Merge pull request #3 from geoblocks/fix_leeway

gberaudo · web-flow · commit d742b5aedd16 · 2024-06-21T10:23:40.000+02:00
Fix leeway
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@geoblocks/oidcjs",
-  "version": "0.5.9",
+  "version": "0.5.10",
   "description": "A simple OpenID Connect client typescript implementation",
   "scripts": {
     "start": "python3 -m http.server 8000 --bind localhost",
@@ -16,7 +16,7 @@
   "main": "lib/index.js",
   "types": "lib/types/index.d.ts",
   "devDependencies": {
-    "@biomejs/biome": "1.7.0",
-    "typescript": "5.4.5"
+    "@biomejs/biome": "1.8.2",
+    "typescript": "5.5.2"
   }
 }
diff --git a/src/code.ts b/src/code.ts
@@ -324,8 +324,11 @@ export class CodeOIDCClient {
     if (!payload) {
       return false;
     }
-    // Add 30 seconds to the expiration time to account for clock skew
-    return payload.exp + 30 > Date.now() / 1000;
+    // Substract 30 seconds to the token expiration time
+    // to eagerly renew the token and give us some margin.
+    // This is necessary to account of clock discrepency between client and server.
+    // Ideally, the server also tolerate some leeway.
+    return payload.exp - 30 > Date.now() / 1000;
   }
 
   async getActiveToken(): Promise<string> {

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@geoblocks/oidcjs",`
`3`		`- "version": "0.5.9",`
	`3`	`+ "version": "0.5.10",`
`4`	`4`	`"description": "A simple OpenID Connect client typescript implementation",`
`5`	`5`	`"scripts": {`
`6`	`6`	`"start": "python3 -m http.server 8000 --bind localhost",`
`@@ -16,7 +16,7 @@`
`16`	`16`	`"main": "lib/index.js",`
`17`	`17`	`"types": "lib/types/index.d.ts",`
`18`	`18`	`"devDependencies": {`
`19`		`- "@biomejs/biome": "1.7.0",`
`20`		`- "typescript": "5.4.5"`
	`19`	`+ "@biomejs/biome": "1.8.2",`
	`20`	`+ "typescript": "5.5.2"`
`21`	`21`	`}`
`22`	`22`	`}`
Original file line number	Diff line number	Diff line change
`@@ -324,8 +324,11 @@ export class CodeOIDCClient {`
`324`	`324`	`if (!payload) {`
`325`	`325`	`return false;`
`326`	`326`	`}`
`327`		`- // Add 30 seconds to the expiration time to account for clock skew`
`328`		`- return payload.exp + 30 > Date.now() / 1000;`
	`327`	`+ // Substract 30 seconds to the token expiration time`
	`328`	`+ // to eagerly renew the token and give us some margin.`
	`329`	`+ // This is necessary to account of clock discrepency between client and server.`
	`330`	`+ // Ideally, the server also tolerate some leeway.`
	`331`	`+ return payload.exp - 30 > Date.now() / 1000;`
`329`	`332`	`}`
`330`	`333`
`331`	`334`	`async getActiveToken(): Promise<string> {`