STCOR-865 call logout() exclusively from logout-* routes #1500
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Two things happen when idle-session-timeout kicks in: 1. the redux store is updated to clear out the session 2. the URL is updated to `/logout-timeout` It sounds simple, but it gets messy when `<RootWithIntl>` re-renders when the store updates because that's where routes are defined. Previously, with event-handlers separately calling `logout()` to update the store and `history.push()` to update the URL, you could end up in an unexpected situation such as being logged-out before the URL updated to `/logout-timeout`, causing the default route-match handler to kick in and redirect to the login screen. The changes here consolidate calls to `logout()` into the components bound to `/logout` (`<Logout>`) and `/logout-timeout` (`<LogoutTimeout>`). Event handlers that previously did things like ``` return logout(...) // update redux and other storage .then(history.push(...)) // update URL ``` are now limited to updating the URL. This means directly accessing the routes `/logout` and `/logout-timeout` always terminates a session, and the logic around logout is both simpler and better contained within components whose purpose, by dint of their names, is blindingly clear. The minor changes in `<MainNav>` are just clean-up work, removing cruft that is no longer in use. Refs STCOR-865
|
aidynoJ
approved these changes
Jul 5, 2024
zburke
added a commit
that referenced
this pull request
Jul 25, 2024
Two things happen when idle-session-timeout kicks in: 1. the redux store is updated to clear out the session 2. the URL is updated to `/logout-timeout` It sounds simple, but it gets messy when `<RootWithIntl>` re-renders when the store updates because that's where routes are defined. Previously, with event-handlers separately calling `logout()` to update the store and `history.push()` to update the URL, you could end up in an unexpected situation such as being logged-out before the URL updated to `/logout-timeout`, causing the default route-match handler to kick in and redirect to the login screen. The changes here consolidate calls to `logout()` into the components bound to `/logout` (`<Logout>`) and `/logout-timeout` (`<LogoutTimeout>`). Event handlers that previously did things like ``` return logout(...) // update redux and other storage .then(history.push(...)) // update URL ``` are now limited to updating the URL. This means directly accessing the routes `/logout` and `/logout-timeout` always terminates a session, and the logic around logout is both simpler and better contained within components whose purpose, by dint of their names, is blindingly clear. The minor changes in `<MainNav>` are just clean-up work, removing cruft that is no longer in use. Refs STCOR-865 (cherry picked from commit 8daa267)
zburke
added a commit
that referenced
this pull request
Sep 17, 2024
The bugfix for STCOR-865, #1500, resulted in vastly simpler logic in the SessionEventContainer event handlers as well as simple and predictable and behavior in the Logout and LogoutTimeout components. Restore that logic; it's better. Refs STCOR-865, STCOR-875
zburke
added a commit
that referenced
this pull request
Sep 17, 2024
The bugfix for STCOR-865, #1500, resulted in vastly simpler logic in the SessionEventContainer event handlers as well as simple and predictable and behavior in the Logout and LogoutTimeout components. Restore that logic; it's better. Refs STCOR-865, STCOR-875
zburke
added a commit
that referenced
this pull request
Sep 20, 2024
The time has come. The time is now. `keycloak-eureka` will you please merge now! You can go in a merge commit. You can squash with ease. You can go in a rebase. But please merge. Please! * STCOR-773 #1385: Handle Eureka-based discovery * #1388: handle absent `provides` property on interfaces in Settings > About * STCOR-790 #1389: Pass client-id from stripes-config to keycloak * STCOR-794 #1400: Reset pre-login tenant-selection form when navigating back to it * STCOR-795 #1399: When `users-keycloak` interface is present, use its API for password-reset * STCOR-796 #1410: replace x-okapi-token credentials with RTR and cookies * STCOR-811 #1417: retrieve AT/RT expiration data from `/authn/token` response * STCOR-812 #1416: include `X-Okapi-Tenant` header in call to `/authn/logout` * STCOR-813 #1421: correctly parse `.../_self` permissions * STCOR-810 #1418 #1427 #1429: leverage `stripes-config::config.tenantOptions` in place of deprecated tenant-entitlement values * STCOR-803 #1426: logout immediately, without confirming or redirecting through keycloak * STCOR-816 #1432: only call `/saml/check` when `login-saml` interface is present * STCOR-789 #1442: restore original URL after login * STCOR-820 #1445: optionally retrieve password-reset token from path (or query-string) * STCOR-845 #1462: correctly handle redirect after password-change * STCOR-787 #1487 #1492: retrieve clientId and tenant from stripes-config::config.tenantOptions * STCOR-859 #1489: correctly list UI apps under apps/modules/interfaces column of Settings > About * STCOR-776 #1490: show idle-session modal with countdown timer before logout * STCOR-864 #1498: correctly evaluate `typeof stripes.okapi` * STCOR-865 #1500: call `logout()` exclusively from `/logout*` routes * STCOR-834 #1491`: refactor `useUserTenantPermissions` to switch on `roles` interface presence * STCOR-866 #1502: include `/users-keycloak/_self` in list of authentication-related endpoints * STCOR-867 #1505 #1506: store permission displaynames in redux * STCOR-862 #1503: handle fixed-length-session timeout * STCOR-869 #1513: avoid storing `/logout*` as a return-to URL; ensure `/logout` is called with a valid token * STCOR-872 #1520: return query-keys from `useChunkedCQLFetch()` * STCOR-874 #1521: provide `key` to `<SessionEventContainer>` components * STCOR-873 #1519: `useChunkedCQLFetch()` should use `tenantId` argument when present * STCOR-876 #1526: restore original URL after login (regression of STCOR-789) * STCOR-885 #1531: clear original URL from storage after login-and-redirect * STCOR-889 #1536: include all reference interfaces in optionalOkapiInterfaces I said MERGE and MERGE I meant.... The time had come ... so this branch went.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Two things happen when idle-session-timeout kicks in:
/logout-timeoutIt sounds simple, but it gets messy when
<RootWithIntl>re-renders when the store updates because that's where routes are defined. Previously, with event-handlers separately callinglogout()to update the store andhistory.push()to update the URL, you could end up in an unexpected situation such as being logged-out before the URL updated to/logout-timeout, causing the default route-match handler to kick in and redirect to the login screen.The changes here consolidate calls to
logout()into the components bound to/logout(<Logout>) and/logout-timeout(<LogoutTimeout>). Event handlers that previously did things likeare now limited to updating the URL. This means directly accessing the routes
/logoutand/logout-timeoutalways terminates a session, and the logic around logout is both simpler and better contained within components whose purpose, by dint of their names, is blindingly clear.The minor changes in
<MainNav>are just clean-up work, removing cruft that is no longer in use.Refs STCOR-865