 refresh token #114

wants to merge 2 commits into from

Conversation

mkiki
Copy link
Contributor

@mkiki mkiki commented Oct 1, 2024

Description

According to the documentation, the refreshClient function should be called when the ACC session expires due to token expiration. This allows the client to refresh the token and retry the failed SOAP call.
When the token expires, the refresh callback never called, and the sdk returns a 500 Internal Server Error.

Related Issue

#108

How Has This Been Tested?

New unit tests

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • I have signed the Adobe Open Source CLA.
  • My code follows the code style of this project.
  • [N/A] My change requires a change to the documentation.
  • [N/A] I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

sewagner-adobe
sewagner-adobe reviewed Oct 1, 2024
View reviewed changes
src/campaign.js
// 401 error code is hidden in error message and incorrectly reported as HTTP 500 error causing the refresh token
// callback not to be called
// Extract specific error code if possible
if (errorCode == "SOP-330007" && errorMessage && errorMessage.indexOf("XSV-350114") != -1 && errorMessage.indexOf(" 401") != -1) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess the space character before 401 is there on purpose, maybe we could encode it (\u0020) to prevent any unwanted removal.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optionally comparisons can be made strong with ===

kvikram1988
kvikram1988 requested changes Oct 1, 2024
View reviewed changes
src/campaign.js
// 401 error code is hidden in error message and incorrectly reported as HTTP 500 error causing the refresh token
// callback not to be called
// Extract specific error code if possible
if (errorCode == "SOP-330007" && errorMessage && errorMessage.indexOf("XSV-350114") != -1 && errorMessage.indexOf(" 401") != -1) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use a const for SOP-330007 as IMS_TOKEN_EXPIRY_CODE and then we can add it to comparison.
Create a separate function to check if it is a token expiry errorMessage. The function will take the errorMessage, check for null and other validations. It'll return true/false based on that.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

`// Define constants for error codes
const IMS_TOKEN_EXPIRY_CODE = "SOP-330007";
const TOKEN_EXPIRED_IDENTIFIER = "XSV-350114";
const UNAUTHORIZED_CODE = " 401";

function isTokenExpiryError(errorMessage) {
if (!errorMessage) {
return false; // Return false if errorMessage is null or undefined
}

return errorMessage.includes(TOKEN_EXPIRED_IDENTIFIER) && errorMessage.includes(UNAUTHORIZED_CODE);

}

// Main logic
if (errorCode === IMS_TOKEN_EXPIRY_CODE && isTokenExpiryError(errorMessage)) {
// Handle token expiry logic here
}
`

src/campaign.js
try {
const jwt = Util.decodeJwtToken(call._bearerToken);
if (jwt) {
const createdAt = +jwt.created_at;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I hope this time is in milliseconds as Date.now is in milliseconds.

src/campaign.js
const jwt = Util.decodeJwtToken(call._bearerToken);
if (jwt) {
const createdAt = +jwt.created_at;
const expiresIn = +jwt.expires_in;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we create a small helper method to check if JWT is expired just to divide the responsibility of the method

src/util.js
try {
const base64Url = parts[1];
const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
const jsonPayload = decodeURIComponent(atob(base64).split('').map(function(c) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

atob and btoa won't work in NodeJS server I think

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sewagner-adobe sewagner-adobe sewagner-adobe left review comments

@kvikram1988 kvikram1988 kvikram1988 requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mkiki @kvikram1988 @sewagner-adobe