Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix refresh for static site scenario #292

Merged
merged 1 commit into from
Sep 25, 2024

Conversation

ottokruse
Copy link
Collaborator

@ottokruse ottokruse commented Sep 16, 2024

Issue #, if available: #285

Description of changes: Changed the way refresh works so that it also works in static site and other scenario's where checkauth handler cannot "see" the refresh token cookie--if it was limited to be sent to the refresh path only. Instead we now try the refresh always. To prevent an infinite loop in case refresh would fail, we rely on the presence of a marker cookie.

Success scenario:

  1. at requested path: check JWT, if JWT expired --> redirect to refresh path
  2. at refresh path: attempt refresh --> OK --> set new JWTs in cookies, redirect back to requested path
  3. at requested path: check JWT, now OK

Refresh fails scenario:

  1. at requested path: check JWT, if JWT expired --> redirect to refresh path
  2. at refresh path: attempt refresh --> Failure --> set marker cookie "refresh failed", redirect back to requested path
  3. at requested path: check JWT, still expired, but marker cookie "refresh failed" present, so --> redirect to Cognito Hosted UI for sign in

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@ottokruse ottokruse merged commit d5a7704 into aws-samples:master Sep 25, 2024
@ottokruse ottokruse deleted the refresh-marker-cookie branch September 25, 2024 05:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant