feat: proactive silent token refresh via setInterval polling#75
Merged
Conversation
Adds interval-based polling to OidcClient that refreshes the access token before it expires, so consumers always have a valid token without needing 401 interceptors or RequireAuth re-mount flashes. Closes #74 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adapters previously typed the config prop as OidcConfig (from core), which excluded client-specific options like autoRefresh and autoRefreshInterval. Changed to OidcClientConfig from oidc-js so TypeScript accepts the full config surface. Bumped all packages to 1.1.2. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fetchProfile is already part of OidcClientConfig. Adapters no longer need to extract it as a separate prop and merge it — they pass config directly to OidcClient, which defaults fetchProfile to true internally. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add autoRefreshInterval localStorage toggle to all 8 e2e apps and a new Proactive Auto-Refresh test that sets a 1s polling interval, simulates token expiry, and verifies the interval fires a refresh without user interaction. Rename login.spec.ts to oidc.spec.ts to reflect the broader scope of the test suite. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The kasper app was still passing fetchProfile as a separate template attribute, but the AuthProvider no longer reads it as a separate arg. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move fetchProfile into the module-level config constant instead of spreading it inline in JSX/template. The inline spread created a new object reference on every render, causing React/Preact's useEffect (which depends on [config]) to re-fire, destroying the authenticated client and creating a new unauthenticated one in a loop. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
setInterval-based proactive token refresh toOidcClientthat renews the access token before it expiresautoRefresh(defaulttrue) andautoRefreshIntervalin seconds (default10)Test plan
autoRefresh: falseCloses #74
🤖 Generated with Claude Code