Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FEAT: Federated connections #1879

Open
wants to merge 1 commit into
base: v4-backup
Choose a base branch
from
Open

FEAT: Federated connections #1879

wants to merge 1 commit into from

Conversation

tusharpandey13
Copy link
Contributor

@tusharpandey13 tusharpandey13 commented Feb 2, 2025
edited
Loading

WIP

  • Moved authentication server metadata discovery to a separate stateful class for use in both authentication and FC exchange methods; this maintains an in-memory cache of metadata.
  • Added a getFCAT method with checks for existing FCATs and writeback to the session store.
  • Moved encrypted cookie read and write logic to a dedicated storage layer, abstracting session store methods.
  • Implemented FC exchange functionality.
  • Created a class to handle FCAT serialization/deserialization, including cookie storage logic.
  • Added logic to serialize/deserialize FCATs along with session data to the cookie store.
  • Added a federatedConnectiontMap property.

Please see comments below

tusharpandey13
tusharpandey13 commented Feb 9, 2025
View reviewed changes
src/server/cookies.ts Outdated Show resolved Hide resolved
frederikprijck
frederikprijck suggested changes Feb 10, 2025
View reviewed changes
src/server/auth-client.ts Outdated Show resolved Hide resolved
src/server/auth-client.ts Outdated Show resolved Hide resolved
src/server/auth-client.ts Outdated Show resolved Hide resolved
src/server/auth-client.ts Outdated Show resolved Hide resolved
src/server/auth-client.ts Outdated Show resolved Hide resolved
src/server/authServerMetadata.ts Outdated Show resolved Hide resolved
src/server/client.ts
}
}
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's ensure we test that this works fine in all cases (Server Component, Pages, App, ...), both for access tokens and federated connection access tokens.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, will ensure this works across all cases. Will also update unit tests.

src/server/client.ts Outdated Show resolved Hide resolved
src/server/client.ts Outdated Show resolved Hide resolved
src/server/client.ts Outdated Show resolved Hide resolved
frederikprijck
frederikprijck suggested changes Feb 11, 2025
View reviewed changes
src/server/authServerMetadata.ts Outdated Show resolved Hide resolved
@tusharpandey13
Federated connections implementation from ciamshrek
54b17fe 
simplify session stores, add documentation
FCAT implementation update
remove readonly qualifiers
remove extra docs from abstract session store
revert stateful session store changes
remove use of audience for caching FCATs, add wrapper method in auth-clint.ts to avoid passing this.clientAuth callback to federatedConnectionsTokenExchange and instead pass a concrete value; linting fixes; remove redundant code as pointed out in review
revert uses of nullish coalescing operator
move existing tokenset check logic to within exchange code
fix: compilation issues
fix: ensure we await setSessionStore
fix: decrypt cookie using secret
fix: return undefined from findFederatedToken when no token in cache
fix: ensure token expiresAt is checked correctly
linting changes
changed field and method names to be more descriptive
improved jsdocs
@tusharpandey13 tusharpandey13 mentioned this pull request Feb 12, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frederikprijck frederikprijck frederikprijck requested changes

Assignees

@gyaneshgouraw-okta gyaneshgouraw-okta

@nandan-bhat nandan-bhat

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tusharpandey13 @frederikprijck @gyaneshgouraw-okta @nandan-bhat