Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support refresh tokens #18698

Closed
turt2live opened this issue Aug 23, 2021 · 0 comments · Fixed by matrix-org/matrix-react-sdk#7802
Closed

Support refresh tokens #18698

turt2live opened this issue Aug 23, 2021 · 0 comments · Fixed by matrix-org/matrix-react-sdk#7802
Assignees
@turt2live
Labels
Sponsored T-Enhancement Z-Spec-Compliance An area where Element doesn't correctly implement the spec

Comments

@turt2live
Copy link
Member

Your use case

What would you like to do?

Support matrix-org/matrix-spec-proposals#2918

Why would you like to do it?

Because we're meant to be a spec-compliant client and should get ahead of having to deal with the inevitable feature.

How would you like to achieve it?

By implementing the MSC as desired

Have you considered any alternatives?

Not applicable

Additional context

matrix-org/matrix-spec-proposals#2918 has entered FCP which means it'll be eligible for inclusion in the spec in 5 calendar days, assuming nothing major goes wrong.
@SimonBrandner SimonBrandner added the Z-Spec-Compliance An area where Element doesn't correctly implement the spec label Aug 23, 2021
@turt2live turt2live self-assigned this Jan 24, 2022
This was referenced Feb 15, 2022
Closed
Merged
Merged
turt2live added a commit to matrix-org/matrix-react-sdk that referenced this issue Feb 15, 2022
@turt2live
Support refresh tokens (#7802)
8395934 
MSC: matrix-org/matrix-spec-proposals#2918
Fixes element-hq/element-web#18698
Fixes element-hq/element-web#20648
**Requires matrix-org/matrix-js-sdk#2178

**Note**: There's a lot of logging in this PR. That is intentional to ensure that if/when something goes wrong we can chase the exact code path. It does not log any tokens - just where the code is going. Overall, it should be fairly low volume spam (and can be relaxed at a later date).

----

This approach uses indexeddb (through a mutex library) to manage which tab actually triggers the refresh, preventing issues where multiple tabs try to update the token. If multiple tabs update the token then the server might consider the account hacked and hard logout all the tokens.

If for some reason the timer code gets it wrong, or the user has been offline for too long and the token can't be refreshed, they should be sent to a soft logout screen by the server. This will retain the user's encryption state - they simply need to reauthenticate to get an active access token again.

This additionally contains a change to fix soft logout not working, per the issue links above.

Of interest may be the IPC approach which was ultimately declined in favour of this change instead: #7803
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@turt2live turt2live

Labels
Sponsored T-Enhancement Z-Spec-Compliance An area where Element doesn't correctly implement the spec
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support refresh tokens matrix-org/matrix-react-sdk
2 participants
@turt2live @SimonBrandner