From ee69c946c43042a05b07e53734cece62a67e7581 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 15 Apr 2024 09:36:19 +0200 Subject: [PATCH 01/18] fix: delete sessionCallBlocked only by the same tab that added entry --- __tests__/identity.js | 7 +++++-- src/identity.js | 19 +++++++++++-------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/__tests__/identity.js b/__tests__/identity.js index 24d6d1a..daad6c3 100644 --- a/__tests__/identity.js +++ b/__tests__/identity.js @@ -595,12 +595,15 @@ describe('Identity', () => { describe('session refresh full page redirect', ()=>{ test('should do redirect when session endpoint respond with redirectURL only', async () => { - mockSessionOkResponse(Fixtures.sessionNeedsToBeRefreshedResponse) - + mockSessionOkResponse(Fixtures.sessionNeedsToBeRefreshedResponse); const MOCK_TAB_ID = 1234; const spy = jest.spyOn(Identity.prototype, '_getTabId'); spy.mockImplementation(() => MOCK_TAB_ID); + identity = new Identity(defaultOptions); + identity._sessionService.fetch = getSessionMock; + identity._clearVarnishCookie(); + await identity.hasSession(); expect(defaultOptions.callbackBeforeRedirect).toHaveBeenCalled(); diff --git a/src/identity.js b/src/identity.js index 2c7a7ed..0e6e6f6 100644 --- a/src/identity.js +++ b/src/identity.js @@ -196,6 +196,7 @@ export class Identity extends EventEmitter { this.log = log; this.callbackBeforeRedirect = callbackBeforeRedirect; this._sessionDomain = sessionDomain; + this._tabId = this._getTabId(); // Internal hack: set to false to always refresh from hassession this._enableSessionCaching = true; @@ -209,7 +210,7 @@ export class Identity extends EventEmitter { this._setOauthServerUrl(env); this._setGlobalSessionServiceUrl(env); - this._unblockSessionCall(); + this._unblockSessionCallByTab(); } /** @@ -233,7 +234,7 @@ export class Identity extends EventEmitter { * Checks if getting session is blocked * @private * - * @returns {boolean|void} + * @returns {number} */ _isSessionCallBlocked(){ return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); @@ -246,11 +247,11 @@ export class Identity extends EventEmitter { * @returns {void} */ _blockSessionCall(){ - const SESSION_CALL_BLOCKED = true; + const SESSION_CALL_BLOCKED_BY_TAB = this._tabId; this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, - SESSION_CALL_BLOCKED, + SESSION_CALL_BLOCKED_BY_TAB, SESSION_CALL_BLOCKED_TTL ); } @@ -261,8 +262,10 @@ export class Identity extends EventEmitter { * * @returns {void} */ - _unblockSessionCall(){ - this.localStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); + _unblockSessionCallByTab(){ + if (this._isSessionCallBlocked() === this._tabId) { + this.localStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); + } } /** @@ -589,7 +592,7 @@ export class Identity extends EventEmitter { } let sessionData = null; try { - sessionData = await this._sessionService.get('/v2/session', {tabId: this._getTabId()}); + sessionData = await this._sessionService.get('/v2/session', {tabId: this._tabId}); } catch (err) { if (err && err.code === 400 && this._enableSessionCaching) { const expiresIn = 1000 * (err.expiresIn || 300); @@ -605,7 +608,7 @@ export class Identity extends EventEmitter { await this.callbackBeforeRedirect(); - return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._tabId}); } if (this._enableSessionCaching) { From ff169708b3c52ea5394abff87a04d92696703052 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 15 Apr 2024 13:12:26 +0200 Subject: [PATCH 02/18] fix: code review --- __tests__/identity.js | 5 +---- src/identity.js | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/__tests__/identity.js b/__tests__/identity.js index daad6c3..0ac7f31 100644 --- a/__tests__/identity.js +++ b/__tests__/identity.js @@ -599,10 +599,7 @@ describe('Identity', () => { const MOCK_TAB_ID = 1234; const spy = jest.spyOn(Identity.prototype, '_getTabId'); spy.mockImplementation(() => MOCK_TAB_ID); - - identity = new Identity(defaultOptions); - identity._sessionService.fetch = getSessionMock; - identity._clearVarnishCookie(); + identity._tabId = MOCK_TAB_ID; await identity.hasSession(); diff --git a/src/identity.js b/src/identity.js index 0e6e6f6..f9b53d3 100644 --- a/src/identity.js +++ b/src/identity.js @@ -234,7 +234,7 @@ export class Identity extends EventEmitter { * Checks if getting session is blocked * @private * - * @returns {number} + * @returns {number/null} */ _isSessionCallBlocked(){ return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); From 4ba122826714d8d8d0adf556dffb8bd2ce7972e8 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 17 Apr 2024 15:43:52 +0200 Subject: [PATCH 03/18] fix auto-merge --- src/identity.js | 43 +++++++++++++++++++------------------------ 1 file changed, 19 insertions(+), 24 deletions(-) diff --git a/src/identity.js b/src/identity.js index 3450eb6..d96adac 100644 --- a/src/identity.js +++ b/src/identity.js @@ -189,7 +189,8 @@ export class Identity extends EventEmitter { this._sessionInitiatedSent = false; this.window = window; this.clientId = clientId; - this.cache = new Cache(() => this.window && this.window.sessionStorage); + this.sessionStorageCache = new Cache(() => this.window && this.window.sessionStorage); + this.localStorageCache = new Cache(() => this.window && this.window.localStorage); this.redirectUri = redirectUri; this.env = env; this.log = log; @@ -197,7 +198,7 @@ export class Identity extends EventEmitter { this._sessionDomain = sessionDomain; this._tabId = this._getTabId(); - // Internal hack: set to false to always refresh from hassession + // Internal hack: set as false to always refresh from hasSession this._enableSessionCaching = true; // Old session @@ -219,9 +220,9 @@ export class Identity extends EventEmitter { */ _getTabId() { if (this._enableSessionCaching) { - const tabId = this.cache.get(TAB_ID_KEY); + const tabId = this.sessionStorageCache.get(TAB_ID_KEY); if (!tabId) { - this.cache.set(TAB_ID_KEY, TAB_ID, TAB_ID_TTL); + this.sessionStorageCache.set(TAB_ID_KEY, TAB_ID, TAB_ID_TTL); return TAB_ID; } @@ -233,12 +234,10 @@ export class Identity extends EventEmitter { * Checks if getting session is blocked * @private * - * @returns {number/null} + * @returns {number|null} */ _isSessionCallBlocked(){ - if (this._enableSessionCaching) { - return this.cache.get(SESSION_CALL_BLOCKED_CACHE_KEY); - } + return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); } /** @@ -248,15 +247,13 @@ export class Identity extends EventEmitter { * @returns {void} */ _blockSessionCall(){ - if (this._enableSessionCaching) { - const SESSION_CALL_BLOCKED_BY_TAB = this._tabId; + const SESSION_CALL_BLOCKED_BY_TAB = this._tabId; - this.cache.set( - SESSION_CALL_BLOCKED_CACHE_KEY, + this.cache.set( + SESSION_CALL_BLOCKED_CACHE_KEY, SESSION_CALL_BLOCKED_BY_TAB, - SESSION_CALL_BLOCKED_TTL - ); - } + SESSION_CALL_BLOCKED_TTL + ); } /** @@ -265,12 +262,10 @@ export class Identity extends EventEmitter { * * @returns {void} */ - _unblockSessionCallByTab(){ + _unblockSessionCallByTab() { if (this._isSessionCallBlocked() === this._tabId) { - if (this._enableSessionCaching) { this.cache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } - } } /** @@ -590,7 +585,7 @@ export class Identity extends EventEmitter { const _getSession = async () => { if (this._enableSessionCaching) { // Try to resolve from cache (it has a TTL) - let cachedSession = this.cache.get(HAS_SESSION_CACHE_KEY); + let cachedSession = this.sessionStorageCache.get(HAS_SESSION_CACHE_KEY); if (cachedSession) { return _postProcess(cachedSession); } @@ -601,7 +596,7 @@ export class Identity extends EventEmitter { } catch (err) { if (err && err.code === 400 && this._enableSessionCaching) { const expiresIn = 1000 * (err.expiresIn || 300); - this.cache.set(HAS_SESSION_CACHE_KEY, { error: err }, expiresIn); + this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, { error: err }, expiresIn); } throw err; } @@ -618,7 +613,7 @@ export class Identity extends EventEmitter { if (this._enableSessionCaching) { const expiresIn = 1000 * (sessionData.expiresIn || 300); - this.cache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); + this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); } } @@ -666,7 +661,7 @@ export class Identity extends EventEmitter { * @returns {void} */ clearCachedUserSession() { - this.cache.delete(HAS_SESSION_CACHE_KEY); + this.sessionStorageCache.delete(HAS_SESSION_CACHE_KEY); } /** @@ -877,7 +872,7 @@ export class Identity extends EventEmitter { prompt = 'select_account' }) { this._closePopup(); - this.cache.delete(HAS_SESSION_CACHE_KEY); + this.sessionStorageCache.delete(HAS_SESSION_CACHE_KEY); const url = this.loginUrl({ state, acrValues, @@ -926,7 +921,7 @@ export class Identity extends EventEmitter { * @return {void} */ logout(redirectUri = this.redirectUri) { - this.cache.delete(HAS_SESSION_CACHE_KEY); + this.sessionStorageCache.delete(HAS_SESSION_CACHE_KEY); this._maybeClearVarnishCookie(); this.emit('logout'); this.window.location.href = this.logoutUrl(redirectUri); From 8ad19eb4f8a789d6348c4644ac47416acbd8ce17 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 17 Apr 2024 18:14:17 +0200 Subject: [PATCH 04/18] fix: update Identity, Cache descriptions --- src/cache.d.ts | 3 --- src/cache.js | 3 --- src/identity.d.ts | 21 +++++++++------------ src/identity.js | 25 +++++++++++-------------- 4 files changed, 20 insertions(+), 32 deletions(-) diff --git a/src/cache.d.ts b/src/cache.d.ts index 84fa13b..43398eb 100644 --- a/src/cache.d.ts +++ b/src/cache.d.ts @@ -14,7 +14,6 @@ export default class Cache { /** * Get a value from cache (checks that the object has not expired) * @param {string} key - * @private * @returns {*} - The value if it exists, otherwise null */ private get; @@ -23,14 +22,12 @@ export default class Cache { * @param {string} key * @param {*} value * @param {Number} expiresIn - Value in milliseconds until the entry expires - * @private * @returns {void} */ private set; /** * Delete a cache entry * @param {string} key - * @private * @returns {void} */ private delete; diff --git a/src/cache.js b/src/cache.js index e151ef0..d54d3db 100644 --- a/src/cache.js +++ b/src/cache.js @@ -89,7 +89,6 @@ export default class Cache { /** * Get a value from cache (checks that the object has not expired) * @param {string} key - * @private * @returns {*} - The value if it exists, otherwise null */ get(key) { @@ -124,7 +123,6 @@ export default class Cache { * @param {string} key * @param {*} value * @param {Number} expiresIn - Value in milliseconds until the entry expires - * @private * @returns {void} */ set(key, value, expiresIn = 0) { @@ -145,7 +143,6 @@ export default class Cache { /** * Delete a cache entry * @param {string} key - * @private * @returns {void} */ delete(key) { diff --git a/src/identity.d.ts b/src/identity.d.ts index 49c10d7..a85d019 100644 --- a/src/identity.d.ts +++ b/src/identity.d.ts @@ -44,23 +44,20 @@ export class Identity extends TinyEmitter { */ private _getTabId; /** - * Checks if getting session is blocked + * Checks if calling get session is blocked * @private - * * @returns {boolean|void} */ private _isSessionCallBlocked; /** - * Block calls to get session + * Block calls to get session. This is done to prevent concurrent calls which can log user out if session is refreshed by one of them * @private - * * @returns {void} */ private _blockSessionCall; /** - * Unblocks calls to get session + * Unblocks calls to get session if the lock was put by the same tab * @private - * * @returns {void} */ private _unblockSessionCall; @@ -105,7 +102,7 @@ export class Identity extends TinyEmitter { private _setGlobalSessionServiceUrl; _globalSessionService: RESTClient; /** - * Emits the relevant events based on the previous and new reply from hassession + * Emits the relevant events based on the previous and new reply from {@link Identity#hasSession} * @private * @param {object} previous * @param {object} current @@ -120,7 +117,7 @@ export class Identity extends TinyEmitter { private _closePopup; popup: Window; /** - * Set the Varnish cookie (`SP_ID`) when hasSession() is called. Note that most browsers require + * Set the Varnish cookie (`SP_ID`) when {@link Identity#hasSession} is called. Note that most browsers require * that you are on a "real domain" for this to work — so, **not** `localhost` * @param {object} [options] * @param {number} [options.expiresIn] Override this to set number of seconds before the varnish @@ -223,7 +220,7 @@ export class Identity extends TinyEmitter { * @description This function calls {@link Identity#hasSession} internally and thus has the side * effect that it might perform an auto-login on the user * @throws {SDKError} If the user isn't connected to the merchant - * @return {Promise} The `userId` field (not to be confused with the `uuid`) + * @return {number} The `userId` field (not to be confused with the `uuid`) */ getUserId(): Promise; /** @@ -383,7 +380,7 @@ export type LoginOptions = { * `password` (will force password confirmation, even if user is already logged in), `eid`. Those values might * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need * to verify AMR (Authentication Methods References) claim in ID token. - * Might also be used to ensure additional acr (sms, otp, eid) for already logged in users. + * Might also be used to ensure additional acr (sms, otp, eid) for already logged-in users. * Supported value is also 'otp-email' means one time password using email. */ acrValues?: string; @@ -452,7 +449,7 @@ export type SimplifiedLoginWidgetLoginOptions = { * `password` (will force password confirmation, even if user is already logged in). Those values might * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need * to verify AMR (Authentication Methods References) claim in ID token. - * Might also be used to ensure additional acr (sms, otp) for already logged in users. + * Might also be used to ensure additional acr (sms, otp) for already logged-in users. * Supported value is also 'otp-email' means one time password using email. */ acrValues?: string; @@ -620,7 +617,7 @@ export type HasSessionFailureResponse = { }; export type SimplifiedLoginData = { /** - * - Deprecated: User UUID, to be be used as `loginHint` for {@link Identity#login} + * - Deprecated: User UUID, to be used as `loginHint` for {@link Identity#login} */ identifier: string; /** diff --git a/src/identity.js b/src/identity.js index d96adac..63ba648 100644 --- a/src/identity.js +++ b/src/identity.js @@ -26,7 +26,7 @@ import version from './version.js'; * `password` (will force password confirmation, even if user is already logged in), `eid`. Those values might * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need * to verify AMR (Authentication Methods References) claim in ID token. - * Might also be used to ensure additional acr (sms, otp) for already logged in users. + * Might also be used to ensure additional acr (sms, otp) for already logged-in users. * Supported value is also 'otp-email' means one time password using email. * @property {string} [scope] - The OAuth scopes for the tokens. This is a list of * scopes, separated by space. If the list of scopes contains `openid`, the generated tokens @@ -60,7 +60,7 @@ import version from './version.js'; * `password` (will force password confirmation, even if user is already logged in). Those values might * be mixed as space-separated string. To make sure that user has authenticated with 2FA you need * to verify AMR (Authentication Methods References) claim in ID token. - * Might also be used to ensure additional acr (sms, otp) for already logged in users. + * Might also be used to ensure additional acr (sms, otp) for already logged-in users. * Supported value is also 'otp-email' means one time password using email. * @property {string} [scope] - The OAuth scopes for the tokens. This is a list of * scopes, separated by space. If the list of scopes contains `openid`, the generated tokens @@ -134,7 +134,7 @@ import version from './version.js'; /** * @typedef {object} SimplifiedLoginData - * @property {string} identifier - Deprecated: User UUID, to be be used as `loginHint` for {@link Identity#login} + * @property {string} identifier - Deprecated: User UUID, to be as `loginHint` for {@link Identity#login} * @property {string} display_text - Human-readable user identifier * @property {string} client_name - Client name */ @@ -155,7 +155,7 @@ const TAB_ID_TTL = 1000 * 60 * 60 * 24 * 30; const globalWindow = () => window; /** - * Provides Identity functionalty to a web page + * Provides Identity functionality to a web page */ export class Identity extends EventEmitter { /** @@ -214,7 +214,7 @@ export class Identity extends EventEmitter { } /** - * Read tabId from session storage + * Read tabId from session storage if possible, otherwise save tabId to session storage and return it * @returns {number} * @private */ @@ -231,9 +231,8 @@ export class Identity extends EventEmitter { } /** - * Checks if getting session is blocked + * Checks if calling get session is blocked * @private - * * @returns {number|null} */ _isSessionCallBlocked(){ @@ -241,9 +240,8 @@ export class Identity extends EventEmitter { } /** - * Block calls to get session + * Block calls to get session. This is done to prevent concurrent calls which can log user out if session is refreshed by one of them * @private - * * @returns {void} */ _blockSessionCall(){ @@ -257,9 +255,8 @@ export class Identity extends EventEmitter { } /** - * Unblocks calls to get session + * Unblocks calls to get session if the lock was put by the same tab * @private - * * @returns {void} */ _unblockSessionCallByTab() { @@ -346,7 +343,7 @@ export class Identity extends EventEmitter { } /** - * Emits the relevant events based on the previous and new reply from hassession + * Emits the relevant events based on the previous and new reply from {@link Identity#hasSession} * @private * @param {object} previous * @param {object} current @@ -426,7 +423,7 @@ export class Identity extends EventEmitter { } /** - * Set the Varnish cookie (`SP_ID`) when hasSession() is called. Note that most browsers require + * Set the Varnish cookie (`SP_ID`) when {@link Identity#hasSession} is called. Note that most browsers require * that you are on a "real domain" for this to work — so, **not** `localhost` * @param {object} [options] * @param {number} [options.expiresIn] Override this to set number of seconds before the varnish @@ -715,7 +712,7 @@ export class Identity extends EventEmitter { * @description This function calls {@link Identity#hasSession} internally and thus has the side * effect that it might perform an auto-login on the user * @throws {SDKError} If the user isn't connected to the merchant - * @return {Promise} The `userId` field (not to be confused with the `uuid`) + * @return {number} The `userId` field (not to be confused with the `uuid`) */ async getUserId() { const user = await this.hasSession(); From d245c622b81813962a1b1c52a7fbdd6b1782eac1 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 17 Apr 2024 18:15:09 +0200 Subject: [PATCH 05/18] fix: clean block on page load when redirecting --- src/identity.js | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/identity.js b/src/identity.js index 63ba648..133249e 100644 --- a/src/identity.js +++ b/src/identity.js @@ -146,7 +146,7 @@ import version from './version.js'; const HAS_SESSION_CACHE_KEY = 'hasSession-cache'; const SESSION_CALL_BLOCKED_CACHE_KEY = 'sessionCallBlocked-cache'; -const SESSION_CALL_BLOCKED_TTL = 1000 * 60 * 5; +const SESSION_CALL_BLOCKED_TTL = 1000 * 60; const TAB_ID_KEY = 'tab-id-cache'; const TAB_ID = Math.floor(Math.random() * 100000) @@ -189,8 +189,8 @@ export class Identity extends EventEmitter { this._sessionInitiatedSent = false; this.window = window; this.clientId = clientId; - this.sessionStorageCache = new Cache(() => this.window && this.window.sessionStorage); - this.localStorageCache = new Cache(() => this.window && this.window.localStorage); + this.sessionStorageCache = new Cache(this.window && this.window.sessionStorage); + this.localStorageCache = new Cache(this.window && this.window.localStorage); this.redirectUri = redirectUri; this.env = env; this.log = log; @@ -605,7 +605,8 @@ export class Identity extends EventEmitter { await this.callbackBeforeRedirect(); - return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._tabId}); + this.window.addEventListener('load', () => this._unblockSessionCallByTab()); + this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._tabId}); } if (this._enableSessionCaching) { @@ -621,10 +622,6 @@ export class Identity extends EventEmitter { sessionData => { this._hasSessionInProgress = false; - if (isUrl(sessionData)) { - return this.window.location.href = sessionData; - } - return sessionData; }, err => { From 5b01f5a2f52624037ee2870c7d74d66e8477a901 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 22 Apr 2024 10:40:40 +0200 Subject: [PATCH 06/18] fix: fix build --- __tests__/identity.js | 2 +- src/identity.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/__tests__/identity.js b/__tests__/identity.js index 4406eaa..0ac7f31 100644 --- a/__tests__/identity.js +++ b/__tests__/identity.js @@ -563,7 +563,7 @@ describe('Identity', () => { jest.spyOn(Date, 'now') .mockReturnValue(new Date("2019-11-09T10:00:00").getTime()); - const getExpiresOn = () => JSON.parse(identity.cache.cache.get('hasSession-cache')).expiresOn; + const getExpiresOn = () => JSON.parse(identity.sessionStorageCache.cache.get('hasSession-cache')).expiresOn; await identity.hasSession(); diff --git a/src/identity.js b/src/identity.js index 133249e..6fe5bf0 100644 --- a/src/identity.js +++ b/src/identity.js @@ -247,7 +247,7 @@ export class Identity extends EventEmitter { _blockSessionCall(){ const SESSION_CALL_BLOCKED_BY_TAB = this._tabId; - this.cache.set( + this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, SESSION_CALL_BLOCKED_BY_TAB, SESSION_CALL_BLOCKED_TTL @@ -261,7 +261,7 @@ export class Identity extends EventEmitter { */ _unblockSessionCallByTab() { if (this._isSessionCallBlocked() === this._tabId) { - this.cache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); + this.localStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } } From b75286d5990d09e1b747c75d012e0d2599deedda Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 29 Apr 2024 10:51:37 +0200 Subject: [PATCH 07/18] fix: fix build + minor cleanup --- src/identity.js | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/identity.js b/src/identity.js index f0e97fd..1b09dde 100644 --- a/src/identity.js +++ b/src/identity.js @@ -146,7 +146,7 @@ import version from './version.js'; const HAS_SESSION_CACHE_KEY = 'hasSession-cache'; const SESSION_CALL_BLOCKED_CACHE_KEY = 'sessionCallBlocked-cache'; -const SESSION_CALL_BLOCKED_TTL = 1000 * 60; +const SESSION_CALL_BLOCKED_TTL = 1000 * 30; const TAB_ID_KEY = 'tab-id-cache'; const TAB_ID = Math.floor(Math.random() * 100000) @@ -186,12 +186,15 @@ export class Identity extends EventEmitter { assert(sessionDomain && isUrl(sessionDomain), 'sessionDomain parameter is not a valid URL'); spidTalk.emulate(window); + + // Internal hack: set as false to always refresh from hasSession + this._enableSessionCaching = true; + this._sessionInitiatedSent = false; this.window = window; this.clientId = clientId; this.sessionStorageCache = new Cache(this.window && this.window.sessionStorage); this.localStorageCache = new Cache(this.window && this.window.localStorage); - this.redirectUri = redirectUri; this.env = env; this.log = log; @@ -199,9 +202,6 @@ export class Identity extends EventEmitter { this._sessionDomain = sessionDomain; this._tabId = this._getTabId(); - // Internal hack: set as false to always refresh from hasSession - this._enableSessionCaching = true; - // Old session this._session = {}; @@ -210,7 +210,6 @@ export class Identity extends EventEmitter { this._setBffServerUrl(env); this._setOauthServerUrl(env); this._setGlobalSessionServiceUrl(env); - this._unblockSessionCallByTab(); } @@ -224,15 +223,18 @@ export class Identity extends EventEmitter { const tabId = this.sessionStorageCache.get(TAB_ID_KEY); if (!tabId) { this.sessionStorageCache.set(TAB_ID_KEY, TAB_ID, TAB_ID_TTL); + return TAB_ID; } return tabId; } + + return TAB_ID; } /** - * Checks if calling get session is blocked + * Checks if calling GET session is blocked * @private * @returns {number|null} */ @@ -246,11 +248,9 @@ export class Identity extends EventEmitter { * @returns {void} */ _blockSessionCall(){ - const SESSION_CALL_BLOCKED_BY_TAB = this._tabId; - this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, - SESSION_CALL_BLOCKED_BY_TAB, + this._tabId, SESSION_CALL_BLOCKED_TTL ); } @@ -588,6 +588,7 @@ export class Identity extends EventEmitter { return _postProcess(cachedSession); } } + let sessionData = null; try { sessionData = await this._sessionService.get('/v2/session', {tabId: this._tabId}); @@ -606,8 +607,7 @@ export class Identity extends EventEmitter { await this.callbackBeforeRedirect(); - this.window.addEventListener('load', () => this._unblockSessionCallByTab()); - this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._tabId}); + return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); } if (this._enableSessionCaching) { @@ -623,6 +623,10 @@ export class Identity extends EventEmitter { sessionData => { this._hasSessionInProgress = false; + if (isUrl(sessionData)) { + return this.window.location.href = sessionData; + } + return sessionData; }, err => { From 2205c7e54e2b263735f2fd3ad7230ea83b42011a Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 3 May 2024 14:09:30 +0200 Subject: [PATCH 08/18] fix: fix Cache usage --- src/identity.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/identity.js b/src/identity.js index 1b09dde..f1669a5 100644 --- a/src/identity.js +++ b/src/identity.js @@ -193,8 +193,8 @@ export class Identity extends EventEmitter { this._sessionInitiatedSent = false; this.window = window; this.clientId = clientId; - this.sessionStorageCache = new Cache(this.window && this.window.sessionStorage); - this.localStorageCache = new Cache(this.window && this.window.localStorage); + this.sessionStorageCache = new Cache(() => this.window && this.window.sessionStorage); + this.localStorageCache = new Cache(() =>this.window && this.window.localStorage); this.redirectUri = redirectUri; this.env = env; this.log = log; From cabfcc9f598e3c0b90103f26c647c6a84c962219 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 3 May 2024 16:08:42 +0200 Subject: [PATCH 09/18] fix: block all session service calls and refine blocking period --- src/identity.js | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/src/identity.js b/src/identity.js index f1669a5..70e71b9 100644 --- a/src/identity.js +++ b/src/identity.js @@ -146,7 +146,7 @@ import version from './version.js'; const HAS_SESSION_CACHE_KEY = 'hasSession-cache'; const SESSION_CALL_BLOCKED_CACHE_KEY = 'sessionCallBlocked-cache'; -const SESSION_CALL_BLOCKED_TTL = 1000 * 30; +const SESSION_CALL_BLOCKED_TTL = 1000 * 30; //set to 30s, the default period for a request timeout const TAB_ID_KEY = 'tab-id-cache'; const TAB_ID = Math.floor(Math.random() * 100000) @@ -554,11 +554,6 @@ export class Identity extends EventEmitter { * @return {Promise} */ hasSession() { - const isSessionCallBlocked = this._isSessionCallBlocked() - if (isSessionCallBlocked) { - return this._session; - } - if (this._hasSessionInProgress) { return this._hasSessionInProgress; } @@ -589,8 +584,16 @@ export class Identity extends EventEmitter { } } + // Prevent concurrent calls to session-service + if (this._isSessionCallBlocked()) { + // Returning data directly, without _postProcess since the data returned is the local copy + return this._session; + } + let sessionData = null; try { + this._blockSessionCall(); + sessionData = await this._sessionService.get('/v2/session', {tabId: this._tabId}); } catch (err) { if (err && err.code === 400 && this._enableSessionCaching) { @@ -601,13 +604,10 @@ export class Identity extends EventEmitter { } if (sessionData){ - // for expiring session and safari browser do full page redirect to gain new session + // For expiring session and Safari browser do full page redirect to get new session if(_checkRedirectionNeed(sessionData)){ - this._blockSessionCall(); - await this.callbackBeforeRedirect(); - - return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); } if (this._enableSessionCaching) { @@ -623,10 +623,6 @@ export class Identity extends EventEmitter { sessionData => { this._hasSessionInProgress = false; - if (isUrl(sessionData)) { - return this.window.location.href = sessionData; - } - return sessionData; }, err => { @@ -636,6 +632,7 @@ export class Identity extends EventEmitter { } ); + this._unblockSessionCallByTab(); return this._hasSessionInProgress; } From 97595a00ad628b5adad64ad1f518794ac5b4f2e4 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 6 May 2024 14:29:41 +0200 Subject: [PATCH 10/18] fix: Do not cache redirect response --- src/identity.js | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/identity.js b/src/identity.js index 70e71b9..535646f 100644 --- a/src/identity.js +++ b/src/identity.js @@ -586,8 +586,7 @@ export class Identity extends EventEmitter { // Prevent concurrent calls to session-service if (this._isSessionCallBlocked()) { - // Returning data directly, without _postProcess since the data returned is the local copy - return this._session; + return _postProcess(this._session); } let sessionData = null; @@ -607,7 +606,7 @@ export class Identity extends EventEmitter { // For expiring session and Safari browser do full page redirect to get new session if(_checkRedirectionNeed(sessionData)){ await this.callbackBeforeRedirect(); - this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + return this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); } if (this._enableSessionCaching) { From f113a764ca3d80422039d7ab09d7b3171910f133 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 8 May 2024 09:47:57 +0200 Subject: [PATCH 11/18] fix: Implement retry mechanism if session calls are blocked --- src/identity.js | 120 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 87 insertions(+), 33 deletions(-) diff --git a/src/identity.js b/src/identity.js index 535646f..bf7874b 100644 --- a/src/identity.js +++ b/src/identity.js @@ -151,6 +151,9 @@ const SESSION_CALL_BLOCKED_TTL = 1000 * 30; //set to 30s, the default period for const TAB_ID_KEY = 'tab-id-cache'; const TAB_ID = Math.floor(Math.random() * 100000) const TAB_ID_TTL = 1000 * 60 * 60 * 24 * 30; +const MAX_SESSION_CALL_RETRIES = 10; +const MIN_SESSION_CALL_WAIT_TIME = 100; + const globalWindow = () => window; @@ -568,70 +571,121 @@ export class Identity extends EventEmitter { return sessionData; }; - const _checkRedirectionNeed = (sessionData={})=>{ + const _checkRedirectionNeed = (sessionData= {}) => { const sessionDataKeys = Object.keys(sessionData); return sessionDataKeys.length === 1 && sessionDataKeys[0] === 'redirectURL'; - } + }; const _getSession = async () => { - if (this._enableSessionCaching) { - // Try to resolve from cache (it has a TTL) - let cachedSession = this.sessionStorageCache.get(HAS_SESSION_CACHE_KEY); - if (cachedSession) { - return _postProcess(cachedSession); + const callSessionEndpoint = async () => { + try { + // Blocking future calls to session-service. This lock is removed after the response is processed + // to account for redirection that can happen towards session-service too + this._blockSessionCall(); + + return await this._sessionService.get('/v2/session', {tabId: this._tabId}); + } catch (err) { + if (err && err.code === 400 && this._enableSessionCaching) { + const expiresIn = 1000 * (err.expiresIn || 300); + this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, {error: err}, expiresIn); + } + + throw err; } - } + }; - // Prevent concurrent calls to session-service - if (this._isSessionCallBlocked()) { - return _postProcess(this._session); - } + const useSessionResponseIfValid = async (sessionData) => { + if (sessionData) { + // For expiring session and WebKit browsers do a full page redirect to get a new session + if (_checkRedirectionNeed(sessionData)) { + await this.callbackBeforeRedirect(); - let sessionData = null; - try { - this._blockSessionCall(); + // Doing a return here, to avoid caching the redirect response + return this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + } - sessionData = await this._sessionService.get('/v2/session', {tabId: this._tabId}); - } catch (err) { - if (err && err.code === 400 && this._enableSessionCaching) { - const expiresIn = 1000 * (err.expiresIn || 300); - this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, { error: err }, expiresIn); - } - throw err; - } + if (this._enableSessionCaching) { + const expiresIn = 1000 * (sessionData.expiresIn || 300); + this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); + } - if (sessionData){ - // For expiring session and Safari browser do full page redirect to get new session - if(_checkRedirectionNeed(sessionData)){ - await this.callbackBeforeRedirect(); - return this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + return _postProcess(sessionData) } + }; + const checkIfSessionCallIsNeededAndSafe = async (blockedAction) => { if (this._enableSessionCaching) { - const expiresIn = 1000 * (sessionData.expiresIn || 300); - this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); + // Try to resolve from cache (it has a TTL) + let cachedSession = this.sessionStorageCache.get(HAS_SESSION_CACHE_KEY); + if (cachedSession) { + return _postProcess(cachedSession); + } } - } - return _postProcess(sessionData); + if (this._isSessionCallBlocked()) { + if (this._session && this._session.userId) { + return _postProcess(this._session); + } + + if (blockedAction) { + const blockedResult = await blockedAction(); + + return _postProcess(blockedResult); + } + + return null; + } + const sessionData = await callSessionEndpoint(); + + return await useSessionResponseIfValid(sessionData); + }; + + return await checkIfSessionCallIsNeededAndSafe(async ()=> { + let retryCount = 0; + + // Try to call session-service MAX_SESSION_CALL_RETRIES times, waiting up to 1 second each time + while (retryCount < MAX_SESSION_CALL_RETRIES) { + retryCount++; + const randomWaitingStep = Math.floor(Math.random() * 9); // ignoring waiting times that are too small to matter + const randomWaitTime = MIN_SESSION_CALL_WAIT_TIME + (randomWaitingStep * 100); + await new Promise( resolve => { setTimeout(() =>{ + return resolve(); + }, randomWaitTime)}); + + const result = await checkIfSessionCallIsNeededAndSafe(null); + if (result) { + return result; + } + } + + // exceeded number of attempts, returning old session info + if (this._session && this._session.userId) { + return this._session; + } + + throw new SDKError('HasSession exceeded maximum number of attempts'); + }); }; + this._hasSessionInProgress = _getSession() .then( sessionData => { this._hasSessionInProgress = false; + this._unblockSessionCallByTab(); return sessionData; }, err => { this.emit('error', err); this._hasSessionInProgress = false; + this._unblockSessionCallByTab(); + throw new SDKError('HasSession failed', err); } ); - this._unblockSessionCallByTab(); return this._hasSessionInProgress; } From 2baee16d8a4de637ccf89399362efa723e42a4ee Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 8 May 2024 11:48:40 +0200 Subject: [PATCH 12/18] refactor: Small cleanup --- src/identity.d.ts | 2 +- src/identity.js | 26 ++++++++++++++------------ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/src/identity.d.ts b/src/identity.d.ts index 6fcc69c..3f5d026 100644 --- a/src/identity.d.ts +++ b/src/identity.d.ts @@ -47,7 +47,7 @@ export class Identity extends TinyEmitter { /** * Checks if calling get session is blocked * @private - * @returns {boolean|void} + * @returns {string|null} */ private _isSessionCallBlocked; /** diff --git a/src/identity.js b/src/identity.js index bf7874b..77f1d51 100644 --- a/src/identity.js +++ b/src/identity.js @@ -239,7 +239,7 @@ export class Identity extends EventEmitter { /** * Checks if calling GET session is blocked * @private - * @returns {number|null} + * @returns {string|null} */ _isSessionCallBlocked(){ return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); @@ -581,8 +581,8 @@ export class Identity extends EventEmitter { const _getSession = async () => { const callSessionEndpoint = async () => { try { - // Blocking future calls to session-service. This lock is removed after the response is processed - // to account for redirection that can happen towards session-service too + /* Blocking future calls to session-service. This lock is removed after the response is processed + to account for redirection that can happen towards session-service too */ this._blockSessionCall(); return await this._sessionService.get('/v2/session', {tabId: this._tabId}); @@ -629,6 +629,7 @@ export class Identity extends EventEmitter { return _postProcess(this._session); } + // If blockedAction is defined, do that and return the result, otherwise return null if (blockedAction) { const blockedResult = await blockedAction(); @@ -637,6 +638,8 @@ export class Identity extends EventEmitter { return null; } + + // If session service calls are not blocked, call it const sessionData = await callSessionEndpoint(); return await useSessionResponseIfValid(sessionData); @@ -650,17 +653,16 @@ export class Identity extends EventEmitter { retryCount++; const randomWaitingStep = Math.floor(Math.random() * 9); // ignoring waiting times that are too small to matter const randomWaitTime = MIN_SESSION_CALL_WAIT_TIME + (randomWaitingStep * 100); - await new Promise( resolve => { setTimeout(() =>{ - return resolve(); - }, randomWaitTime)}); + await new Promise( resolve => setTimeout(resolve, randomWaitTime)); + // attempt to call session service, but don't take any action if call is blocked and don't use the result const result = await checkIfSessionCallIsNeededAndSafe(null); if (result) { return result; } } - // exceeded number of attempts, returning old session info + // Exceeded number of attempts, returning old session info if (this._session && this._session.userId) { return this._session; } @@ -726,8 +728,8 @@ export class Identity extends EventEmitter { async isConnected() { try { const data = await this.hasSession(); - // if data is not an object, the promise will fail. - // if the result is present, it's boolean. But if it's not, it should be assumed false. + /* If data is not an object, the promise will fail. + If the result is present, it's boolean. But if it's not, it should be assumed false. */ return !!data.result; } catch (_) { return false; @@ -806,9 +808,9 @@ export class Identity extends EventEmitter { throw new SDKError('externalParty cannot be empty'); } const _toHexDigest = (hashBuffer) =>{ - // convert buffer to byte array + // Convert buffer to byte array const hashArray = Array.from(new Uint8Array(hashBuffer)); - // convert bytes to hex string + // Convert bytes to hex string return hashArray.map(b => b.toString(16).padStart(2, '0')).join(''); } @@ -1006,7 +1008,7 @@ export class Identity extends EventEmitter { prompt = 'select_account', }) { if (typeof arguments[0] !== 'object') { - // backward compatibility + // Backward compatibility state = arguments[0]; acrValues = arguments[1]; scope = arguments[2] || scope; From cc286412a447ba47b90841beffb04350a58665d5 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Wed, 8 May 2024 12:05:16 +0200 Subject: [PATCH 13/18] refactor: whitespace cleanup --- src/identity.js | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/identity.js b/src/identity.js index 77f1d51..0d573d7 100644 --- a/src/identity.js +++ b/src/identity.js @@ -180,7 +180,7 @@ export class Identity extends EventEmitter { env = 'PRE', log, window = globalWindow(), - callbackBeforeRedirect = ()=>{} + callbackBeforeRedirect = () => {} }) { super(); assert(isNonEmptyString(clientId), 'clientId parameter is required'); @@ -197,7 +197,7 @@ export class Identity extends EventEmitter { this.window = window; this.clientId = clientId; this.sessionStorageCache = new Cache(() => this.window && this.window.sessionStorage); - this.localStorageCache = new Cache(() =>this.window && this.window.localStorage); + this.localStorageCache = new Cache(() => this.window && this.window.localStorage); this.redirectUri = redirectUri; this.env = env; this.log = log; @@ -241,7 +241,7 @@ export class Identity extends EventEmitter { * @private * @returns {string|null} */ - _isSessionCallBlocked(){ + _isSessionCallBlocked() { return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); } @@ -250,7 +250,7 @@ export class Identity extends EventEmitter { * @private * @returns {void} */ - _blockSessionCall(){ + _blockSessionCall() { this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, this._tabId, @@ -342,7 +342,7 @@ export class Identity extends EventEmitter { this._globalSessionService = new RESTClient({ serverUrl: urlMapper(url, ENDPOINTS.SESSION_SERVICE), log: this.log, - defaultParams: { client_sdrn, sdk_version: version }, + defaultParams: {client_sdrn, sdk_version: version}, }); } @@ -506,7 +506,7 @@ export class Identity extends EventEmitter { * @returns {void} */ _clearVarnishCookie() { - const baseDomain = this._session && typeof this._session.baseDomain === 'string' + const baseDomain = this._session && typeof this._session.baseDomain === 'string' ? this._session.baseDomain : document.domain; @@ -571,7 +571,7 @@ export class Identity extends EventEmitter { return sessionData; }; - const _checkRedirectionNeed = (sessionData= {}) => { + const _checkRedirectionNeed = (sessionData = {}) => { const sessionDataKeys = Object.keys(sessionData); return sessionDataKeys.length === 1 && @@ -645,7 +645,7 @@ export class Identity extends EventEmitter { return await useSessionResponseIfValid(sessionData); }; - return await checkIfSessionCallIsNeededAndSafe(async ()=> { + return await checkIfSessionCallIsNeededAndSafe(async () => { let retryCount = 0; // Try to call session-service MAX_SESSION_CALL_RETRIES times, waiting up to 1 second each time @@ -653,7 +653,7 @@ export class Identity extends EventEmitter { retryCount++; const randomWaitingStep = Math.floor(Math.random() * 9); // ignoring waiting times that are too small to matter const randomWaitTime = MIN_SESSION_CALL_WAIT_TIME + (randomWaitingStep * 100); - await new Promise( resolve => setTimeout(resolve, randomWaitTime)); + await new Promise(resolve => setTimeout(resolve, randomWaitTime)); // attempt to call session service, but don't take any action if call is blocked and don't use the result const result = await checkIfSessionCallIsNeededAndSafe(null); @@ -804,10 +804,10 @@ export class Identity extends EventEmitter { if (!pairId) throw new SDKError('pairId missing in user session!'); - if(!externalParty || externalParty.length === 0) { + if (!externalParty || externalParty.length === 0) { throw new SDKError('externalParty cannot be empty'); } - const _toHexDigest = (hashBuffer) =>{ + const _toHexDigest = (hashBuffer) => { // Convert buffer to byte array const hashArray = Array.from(new Uint8Array(hashBuffer)); // Convert bytes to hex string @@ -886,6 +886,7 @@ export class Identity extends EventEmitter { return null; } } + /** * If a popup is desired, this function needs to be called in response to a user event (like * click or tap) in order to work correctly. Otherwise the popup will be blocked by the @@ -1136,7 +1137,10 @@ export class Identity extends EventEmitter { }; const loginNotYouHandler = async () => { - this.login(Object.assign(await prepareLoginParams(loginParams), {loginHint: userData.identifier, prompt: 'login'})); + this.login(Object.assign(await prepareLoginParams(loginParams), { + loginHint: userData.identifier, + prompt: 'login' + })); }; const initHandler = () => { From 1144bf1b71550efd31f27875d4a28d0ded92558c Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 10 May 2024 11:50:19 +0200 Subject: [PATCH 14/18] fix: add local storage lock for session service also --- src/identity.d.ts | 5 +++-- src/identity.js | 25 +++++++++++++++++++------ 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/src/identity.d.ts b/src/identity.d.ts index 3f5d026..640aa33 100644 --- a/src/identity.d.ts +++ b/src/identity.d.ts @@ -45,8 +45,9 @@ export class Identity extends TinyEmitter { */ private _getTabId; /** - * Checks if calling get session is blocked + * Checks if calling GET session is blocked by a cache storage * @private + * @param {Cache} cache - cache to check * @returns {string|null} */ private _isSessionCallBlocked; @@ -61,7 +62,7 @@ export class Identity extends TinyEmitter { * @private * @returns {void} */ - private _unblockSessionCall; + private _unblockSessionCallByTab; /** * Set SPiD server URL * @private diff --git a/src/identity.js b/src/identity.js index 0d573d7..5f9e722 100644 --- a/src/identity.js +++ b/src/identity.js @@ -237,12 +237,13 @@ export class Identity extends EventEmitter { } /** - * Checks if calling GET session is blocked + * Checks if calling GET session is blocked by a cache storage * @private + * @param {Cache} cache - cache to check * @returns {string|null} */ - _isSessionCallBlocked() { - return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); + _isSessionCallBlocked(cache) { + return cache.get(SESSION_CALL_BLOCKED_CACHE_KEY); } /** @@ -251,6 +252,14 @@ export class Identity extends EventEmitter { * @returns {void} */ _blockSessionCall() { + // session storage block protects against single tab, multiple identity instance concurrency + this.sessionStorageCache.set( + SESSION_CALL_BLOCKED_CACHE_KEY, + this._tabId, + SESSION_CALL_BLOCKED_TTL + ); + + // local storage block protects against cross-tab concurrency this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, this._tabId, @@ -264,9 +273,11 @@ export class Identity extends EventEmitter { * @returns {void} */ _unblockSessionCallByTab() { - if (this._isSessionCallBlocked() === this._tabId) { + if (this._isSessionCallBlocked(this.localStorageCache) === this._tabId) { this.localStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } + + this.sessionStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } /** @@ -568,6 +579,7 @@ export class Identity extends EventEmitter { this._maybeSetVarnishCookie(sessionData); this._emitSessionEvent(this._session, sessionData); this._session = sessionData; + return sessionData; }; @@ -611,7 +623,7 @@ export class Identity extends EventEmitter { this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); } - return _postProcess(sessionData) + return _postProcess(sessionData); } }; @@ -624,7 +636,7 @@ export class Identity extends EventEmitter { } } - if (this._isSessionCallBlocked()) { + if (this._isSessionCallBlocked(this.sessionStorageCache) || this._isSessionCallBlocked(this.localStorageCache)) { if (this._session && this._session.userId) { return _postProcess(this._session); } @@ -651,6 +663,7 @@ export class Identity extends EventEmitter { // Try to call session-service MAX_SESSION_CALL_RETRIES times, waiting up to 1 second each time while (retryCount < MAX_SESSION_CALL_RETRIES) { retryCount++; + const randomWaitingStep = Math.floor(Math.random() * 9); // ignoring waiting times that are too small to matter const randomWaitTime = MIN_SESSION_CALL_WAIT_TIME + (randomWaitingStep * 100); await new Promise(resolve => setTimeout(resolve, randomWaitTime)); From 356991d4d14f8eec8861cf764267a7c7ab410462 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 10 May 2024 13:49:11 +0200 Subject: [PATCH 15/18] Revert "fix: add local storage lock for session service also" This reverts commit 1144bf1b71550efd31f27875d4a28d0ded92558c. --- src/identity.d.ts | 5 ++--- src/identity.js | 25 ++++++------------------- 2 files changed, 8 insertions(+), 22 deletions(-) diff --git a/src/identity.d.ts b/src/identity.d.ts index 640aa33..3f5d026 100644 --- a/src/identity.d.ts +++ b/src/identity.d.ts @@ -45,9 +45,8 @@ export class Identity extends TinyEmitter { */ private _getTabId; /** - * Checks if calling GET session is blocked by a cache storage + * Checks if calling get session is blocked * @private - * @param {Cache} cache - cache to check * @returns {string|null} */ private _isSessionCallBlocked; @@ -62,7 +61,7 @@ export class Identity extends TinyEmitter { * @private * @returns {void} */ - private _unblockSessionCallByTab; + private _unblockSessionCall; /** * Set SPiD server URL * @private diff --git a/src/identity.js b/src/identity.js index 5f9e722..0d573d7 100644 --- a/src/identity.js +++ b/src/identity.js @@ -237,13 +237,12 @@ export class Identity extends EventEmitter { } /** - * Checks if calling GET session is blocked by a cache storage + * Checks if calling GET session is blocked * @private - * @param {Cache} cache - cache to check * @returns {string|null} */ - _isSessionCallBlocked(cache) { - return cache.get(SESSION_CALL_BLOCKED_CACHE_KEY); + _isSessionCallBlocked() { + return this.localStorageCache.get(SESSION_CALL_BLOCKED_CACHE_KEY); } /** @@ -252,14 +251,6 @@ export class Identity extends EventEmitter { * @returns {void} */ _blockSessionCall() { - // session storage block protects against single tab, multiple identity instance concurrency - this.sessionStorageCache.set( - SESSION_CALL_BLOCKED_CACHE_KEY, - this._tabId, - SESSION_CALL_BLOCKED_TTL - ); - - // local storage block protects against cross-tab concurrency this.localStorageCache.set( SESSION_CALL_BLOCKED_CACHE_KEY, this._tabId, @@ -273,11 +264,9 @@ export class Identity extends EventEmitter { * @returns {void} */ _unblockSessionCallByTab() { - if (this._isSessionCallBlocked(this.localStorageCache) === this._tabId) { + if (this._isSessionCallBlocked() === this._tabId) { this.localStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } - - this.sessionStorageCache.delete(SESSION_CALL_BLOCKED_CACHE_KEY); } /** @@ -579,7 +568,6 @@ export class Identity extends EventEmitter { this._maybeSetVarnishCookie(sessionData); this._emitSessionEvent(this._session, sessionData); this._session = sessionData; - return sessionData; }; @@ -623,7 +611,7 @@ export class Identity extends EventEmitter { this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); } - return _postProcess(sessionData); + return _postProcess(sessionData) } }; @@ -636,7 +624,7 @@ export class Identity extends EventEmitter { } } - if (this._isSessionCallBlocked(this.sessionStorageCache) || this._isSessionCallBlocked(this.localStorageCache)) { + if (this._isSessionCallBlocked()) { if (this._session && this._session.userId) { return _postProcess(this._session); } @@ -663,7 +651,6 @@ export class Identity extends EventEmitter { // Try to call session-service MAX_SESSION_CALL_RETRIES times, waiting up to 1 second each time while (retryCount < MAX_SESSION_CALL_RETRIES) { retryCount++; - const randomWaitingStep = Math.floor(Math.random() * 9); // ignoring waiting times that are too small to matter const randomWaitTime = MIN_SESSION_CALL_WAIT_TIME + (randomWaitingStep * 100); await new Promise(resolve => setTimeout(resolve, randomWaitTime)); From 72932380569d6569c970d7352aefc82dc810b551 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 10 May 2024 13:52:18 +0200 Subject: [PATCH 16/18] fix: do not clear block on Identity initialisation --- src/identity.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/identity.js b/src/identity.js index 0d573d7..ac031b0 100644 --- a/src/identity.js +++ b/src/identity.js @@ -146,7 +146,7 @@ import version from './version.js'; const HAS_SESSION_CACHE_KEY = 'hasSession-cache'; const SESSION_CALL_BLOCKED_CACHE_KEY = 'sessionCallBlocked-cache'; -const SESSION_CALL_BLOCKED_TTL = 1000 * 30; //set to 30s, the default period for a request timeout +const SESSION_CALL_BLOCKED_TTL = 1000 * 15; //set to 15s, to not block calls much longer than the time attempting retries const TAB_ID_KEY = 'tab-id-cache'; const TAB_ID = Math.floor(Math.random() * 100000) @@ -213,7 +213,6 @@ export class Identity extends EventEmitter { this._setBffServerUrl(env); this._setOauthServerUrl(env); this._setGlobalSessionServiceUrl(env); - this._unblockSessionCallByTab(); } /** @@ -568,6 +567,7 @@ export class Identity extends EventEmitter { this._maybeSetVarnishCookie(sessionData); this._emitSessionEvent(this._session, sessionData); this._session = sessionData; + return sessionData; }; @@ -611,7 +611,7 @@ export class Identity extends EventEmitter { this.sessionStorageCache.set(HAS_SESSION_CACHE_KEY, sessionData, expiresIn); } - return _postProcess(sessionData) + return _postProcess(sessionData); } }; From 8bf20dfb3f7346b8d6a24caa0e4e519aaf3a2bb3 Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Fri, 10 May 2024 16:26:12 +0200 Subject: [PATCH 17/18] fix: navigate to session service page after getSession --- src/identity.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/identity.js b/src/identity.js index ac031b0..ea44dc6 100644 --- a/src/identity.js +++ b/src/identity.js @@ -603,7 +603,7 @@ export class Identity extends EventEmitter { await this.callbackBeforeRedirect(); // Doing a return here, to avoid caching the redirect response - return this.window.location.href = this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); + return this._sessionService.makeUrl(sessionData.redirectURL, {tabId: this._getTabId()}); } if (this._enableSessionCaching) { @@ -677,6 +677,10 @@ export class Identity extends EventEmitter { this._hasSessionInProgress = false; this._unblockSessionCallByTab(); + if (isUrl(sessionData)) { + return this.window.location.href = sessionData; + } + return sessionData; }, err => { From 784c923c715799c10bffea936795564d921f3afb Mon Sep 17 00:00:00 2001 From: niculescu-bogdan-constantin Date: Mon, 13 May 2024 09:13:08 +0200 Subject: [PATCH 18/18] fix: unblock session calls after redirect --- src/identity.js | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/identity.js b/src/identity.js index ea44dc6..a9ada92 100644 --- a/src/identity.js +++ b/src/identity.js @@ -674,12 +674,11 @@ export class Identity extends EventEmitter { this._hasSessionInProgress = _getSession() .then( sessionData => { - this._hasSessionInProgress = false; - this._unblockSessionCallByTab(); - if (isUrl(sessionData)) { return this.window.location.href = sessionData; } + this._hasSessionInProgress = false; + this._unblockSessionCallByTab(); return sessionData; },