Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure sso access token is always refreshed on expiry #1933

Merged
merged 8 commits into from
Sep 8, 2023
Merged

Ensure sso access token is always refreshed on expiry #1933

merged 8 commits into from
Sep 8, 2023

Conversation

OskarDamkjaer
Copy link
Contributor

@OskarDamkjaer OskarDamkjaer commented Sep 5, 2023
edited
Loading

Make sure we catch throw connectivity errors from background calls and add a fallback to refresh the accesstoken in the reconnection flow.

I also add end to end tests to make sure we don't accidentally break SSO in the future

In addition I solve a state where all queries fail with "client authorized", but Browser will still not trigger its lost connection flow.

There was a filter put in 6 years ago to not needlessly trigger the connection flow before the user was connected (so don't trigger on authorization errors) and a more general fix was put in place 3 years ago superseded that (only trigger flow if we are supposed to be connected). The first fix is no longer needed, but didn't do any harm - except if your access_token expires and you don't catch the first "TokenExpiredError" and only see the "Unauthorized" errors.

@OskarDamkjaer OskarDamkjaer merged commit 1b37e03 into neo4j:master Sep 8, 2023
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@OskarDamkjaer