Do not refresh auth tokens when there is no Internet connectivity

[labkode]

The authentication code will try to refresh the token before it expires. If the user looses connectivity temporarily (like I just close by lid in my laptop) and go somewhere else and re-open, the code will still try to renew the token and you get a nasty page telling you that you cannot connect to the domain of your IDP or to check your network connection.

The "cron" that is the web should have an extra if: if I don't have connectivity, I don't try to renew the token

[kulmann]

There is no "cron" / recurring task.

What's happening at the moment: When your access token expires we react on that event from the oidc-client lib and call a method that handles auth errors (-> redirects you to the "session expired" page).

What we should do instead is, doing that redirect on the first failing request after the token has expired. But for that we'd need something like a request interceptor. Prerequisite for that: use a common client for all requests. At the moment we sometimes use fetch, sometimes axios, chaotic mix. I don't see a short term solution for this.

For internet connectivity there is nothing built-in in browsers. We could use window.onLine, but that is only capable of checking network connectivity. No internet connectivity guarantee coming from that.

[tbsbdr]

Won't be developed in 2022

[micbar]

like @labkode Stated in the call today, there is a Workaround to use reva access tokens.

[labkode]

Yes, no blocker for us, just to remember when using refresh tokens in OCIS with 3rd part IDPs.

[kulmann]

@jstehle since you recently introduced a token renewal web worker, could we utilize navigator.onLine (seems to be supported on all browsers since basically forever) to skip a token renewal attempt if the user is offline + have an immediate token renewal attempt when the user comes back online (event listener on the online window event)?