solid-auth-client icon indicating copy to clipboard operation
solid-auth-client copied to clipboard

Published 20 hours ago verified publisher icon nodeSolidServer

currentSession doesn't check if token is still valid on Solid server.

Open jairo-campos-JD opened this issue 5 years ago • 2 comments

Current Functionality: tracksession check if there is a token in the local storage to validate if the user is logging or not.

Possible issue: Apps doesn't know when the token is invalid to redirect the user to log in. We could use 401 response to fix it but we couldn't make a difference between a token or permissions error.

Solution: New functionality to check if the current session(token) is valid on Solid server and make differences when there is an error for permissions or token.

cc: @RubenVerborgh

jairo-campos-JD avatar Jun 20 '19 17:06 jairo-campos-JD

Technically currentSession of webid-oidc.js.

Main problem is that token renewal is not implemented in the OIDC libraries we use.

RubenVerborgh avatar Jun 20 '19 18:06 RubenVerborgh

Interested in this too!

I'm not sure, but token renewal is here where there is no token on the client and we need to get a new one from the servern right?

What if there is still a token on the client but it's not valid anymore on the server? Can we check that?

matthieu-fesselier avatar Jun 12 '20 08:06 matthieu-fesselier