Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[STCOR-888] Export RTR constants #64

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
+101 −0
Open

[STCOR-888] Export RTR constants #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b26f48e
New GA workflows
ncovercash Sep 9, 2024
eddceeb
Sonar/translations config
ncovercash Sep 9, 2024
3f842b0
[STCOR-888] Export RTR constants
ncovercash Sep 20, 2024
eec1e37
Merge branch 'master' into stcor-888
ncovercash Sep 20, 2024
3e8c82b
update constants to match stcor
ncovercash Sep 25, 2024
08c8c5a
Merge branch 'master' into stcor-888
ncovercash Oct 3, 2024
20f13a9
Merge branch 'master' into stcor-888
ncovercash Oct 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions core/index.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,3 +41,5 @@ export const supportedNumberingSystems: any;
export const userLocaleConfig: any;
export const queryLimit: any;
export const init: any;

export * as RTR_CONSTANTS from './src/components/Root/constants';
99 changes: 99 additions & 0 deletions core/src/components/Root/constants.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
/** dispatched during RTR when it is successful */
export const RTR_SUCCESS_EVENT: string;

/** dispatched during RTR if RTR itself fails */
export const RTR_ERROR_EVENT: string;

/** dispatched by ui-developer to force a token rotation */
export const RTR_FORCE_REFRESH_EVENT: string;

/**
* dispatched if the session is idle (without activity) for too long
*/
export const RTR_TIMEOUT_EVENT: string;

/** dispatched when the fixed-length session is about to end */
export const RTR_FLS_WARNING_EVENT: string;

/** dispatched when the fixed-length session ends */
export const RTR_FLS_TIMEOUT_EVENT: string;

/**
* how long is the FLS warning visible?
* When a fixed-length session expires, the session ends immediately and the
* user is forcibly logged out. This interval describes how much warning they
* get before the session ends.
*
* overridden in stripes.configs.js::config.rtr.fixedLengthSessionWarningTTL
* value must be a string parsable by ms()
*/
export const RTR_FLS_WARNING_TTL: string;

/** BroadcastChannel for cross-window activity pings */
export const RTR_ACTIVITY_CHANNEL: string;

/**
* how much of a token's lifespan can elapse before it is considered expired?
* For the AT, we want a very safe margin because we don't ever want to fall
* off the end of the AT since it would be a very misleading failure given
* the RT is still good at that point. Since rotation happens in the background
* (i.e. it isn't a user-visible feature), rotating early has no user-visible
* impact.
* overridden in stripes.config.js::config.rtr.rotationIntervalFraction.
*/
export const RTR_AT_TTL_FRACTION: number;

/**
* events that constitute "activity" and will prolong the session.
* overridden in stripes.config.js::config.rtr.activityEvents.
*/
export const RTR_ACTIVITY_EVENTS: string[];

/**
* how long does an idle session last?
* When this interval elapses without activity, the session will end and
* the user will be signed out. This value must be shorter than the RT's TTL,
* otherwise the RT will expire while the session is still active, leading to
* a problem where the session appears to be active because the UI is available
* but the first action that makes and API request (which will fail with an
* RTR error) causes the session to end.
*
* overridden in stripes.configs.js::config.rtr.idleSessionTTL
* value must be a string parsable by ms()
*/
export const RTR_IDLE_SESSION_TTL: string;

/**
* how long is the "keep working?" modal visible
* This interval describes how long the "keep working?" modal should be
* visible before the idle-session timer expires. For example, if
* RTR_IDLE_SESSION_TTL is set to "60m" and this value is set to "1m",
* then the modal will be displayed after 59 minutes of inactivity and
* be displayed for one minute.
*
* overridden in stripes.configs.js::config.rtr.idleModalTTL
* value must be a string parsable by ms()
*/
export const RTR_IDLE_MODAL_TTL: string;

/**
* When resuming an existing session but there is no token-expiration
* data in the session, we can't properly schedule RTR.
* 1. the real expiration data is in the cookie, but it's HTTPOnly
* 2. the resume-session API endpoint, _self, doesn't include
* token-expiration data in its response
* 3. the session _should_ contain a value, but maybe the session
* was corrupt.
* Given the resume-session API call succeeded, we know the tokens were valid
* at the time so we punt and schedule rotation in the very near future because
* the rotation-response _will_ contain token-expiration values we can use to
* replace these.
*/
export const RTR_AT_EXPIRY_IF_UNKNOWN: string;
export const RTR_RT_EXPIRY_IF_UNKNOWN: string;

/**
* To account for minor delays between events (such as cookie expiration and API calls),
* this is a small amount of time to wait so the proper order can be ensured if they happen simultaneously.
*/
export const RTR_TIME_MARGIN_IN_MS: number;
Loading