Skip to content
This repository was archived by the owner on Sep 11, 2024. It is now read-only.

OIDC: retrieve refreshToken from storage #11250

Merged
merged 33 commits into from
Sep 28, 2023
Merged

OIDC: retrieve refreshToken from storage #11250

merged 33 commits into from
Sep 28, 2023

Conversation

kerryarchibald
Copy link
Contributor

@kerryarchibald kerryarchibald commented Jul 13, 2023
edited by github-actions bot
Loading

For element-hq/element-web#25708
With element-hq/element-web#25783

Retrieves the refresh token from storage and passes it to MatrixClientPeg. Not yet used by MatrixClient

Checklist

  • Tests written for new code (and old code if feasible)
  • Linter and other CI checks pass
  • Sign-off given on the changes (see CONTRIBUTING.md)

This change is marked as an internal change (Task), so will not be included in the changelog.

Kerry Archibald added 14 commits July 11, 2023 19:27
test persistCredentials without a pickle key
2607997
Merge branch 'develop' into kerry/25708/test-persist-credentials
3506c06
test setLoggedIn with pickle key
609f790
lint
f3092c7
type error
fad7f33
extract token persisting code into function, persist refresh token
32d5fb0
store has_refresh_token too
e6529f1
pass refreshToken from oidcAuthGrant into credentials
66d57e5
rest restore session with pickle key
b33e347
Merge branch 'kerry/25708/test-persist-credentials' into kerry/25708/…
823ba2e 
…save-refresh-token
retreive stored refresh token and add to credentials
e91bbf4
Merge branch 'develop' into kerry/25708/test-persist-credentials
b7e0603
Merge branch 'kerry/25708/test-persist-credentials' into kerry/25708/…
b8b0c86 
…save-refresh-token
Merge branch 'develop' into kerry/25708/restore-refresh-token
3ed9cc1
@kerryarchibald kerryarchibald added the T-Task Refactoring, enabling or disabling functionality, other engineering tasks label Jul 13, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 13, 2023
View reviewed changes
src/Lifecycle.ts Outdated
}

async function persistCredentials(credentials: IMatrixClientCreds): Promise<void> {
localStorage.setItem(HOMESERVER_URL_KEY, credentials.homeserverUrl);

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
src/Lifecycle.ts Outdated
async function persistCredentials(credentials: IMatrixClientCreds): Promise<void> {
localStorage.setItem(HOMESERVER_URL_KEY, credentials.homeserverUrl);
if (credentials.identityServerUrl) {
localStorage.setItem(ID_SERVER_URL_KEY, credentials.identityServerUrl);

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
src/Lifecycle.ts Outdated
if (credentials.identityServerUrl) {
localStorage.setItem(ID_SERVER_URL_KEY, credentials.identityServerUrl);
}
localStorage.setItem("mx_user_id", credentials.userId);

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
src/Lifecycle.ts Outdated
if (!!credentials.accessToken) {
localStorage.setItem("mx_access_token", credentials.accessToken);
if (!!token) {
localStorage.setItem(storageKey, token);

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
src/Lifecycle.ts Outdated
if (!!credentials.accessToken) {
localStorage.setItem("mx_access_token", credentials.accessToken);
if (!!token) {
localStorage.setItem(storageKey, token);

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
src/Lifecycle.ts Outdated
localStorage.setItem(ID_SERVER_URL_KEY, credentials.identityServerUrl);
}
localStorage.setItem("mx_user_id", credentials.userId);
localStorage.setItem("mx_is_guest", JSON.stringify(credentials.guest));

Check failure

Code scanning / CodeQL

Clear text storage of sensitive information

This stores sensitive data returned by [a call to sendLoginRequest](1) as clear text.
@kerryarchibald kerryarchibald changed the title [WIP] OIDC: retrieve refreshToken from storage OIDC: retrieve refreshToken from storage Sep 26, 2023
@kerryarchibald kerryarchibald marked this pull request as ready for review September 26, 2023 23:57
@kerryarchibald kerryarchibald requested a review from a team as a code owner September 26, 2023 23:57
@kerryarchibald kerryarchibald added this pull request to the merge queue Sep 28, 2023
Merged via the queue into develop with commit ef5a93b Sep 28, 2023
@kerryarchibald kerryarchibald deleted the kerry/25708/restore-refresh-token branch September 28, 2023 05:14
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@t3chguy t3chguy t3chguy approved these changes

@dbkr dbkr Awaiting requested review from dbkr dbkr is a code owner automatically assigned from matrix-org/element-web-reviewers

Assignees
No one assigned
Labels
T-Task Refactoring, enabling or disabling functionality, other engineering tasks
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kerryarchibald @t3chguy