Skip to content

use user Profile instead of user#4005

Open
ghazwarhili wants to merge 25 commits into
mainfrom
cleanup-apache-config-requests
Open

use user Profile instead of user#4005
ghazwarhili wants to merge 25 commits into
mainfrom
cleanup-apache-config-requests

Conversation

@ghazwarhili

@ghazwarhili ghazwarhili commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

PR Summary

Context

On every OIDC silent renew, oidc-client-ts loads /silent-renew-callback inside a
hidden iframe. Because index.tsx always rendered <AppWrapper />, the entire
application was bootstrapped inside that iframe just to end up calling
signinSilentCallback(): Redux store, IntlProvider and all translations,
AG Grid registration, MUI theme, SnackbarProvider and NotificationsProvider.
NotificationsProvider additionally fetched env.json and opened a notification
WebSocket on each renewal — all of it pure overhead repeated at every token refresh.

Changes

  • index.tsx: branch on the pathname before rendering. On /silent-renew-callback
    render a new lightweight SilentRenewApp; otherwise render <AppWrapper /> as before.
  • New components/silent-renew-app.tsx: rebuilds the UserManager via
    initializeAuthenticationProd(..., isSilentRenew=true, ...) (same settings, same
    localStorage state store, same Azure authority hack as the parent) and completes
    the flow through commons-ui's SilentRenewCallbackHandler.
  • utils/rest-api.ts: fetchIdpSettings now caches the result in localStorage;
    added getCachedIdpSettings, used only by the silent-renew path, which reads that
    cache (no network) and falls back to a real fetch if it is missing/corrupted.

Result

Inside the silent-renew iframe, requests go from a full SPA boot
(idpSettings.json + env.json + WebSocket + app bundle execution) down to a
single POST /token — the actual token exchange. No more spurious WebSocket
reconnections triggered by the renewal iframe.

Testing

  • Open the app, let a silent renew happen (or wait for token expiry).
  • In the Network tab, confirm the iframe no longer fetches env.json, no longer
    re-fetches idpSettings.json, and does not open a WebSocket — only POST /token remains.
  • Confirm the user stays logged in across renewals and that the parent app's
    notification WebSocket is not reconnected on each cycle.

@coderabbitai

coderabbitai Bot commented Jun 8, 2026

Copy link
Copy Markdown

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

This PR migrates the app entrypoint from src/index.jsx to src/index.tsx, adding a route-based conditional that renders a new SilentRenew authentication component for the silent-renew callback path, and loads the main app via dynamic imports otherwise. IdP settings fetching gains localStorage caching support, and new TypeScript ambient module declarations plus a dependency bump were added.

Changes

Silent Renew Auth Flow and Entrypoint Migration

Layer / File(s) Summary
IdP settings cache helpers
src/services/utils.ts
Adds IDP_SETTINGS_CACHE_KEY, types fetchIdpSettings() to return Promise<IdpSettings> and persist results to localStorage, and adds getCachedIdpSettings() which reads/parses cached settings and falls back to a network fetch on miss or failure.
SilentRenew component
src/components/silent-renew.tsx
New component that initializes silent-renew authentication on mount using cached IdP settings, stores the resulting UserManager in state, logs init failures, and renders SilentRenewCallbackHandler with a memoized callback.
TSX entrypoint and runtime support
src/index.tsx, src/index.jsx, index.html, src/module-core-js-array-flat-map.d.ts, src/module-typeface-roboto.d.ts, package.json
Replaces src/index.jsx with src/index.tsx, which creates the React 18 root, renders SilentRenew when the pathname matches the silent-renew callback path, otherwise concurrently loads polyfill/font/CSS/config dependencies before rendering AppWrapper; index.html is updated to reference the new module; ambient type declarations for core-js flat-map and typeface-roboto are added; commons-ui dependency is bumped to 0.237.0.

Sequence Diagram(s)

sequenceDiagram
  participant Browser
  participant EntryPoint as index.tsx
  participant SilentRenew
  participant AppWrapper

  Browser->>EntryPoint: load /src/index.tsx
  EntryPoint->>EntryPoint: check pathname.endsWith(SILENT_RENEW_CALLBACK_PATH)
  alt silent-renew callback path
    EntryPoint->>SilentRenew: render SilentRenew
    SilentRenew->>SilentRenew: initializeAuthenticationProd(cached IdP settings)
    SilentRenew-->>SilentRenew: store UserManager, invoke handleSilentRenewCallback
  else other path
    EntryPoint->>EntryPoint: Promise.all(polyfill, font, CSS, config, app-wrapper)
    EntryPoint->>AppWrapper: render AppWrapper
  end
Loading

Suggested reviewers: flomillot

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title refers to changing a user profile, but the PR actually rewires silent renew bootstrapping and IdP settings caching. Rename the PR to describe the silent-renew iframe optimization and IdP settings caching, e.g. "Optimize silent renew iframe bootstrapping".
Docstring Coverage ⚠️ Warning Docstring coverage is 28.57% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (3 passed)
Check name Status Explanation
Description check ✅ Passed The description matches the silent-renew bootstrap and IdP settings caching changes in the diff.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint install failed. For unrecoverable errors, disable the tool in CodeRabbit configuration.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

🧹 Nitpick comments (1)
src/components/silent-renew-app.tsx (1)

30-34: 💤 Low value

Simplify the callback - the null check is redundant.

Since handleSilentRenewCallbackClosure is recreated whenever userManager changes (it's in the dependency array), the null check on line 31 will never be true when the callback is invoked after userManager is set. You can either remove the check or pass userManager directly to the handler.

♻️ Proposed simplification

Option 1: Remove the null check

 const handleSilentRenewCallbackClosure = useCallback(() => {
-    if (userManager) {
-        handleSilentRenewCallback(userManager);
-    }
+    handleSilentRenewCallback(userManager!);
 }, [userManager]);

Option 2: Keep it defensive and clear

The current implementation is defensive and readable. If you prefer safety over minor optimization, the existing code is fine.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/components/silent-renew-app.tsx` around lines 30 - 34, The null check on
userManager inside the handleSilentRenewCallbackClosure callback is redundant
because userManager is included in the dependency array, ensuring the callback
is only recreated when userManager changes and will always be defined when the
callback executes. Remove the if (userManager) condition and directly call
handleSilentRenewCallback(userManager) to simplify the code while maintaining
the same behavior.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/components/parameters-tabs.tsx`:
- Around line 448-454: The NetworkVisualizationParametersInline component is
receiving a userProfile prop but expects a prop named user according to its type
definition. Locate the NetworkVisualizationParametersInline component invocation
and rename the userProfile prop to user, changing userProfile={userProfile} to
user={userProfile} to ensure the component receives the user prop correctly.
- Around line 99-103: The custom equality function in the useSelector hook for
userProfile contains a redundant check for the `profile` field which does not
exist on the UserProfile type, and only checks four specific fields, missing
other OIDC standard claims that could change. Fix this by removing the
`a?.profile === b?.profile` check from the equality comparison, and either
remove the custom equality function entirely to rely on default shallow
comparison, or replace it with logic that properly compares the complete
userProfile object including all OIDC claims that should trigger re-renders.

In `@src/index.tsx`:
- Line 15: The pathname check using endsWith is too permissive and will match
any path ending with the suffix, potentially matching unintended routes. Replace
the endsWith comparison in the window.location.pathname condition with an exact
path match using strict equality (===) to ensure only the exact route
'/silent-renew-callback' triggers the silent-renew-callback component, not other
routes that happen to end with that string.

In `@src/services/utils.ts`:
- Around line 54-61: The fetchIdpSettings() function does not handle errors when
calling localStorage.setItem(), which throws a DOMException in private browsing
mode or restrictive environments, causing the promise to reject. Wrap the
localStorage.setItem call in a try-catch block within the second .then() handler
to gracefully handle the DOMException. In the catch block, log the error but
continue execution and still return the settings, ensuring the function
completes successfully even when localStorage is unavailable.
- Around line 65-75: The getCachedIdpSettings function's try-catch block only
wraps the JSON.parse call, but localStorage.getItem can throw errors in
restrictive environments. Move the localStorage.getItem(IDP_SETTINGS_CACHE_KEY)
call inside the try-catch block so that any exceptions from getItem are also
caught and handled. This ensures the function gracefully falls back to
fetchIdpSettings() when localStorage is unavailable or throws an error, not just
when the JSON parsing fails.

---

Nitpick comments:
In `@src/components/silent-renew-app.tsx`:
- Around line 30-34: The null check on userManager inside the
handleSilentRenewCallbackClosure callback is redundant because userManager is
included in the dependency array, ensuring the callback is only recreated when
userManager changes and will always be defined when the callback executes.
Remove the if (userManager) condition and directly call
handleSilentRenewCallback(userManager) to simplify the code while maintaining
the same behavior.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 08c7c860-f8c1-4fdc-ae75-d69a47f8e052

📥 Commits

Reviewing files that changed from the base of the PR and between 039e719 and e4dd15c.

📒 Files selected for processing (7)
  • index.html
  • src/components/parameters-tabs.tsx
  • src/components/silent-renew-app.tsx
  • src/index.jsx
  • src/index.tsx
  • src/services/utils.ts
  • src/vite-env.d.ts
💤 Files with no reviewable changes (1)
  • src/index.jsx

Comment thread src/components/parameters-tabs.tsx
Comment thread src/components/parameters-tabs.tsx
Comment thread src/index.tsx Outdated
Comment thread src/services/utils.ts
Comment thread src/services/utils.ts

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has totally checked 860 files.

Valid Invalid Ignored Fixed
812 1 47 0
Click to see the invalid file list
  • silent-renew-callback.html

Comment thread silent-renew-callback.html Outdated
Comment thread src/vite-env.d.ts Outdated
Comment thread src/components/silent-renew-app.tsx Outdated
Comment thread src/components/silent-renew.tsx
Comment thread src/index.tsx Outdated
Comment thread src/index.tsx Outdated
@ghazwarhili ghazwarhili requested a review from etiennehomer June 24, 2026 12:54

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

♻️ Duplicate comments (1)
src/index.tsx (1)

15-17: 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Use exact callback-path matching at Line 15.

endsWith(...) can incorrectly match unrelated routes (for example, nested paths ending in the same suffix). Match the callback route exactly.

Suggested fix
-if (globalThis.location.pathname.endsWith(SILENT_RENEW_CALLBACK_PATH)) {
+if (globalThis.location.pathname === SILENT_RENEW_CALLBACK_PATH) {
     root.render(<SilentRenew />);
 } else {
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/index.tsx` around lines 15 - 17, The route check in the top-level render
logic currently uses endsWith on globalThis.location.pathname, which can
incorrectly treat unrelated nested paths as the callback route. Update the
SilentRenew routing condition in src/index.tsx to perform an exact pathname
match against SILENT_RENEW_CALLBACK_PATH, and keep the existing
root.render(<SilentRenew />) branch unchanged while preserving the rest of the
entrypoint logic.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/index.tsx`:
- Around line 18-28: The startup import chain in index.tsx currently ends after
Promise.all(...).then(...) without handling failures, so add a terminal catch to
the Promise chain around the dynamic imports and AppWrapper render. Update the
bootstrap flow so any rejection from Promise.all or the subsequent
import('./components/app-wrapper') is handled in one place, with a visible
failure path such as logging the error and/or surfacing it clearly instead of
leaving an unhandled rejection.

---

Duplicate comments:
In `@src/index.tsx`:
- Around line 15-17: The route check in the top-level render logic currently
uses endsWith on globalThis.location.pathname, which can incorrectly treat
unrelated nested paths as the callback route. Update the SilentRenew routing
condition in src/index.tsx to perform an exact pathname match against
SILENT_RENEW_CALLBACK_PATH, and keep the existing root.render(<SilentRenew />)
branch unchanged while preserving the rest of the entrypoint logic.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 91d0ad25-4ceb-4eb6-a532-5038fb867784

📥 Commits

Reviewing files that changed from the base of the PR and between 782e607 and 445ac89.

📒 Files selected for processing (1)
  • src/index.tsx

Comment thread src/index.tsx Outdated
@sonarqubecloud

Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Around line 14-15: The dependency entry is malformed and causes npm to reject
the manifest: in package.json, fix the corrupted `@grgit` idsuite/commons-ui key
to the valid `@gridsuite/commons-ui` name, and make sure the version for
`@gridsuite/commons-ui` matches the intended bump to 0.237.0 rather than 0.240.0.
Keep only the correctly named dependency entry so npm install/npm ci can parse
the package manifest successfully.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 81516c88-1740-4a3c-b1be-f68e352b87c7

📥 Commits

Reviewing files that changed from the base of the PR and between 445ac89 and 7b9e186.

📒 Files selected for processing (2)
  • package.json
  • src/index.tsx
🚧 Files skipped from review as they are similar to previous changes (1)
  • src/index.tsx

Comment thread package.json
Comment on lines +14 to 15
"@grgit idsuite/commons-ui": "0.237.0",
"@gridsuite/commons-ui": "0.240.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🔴 Critical | ⚡ Quick win

Malformed dependency key breaks npm install.

Line 14 declares "@GRGit idsuite/commons-ui" — an invalid npm package name (contains a space, likely a corrupted rename of @gridsuite/commons-ui). npm package names must match a strict pattern (no spaces), so npm install/npm ci will fail. Additionally, line 15 already declares the real @gridsuite/commons-ui dependency but pinned to 0.240.0, which conflicts with the PR objective stating the version bump is to 0.237.0.

This looks like a bad merge/diff artifact rather than an intentional change.

🐛 Proposed fix
-        "`@grgit` idsuite/commons-ui": "0.237.0",
-        "`@gridsuite/commons-ui`": "0.240.0",
+        "`@gridsuite/commons-ui`": "0.237.0",
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"@grgit idsuite/commons-ui": "0.237.0",
"@gridsuite/commons-ui": "0.240.0",
"`@gridsuite/commons-ui`": "0.237.0",
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` around lines 14 - 15, The dependency entry is malformed and
causes npm to reject the manifest: in package.json, fix the corrupted `@grgit`
idsuite/commons-ui key to the valid `@gridsuite/commons-ui` name, and make sure
the version for `@gridsuite/commons-ui` matches the intended bump to 0.237.0
rather than 0.240.0. Keep only the correctly named dependency entry so npm
install/npm ci can parse the package manifest successfully.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants