Handle expiration of Overdrive access token

stevenyvr987 / overdrive-evergreen-opac

Automatically exported from code.google.com/p/overdrive-evergreen-opac

0 stars 0 forks source link

Handle expiration of Overdrive access token #5

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

The client does not know a token has expired until an API call is attempted, 
when it will get a status 401. On expiration, the client should expire 
session-related values and get a new token. It should get the correct type of 
token: if the user has logged in, it should get a patron access token, 
otherwise, a library account token.

Original issue reported on code.google.com by steven3...@gmail.com on 10 Jun 2014 at 9:28

GoogleCodeExporter commented 9 years ago

Fixing the issue by considering an alternative ending. If an Overdrive token 
has expired, we check to see if it is a library access token and if so, then we 
renew it. Otherwise, we force a user logout by triggering a click of the logout 
link, thereby forcing the user to manually relog in to get a new token.

Original comment by steven3...@gmail.com on 13 Jun 2014 at 8:59

Changed state: Fixed

GoogleCodeExporter commented 9 years ago

Using javascript to trigger a click of the logout link does not work, because 
no event handler is attached to the link. Instead, we reload the window with 
the logout URL.

Original comment by steven3...@gmail.com on 30 Aug 2014 at 10:32