-
Notifications
You must be signed in to change notification settings - Fork 268
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(sdk): Add support for refresh tokens #892
Conversation
Codecov Report
@@ Coverage Diff @@
## main #892 +/- ##
==========================================
+ Coverage 79.38% 79.83% +0.45%
==========================================
Files 106 107 +1
Lines 14662 15052 +390
==========================================
+ Hits 11639 12017 +378
- Misses 3023 3035 +12
Continue to review full report at Codecov.
|
f05095b
to
c67c04c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Didn't fully review, just a small note
I think poljar had some thoughts on this, though let me know if I should do a full review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks heaps. In particular appreciate all these tests!
Two things need to change though:
- naming things: I find
SessionIds
confusing, maybe we can opt ofSessionInfo
orSessionMeta
instead? - changing
Session
means we need to add migrations for the stores to prevent a forced login when coming with an old. Would be great to add an integration test for it. You think you'll be able to add migrations for the stores?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ignore my migration request, only the error passing missing, the this is ready for merge IMHO.
This force push was to rebase on main because GitHub complained there was a conflict. |
Refresh tokens are for when access tokens have an expiry date. It allows to request a new access token without logging again. It's part of the spec since v1.3 and is a prerequisite for #859.
Some refactoring of
Session
was necessary to be able to make the tokens mutable. We could use a single method to expose the tokens asReadOnlyMutable
in the client, but I thought it would be easier to grasp it with separate methods for users that don't know how thefutures-signals
crate works.We give the option for the
Client
to refresh the tokens automatically. It's not enabled by default to be conservative and avoid the user holding an obsolete refresh token.