Skip to content
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.

OIDC: persist refresh token #11249

Merged
merged 24 commits into from
Sep 19, 2023
Merged

OIDC: persist refresh token #11249

merged 24 commits into from
Sep 19, 2023

Conversation

kerryarchibald
Copy link
Contributor

@kerryarchibald kerryarchibald commented Jul 12, 2023
edited by github-actions bot
Loading

For element-hq/element-web#25708

With element-hq/element-web#25783

Persist refresh token beside accessToken when it is present in credentials.

Checklist

  • Tests written for new code (and old code if feasible)
  • Linter and other CI checks pass
  • Sign-off given on the changes (see CONTRIBUTING.md)

Here's what your changelog entry will look like:

✨ Features

@kerryarchibald kerryarchibald added the T-Enhancement New features, changes in functionality, performance boosts, user-facing improvements label Jul 12, 2023
Base automatically changed from kerry/25708/test-persist-credentials to develop July 19, 2023 08:04
@kerryarchibald kerryarchibald marked this pull request as ready for review July 19, 2023 09:31
@kerryarchibald kerryarchibald requested a review from a team as a code owner July 19, 2023 09:31
@kerryarchibald kerryarchibald changed the title [WIP] OIDC: persist refresh token OIDC: persist refresh token Jul 19, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 19, 2023
View reviewed changes
src/Lifecycle.ts Dismissed Show dismissed Hide dismissed
src/Lifecycle.ts Dismissed Show dismissed Hide dismissed
src/Lifecycle.ts Dismissed Show dismissed Hide dismissed
src/Lifecycle.ts Dismissed Show resolved Hide resolved
src/Lifecycle.ts Dismissed Show resolved Hide resolved
src/Lifecycle.ts Dismissed Show dismissed Hide dismissed
richvdh
richvdh suggested changes Jul 20, 2023
View reviewed changes
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/utils/oidc/authorize.ts Show resolved Hide resolved
src/utils/oidc/authorize.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
richvdh
richvdh suggested changes Jul 25, 2023
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some more nitpicking about comments and documentation. Let's be nice to future maintainers when we/they have to understand this code in a few months' time.

src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts
@@ -780,16 +790,18 @@ class AbortLoginAndRebuildStorage extends Error {}
*
* @param storageKey key used to store the token
* @param name eg "access_token" used as initialization vector during encryption
* @param token
* only used when pickleKey is present to encrypt with
* @param token the token to store, when undefined any existing token at the storageKey is removed from storage
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* @param token the token to store, when undefined any existing token at the storageKey is removed from storage
* @param token The token to store. When undefined, any existing token at the `storageKey` is removed from storage.

src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
src/Lifecycle.ts Outdated Show resolved Hide resolved
Kerry and others added 3 commits September 18, 2023 11:51
@richvdh
Update src/Lifecycle.ts
e2d2d33 
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Merge branch 'develop' into kerry/25708/save-refresh-token
678815d
comments
1f903c9
@kerryarchibald
Copy link
Contributor Author

@richvdh back after a long hiatus, thanks for your review!

richvdh
richvdh reviewed Sep 18, 2023
View reviewed changes
src/Lifecycle.ts
@@ -869,17 +869,16 @@ class AbortLoginAndRebuildStorage extends Error {}
* Stores in idb, falling back to localStorage
*
* @param storageKey key used to store the token
* @param name eg "access_token" used as initialization vector during encryption
* only used when pickleKey is present to encrypt with
* @param initializationVector Initialization vector for encrypting the token. Only used when `pickleKey` is present
* @param token the token to store, when undefined any existing token at the storageKey is removed from storage
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this could still use clarification

richvdh
richvdh approved these changes Sep 18, 2023
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm otherwise, thanks!

@kerryarchibald kerryarchibald added this pull request to the merge queue Sep 19, 2023
Merged via the queue into develop with commit 46072ca Sep 19, 2023
76 checks passed
@kerryarchibald kerryarchibald deleted the kerry/25708/save-refresh-token branch September 19, 2023 00:41
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Sep 30, 2023
@Midar
Update chat/element-web to 1.11.45
d259ee9 
Changes in [1.11.45](https://github.com/vector-im/element-web/releases/tag/v1.11.45) (2023-09-29)
=================================================================================================

## 🐛 Bug Fixes
 * Fix Emoji font on Safari 17 ([\#11673](matrix-org/matrix-react-sdk#11673)).

Changes in [1.11.44](https://github.com/vector-im/element-web/releases/tag/v1.11.44) (2023-09-26)
=================================================================================================

## ✨ Features
 * Make video & voice call buttons pin conference widget if unpinned ([\#11576](matrix-org/matrix-react-sdk#11576)). Fixes vector-im/customer-retainer#72.
 * OIDC: persist refresh token ([\#11249](matrix-org/matrix-react-sdk#11249)). Contributed by @kerryarchibald.
 * ElementR: Cross user verification ([\#11364](matrix-org/matrix-react-sdk#11364)). Fixes #25752. Contributed by @florianduros.
 * Default intentional mentions ([\#11602](matrix-org/matrix-react-sdk#11602)).
 * Notify users about denied access on ask-to-join  rooms ([\#11480](matrix-org/matrix-react-sdk#11480)). Contributed by @nurjinjafar.
 * Allow setting knock room directory visibility ([\#11529](matrix-org/matrix-react-sdk#11529)). Contributed by @charlynguyen.

## 🐛 Bug Fixes
 * Revert "Fix regression around FacePile with overflow (#11527)" ([\#11634](matrix-org/matrix-react-sdk#11634)). Fixes #26209.
 * Escape placeholder before injecting it into the style ([\#11607](matrix-org/matrix-react-sdk#11607)).
 * Move ViewUser action callback to RoomView ([\#11495](matrix-org/matrix-react-sdk#11495)). Fixes #26040.
 * Fix room timeline search toggling behaviour edge case ([\#11605](matrix-org/matrix-react-sdk#11605)). Fixes #26105.
 * Avoid rendering view-message link in RoomKnocksBar unnecessarily ([\#11598](matrix-org/matrix-react-sdk#11598)). Contributed by @charlynguyen.
 * Use knock rooms sync to reflect the knock state ([\#11596](matrix-org/matrix-react-sdk#11596)). Fixes #26043 and #26044. Contributed by @charlynguyen.
 * Fix avatar in right panel not using the correct font ([\#11593](matrix-org/matrix-react-sdk#11593)). Fixes #26061. Contributed by @MidhunSureshR.
 * Add waits in Spotlight Cypress tests, hoping this unflakes them ([\#11590](matrix-org/matrix-react-sdk#11590)). Fixes #26053, #26140 #26139 and #26138. Contributed by @andybalaam.
 * Fix vertical alignment of default avatar font ([\#11582](matrix-org/matrix-react-sdk#11582)). Fixes #26081.
 * Fix avatars in public room & space search being flex shrunk ([\#11580](matrix-org/matrix-react-sdk#11580)). Fixes #26133.
 * Fix EventTile avatars being rendered with a size of 0 instead of hidden ([\#11558](matrix-org/matrix-react-sdk#11558)). Fixes #26075.

Changes in [1.11.43](https://github.com/vector-im/element-web/releases/tag/v1.11.43) (2023-09-15)
=================================================================================================

(No changes - bumping the version number for an element-desktop release.)

Changes in [1.11.42](https://github.com/vector-im/element-web/releases/tag/v1.11.42) (2023-09-13)
=================================================================================================

## 🐛 Bug Fixes
 * Update Compound to fix Firefox-specific avatar regression ([\#11604](matrix-org/matrix-react-sdk#11604)). Fixes #26155.

Changes in [1.11.41](https://github.com/vector-im/element-web/releases/tag/v1.11.41) (2023-09-12)
=================================================================================================

## 🦖 Deprecations
 * Deprecate customisations in favour of Module API ([\#25736](element-hq/element-web#25736)). Fixes #25733.

## ✨ Features
 * Make SVGR icons use forward ref ([\#26082](element-hq/element-web#26082)).
 * Add support for rendering a custom wrapper around Element ([\#25537](element-hq/element-web#25537)). Contributed by @maheichyk.
 * Allow creating public knock rooms ([\#11481](matrix-org/matrix-react-sdk#11481)). Contributed by @charlynguyen.
 * Render custom images in reactions according to MSC4027 ([\#11087](matrix-org/matrix-react-sdk#11087)). Contributed by @sumnerevans.
 * Introduce room knocks bar ([\#11475](matrix-org/matrix-react-sdk#11475)). Contributed by @charlynguyen.
 * Room header UI updates ([\#11507](matrix-org/matrix-react-sdk#11507)). Fixes #25892.
 * Remove green "verified" bar for encrypted events ([\#11496](matrix-org/matrix-react-sdk#11496)).
 * Update member count on room summary update ([\#11488](matrix-org/matrix-react-sdk#11488)).
 * Support for E2EE in Element Call  ([\#11492](matrix-org/matrix-react-sdk#11492)).
 * Allow requesting to join knock rooms via spotlight ([\#11482](matrix-org/matrix-react-sdk#11482)). Contributed by @charlynguyen.
 * Lock out the first tab if Element is opened in a second tab. ([\#11425](matrix-org/matrix-react-sdk#11425)). Fixes #25157.
 * Change avatar to use Compound implementation ([\#11448](matrix-org/matrix-react-sdk#11448)).

## 🐛 Bug Fixes
 * Fix vertical alignment of default avatar font ([\#11582](matrix-org/matrix-react-sdk#11582)). Fixes #26081.
 * Fix avatars in public room & space search being flex shrunk ([\#11580](matrix-org/matrix-react-sdk#11580)). Fixes #26133.
 * Fix EventTile avatars being rendered with a size of 0 instead of hidden ([\#11558](matrix-org/matrix-react-sdk#11558)). Fixes #26075.
 * Fix compound external assets path in bundle ([\#26069](element-hq/element-web#26069)).
 * Use RoomStateEvent.Update for knocks ([\#11516](matrix-org/matrix-react-sdk#11516)). Contributed by @charlynguyen.
 * Prevent event propagation when clicking icon buttons ([\#11515](matrix-org/matrix-react-sdk#11515)).
 * Only display RoomKnocksBar when feature flag is enabled ([\#11513](matrix-org/matrix-react-sdk#11513)). Contributed by @andybalaam.
 * Fix avatars of knock members for people tab of room settings ([\#11506](matrix-org/matrix-react-sdk#11506)). Fixes #26083. Contributed by @charlynguyen.
 * Fixes read receipt avatar offset ([\#11483](matrix-org/matrix-react-sdk#11483)). Fixes #26067, #26064 #26059 and #26061.
 * Fix avatar defects ([\#11473](matrix-org/matrix-react-sdk#11473)). Fixes #26051 and #26046.
 * Fix consistent avatar output for Percy ([\#11472](matrix-org/matrix-react-sdk#11472)). Fixes #26049 and #26052.
 * Fix colour of avatar and colour matching with username ([\#11470](matrix-org/matrix-react-sdk#11470)). Fixes #26042.
 * Fix incompatibility of Soft Logout with Element-R ([\#11468](matrix-org/matrix-react-sdk#11468)).
 * Fix instances of double translation and guard translation calls using typescript ([\#11443](matrix-org/matrix-react-sdk#11443)).
@kerryarchibald kerryarchibald mentioned this pull request Oct 3, 2023
Closed
estellecomment added a commit to tchapgouv/tchap-web-v4 that referenced this pull request Oct 9, 2023
@estellecomment
Merge tag 'v1.11.44' into upgrade/element-web-v1.11.44 - conflicts fi…
49e5151 
…xed, not tried running yet

* Make video & voice call buttons pin conference widget if unpinned ([\#11576](matrix-org/matrix-react-sdk#11576)). Fixes vector-im/customer-retainer#72.
* OIDC: persist refresh token ([\#11249](matrix-org/matrix-react-sdk#11249)). Contributed by @kerryarchibald.
* ElementR: Cross user verification ([\#11364](matrix-org/matrix-react-sdk#11364)). Fixes #25752. Contributed by @florianduros.
* Default intentional mentions ([\#11602](matrix-org/matrix-react-sdk#11602)).
* Notify users about denied access on ask-to-join  rooms ([\#11480](matrix-org/matrix-react-sdk#11480)). Contributed by @nurjinjafar.
* Allow setting knock room directory visibility ([\#11529](matrix-org/matrix-react-sdk#11529)). Contributed by @charlynguyen.
* Revert "Fix regression around FacePile with overflow (#11527)" ([\#11634](matrix-org/matrix-react-sdk#11634)). Fixes #26209.
* Escape placeholder before injecting it into the style ([\#11607](matrix-org/matrix-react-sdk#11607)).
* Move ViewUser action callback to RoomView ([\#11495](matrix-org/matrix-react-sdk#11495)). Fixes #26040.
* Fix room timeline search toggling behaviour edge case ([\#11605](matrix-org/matrix-react-sdk#11605)). Fixes #26105.
* Avoid rendering view-message link in RoomKnocksBar unnecessarily ([\#11598](matrix-org/matrix-react-sdk#11598)). Contributed by @charlynguyen.
* Use knock rooms sync to reflect the knock state ([\#11596](matrix-org/matrix-react-sdk#11596)). Fixes #26043 and #26044. Contributed by @charlynguyen.
* Fix avatar in right panel not using the correct font ([\#11593](matrix-org/matrix-react-sdk#11593)). Fixes #26061. Contributed by @MidhunSureshR.
* Add waits in Spotlight Cypress tests, hoping this unflakes them ([\#11590](matrix-org/matrix-react-sdk#11590)). Fixes #26053, #26140 #26139 and #26138. Contributed by @andybalaam.
* Fix vertical alignment of default avatar font ([\#11582](matrix-org/matrix-react-sdk#11582)). Fixes #26081.
* Fix avatars in public room & space search being flex shrunk ([\#11580](matrix-org/matrix-react-sdk#11580)). Fixes #26133.
* Fix EventTile avatars being rendered with a size of 0 instead of hidden ([\#11558](matrix-org/matrix-react-sdk#11558)). Fixes #26075.
@richvdh richvdh mentioned this pull request Nov 15, 2023
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@richvdh richvdh richvdh approved these changes

@t3chguy t3chguy Awaiting requested review from t3chguy t3chguy is a code owner automatically assigned from matrix-org/element-web-reviewers

Assignees
No one assigned
Labels
T-Enhancement New features, changes in functionality, performance boosts, user-facing improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kerryarchibald @richvdh