ArcGISIdentityManager token/refreshToken update event

[newmanw]

Describe the problem

I am using the API server side to automate updates to ArcGIS server. In the event the server goes down the ArcGISIdentityManager is stored in the database (serialized), allowing the automated service to setup an ArcGISIdentityManager on startup.

The ArcGISIdentityManager will handle token and refreshToken updates automatically. In such a case I would need to update my datastore. Currently there is no mechanism for a client of the REST API to listen for such changes.

Describe the proposed solution

Event or hook to allow a client to listen for token/refreshToken updates.

Alternatives considered

Currently retrieving ArcGISIdentityManager information on every automated update to detect changes and update my datastore if necessary.

Additional Information

No response

[gavinr-maps]

Thank you for logging this issue @newmanw. Would you be able to post some example code that illustrates the issue that you're referring to?

[newmanw]

@gavinr-maps sure thing, and thanks for the response.

1. User in my app completes ESRI browser based oauth flow.

routes.get('/esri/oauth/signin', async (req, res) => {
  ArcGISIdentityManager.authorize({
    clientId: clientId,
    portal: portal,
    redirectUri:  redirectUri
  }, res)
})

routes.get('/esri/oauth/authenticate', async (req, res) => {
  ArcGISIdentityManager.exchangeAuthorizationCode(creds, code).then(async (identityManager) => {
      const serialized = identityManager.serialize()
      db.saveIdentityManager(serialized)  // save identity manager state in case of server error/shutdown
      res.send(/* send response to client */)
  })
})

2. Background processing of data for auth'ed user

while(true) {
  // Get new data to send to ESRI
  const myFeatureData = getSomeData()
  // Send data to ESRI using SDK request
  const response = await request(url, { authentication: identityManager })
}

This will continue to work as long as the SDK request can refresh the token and/or the refreshToken. If the identityManager is stored only in memory a new token/refreshToken would be lost if the server went down for any reason. As such I am saving the identityManager to a persistent data store. Right now I have to check if the identity managers state changed (tokens) to determine if I should persist, or just persist every time.

while(true) {
  const myFeatureData = getSomeData()
  // Send some features to ESRI using SDK request
  const response = await request(url, { authentication: identityManager })
  // The token/refreshToken might have been updated, resave the identityManager
  const serialized = identityManager.serialize()
  db.saveIdentityManager(serialized)  // save identity manager state in case of server error/shutdown
}

If there was a hook for token updates I would not need to persist every time.

const tokenRefreshed = (identityManager) => {
  const serialized = identityManager.serialize()
  db.saveIdentityManager(serialized)  // save identity manager state in case of server error/shutdown
}
identityManager.onTokenRefresh = tokenRefreshed // handle updates
while(true) {
  const myFeatureData = getSomeData()
  // Send some features to ESRI using SDK request
  const response = await request(url, { authentication: identityManager })
}

[patrickarlt]

@newmanw In fine with this general idea. We already include mitt in the core request package for the Job class so we could use it in the same way to manage events in ArcGISIdentityManager.

Would you be willing to work on a PR? otherwise we could handle this at some point in the future.