diff --git a/openmetadata-ui/src/main/resources/ui/src/components/Auth/AppAuthenticators/GenericAuthenticator.tsx b/openmetadata-ui/src/main/resources/ui/src/components/Auth/AppAuthenticators/GenericAuthenticator.tsx index db17673afbc..10a77b5ade8 100644 --- a/openmetadata-ui/src/main/resources/ui/src/components/Auth/AppAuthenticators/GenericAuthenticator.tsx +++ b/openmetadata-ui/src/main/resources/ui/src/components/Auth/AppAuthenticators/GenericAuthenticator.tsx @@ -23,8 +23,12 @@ import { logoutUser, renewToken } from '../../../rest/LoginAPI'; export const GenericAuthenticator = forwardRef( ({ children }: { children: ReactNode }, ref) => { - const { setIsAuthenticated, setIsSigningIn, removeOidcToken } = - useApplicationStore(); + const { + setIsAuthenticated, + setIsSigningIn, + removeOidcToken, + setOidcToken, + } = useApplicationStore(); const history = useHistory(); const handleLogin = () => { @@ -43,6 +47,7 @@ export const GenericAuthenticator = forwardRef( const handleSilentSignIn = async () => { const resp = await renewToken(); + setOidcToken(resp.accessToken); return Promise.resolve(resp); }; diff --git a/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/AuthProvider.tsx b/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/AuthProvider.tsx index 6fce2d818ae..1eea3c5aecf 100644 --- a/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/AuthProvider.tsx +++ b/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/AuthProvider.tsx @@ -316,7 +316,8 @@ export const AuthProvider = ({ const startTokenExpiryTimer = () => { // Extract expiry const { isExpired, timeoutExpiry } = extractDetailsFromToken( - getOidcToken() + getOidcToken(), + clientType ); const refreshToken = getRefreshToken(); diff --git a/openmetadata-ui/src/main/resources/ui/src/utils/AuthProvider.util.ts b/openmetadata-ui/src/main/resources/ui/src/utils/AuthProvider.util.ts index 0fe45edee49..ad47c865338 100644 --- a/openmetadata-ui/src/main/resources/ui/src/utils/AuthProvider.util.ts +++ b/openmetadata-ui/src/main/resources/ui/src/utils/AuthProvider.util.ts @@ -27,13 +27,19 @@ import { } from '../components/Auth/AuthProviders/AuthProvider.interface'; import { ROUTES } from '../constants/constants'; import { EMAIL_REG_EX } from '../constants/regex.constants'; -import { AuthenticationConfiguration } from '../generated/configuration/authenticationConfiguration'; +import { + AuthenticationConfiguration, + ClientType, +} from '../generated/configuration/authenticationConfiguration'; import { AuthProvider } from '../generated/settings/settings'; import { isDev } from './EnvironmentUtils'; export let msalInstance: IPublicClientApplication; -export const EXPIRY_THRESHOLD_MILLES = 5 * 60 * 1000; +// 25s for server auth approch +export const EXPIRY_THRESHOLD_MILLES = 25 * 1000; +// 2 minutes for client auth approch +export const EXPIRY_THRESHOLD_MILLES_PUBLIC = 2 * 60 * 1000; export const getRedirectUri = (callbackUrl: string) => { return isDev() @@ -298,7 +304,10 @@ export const getUrlPathnameExpiryAfterRoute = () => { * @timeoutExpiry time in ms for try to silent sign-in * @returns exp, isExpired, diff, timeoutExpiry */ -export const extractDetailsFromToken = (token: string) => { +export const extractDetailsFromToken = ( + token: string, + clientType = ClientType.Public +) => { if (token) { try { const { exp } = jwtDecode(token); @@ -310,12 +319,14 @@ export const extractDetailsFromToken = (token: string) => { isExpired: false, }; } + const threshouldMillis = + clientType === ClientType.Public + ? EXPIRY_THRESHOLD_MILLES_PUBLIC + : EXPIRY_THRESHOLD_MILLES; const diff = exp && exp * 1000 - dateNow; const timeoutExpiry = - diff && diff > EXPIRY_THRESHOLD_MILLES - ? diff - EXPIRY_THRESHOLD_MILLES - : 0; + diff && diff > threshouldMillis ? diff - threshouldMillis : 0; return { exp,