-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Detect JWT expiration in token values and prompt user if expired #3174
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3174 +/- ##
==========================================
- Coverage 92.81% 92.80% -0.01%
==========================================
Files 113 113
Lines 11672 11694 +22
Branches 2463 2598 +135
==========================================
+ Hits 10833 10853 +20
- Misses 837 839 +2
Partials 2 2 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
adfcd73
to
1c91184
Compare
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
1c91184
to
fbbb98c
Compare
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
📅 Suggested merge-by date: 10/17/2024 |
Signed-off-by: Trae Yelovich <trae.yelovich@broadcom.com>
Failing stage |
Tried it out. Looks great. |
Quality Gate passedIssues Measures |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the functionality LGTM! 😋
requesting changes to prevent this PR from being merged before we publish 3.0.1 😅
const fullToken = tokenValueProp.argValue.toString(); | ||
// JWT format: [header].[payload].[signature] | ||
const tokenParts = fullToken.split("."); | ||
try { | ||
const payloadJson = JSON.parse(Buffer.from(tokenParts[1], "base64url").toString("utf8")); | ||
if ("exp" in payloadJson) { | ||
const expireDate = dayjs.unix(payloadJson.exp); | ||
if (expireDate.isBefore(dayjs())) { | ||
await AuthUtils.promptUserForSsoLogin(profileName); | ||
} | ||
} | ||
} catch (err) { | ||
return; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Curious if this should be moved to the SDKs 😅
Or at least be made available to extenders 😅
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like the idea of moving it to the SDKs so anyone can leverage this - thanks for the suggestion! I moved this function implementation into Imperative's ProfileInfo
class.
Here is the PR: zowe/zowe-cli#2298
Once that's approved & merged, we can adopt it in this PR - this would mean that extenders also get access to it directly from the facility that they already use for profiles ^^
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, @traeok. Had one question on the changelog.
@@ -6,6 +6,8 @@ All notable changes to the "vscode-extension-for-zowe" extension will be documen | |||
|
|||
### New features and enhancements | |||
|
|||
- Added expired JWT token detection for profiles in each tree view (Data Sets, USS, Jobs). When a user performs a search on a profile, they are prompted to log in if their token expired. [#3175](https://github.com/zowe/zowe-explorer-vscode/issues/3175) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we spell out JWT?
Proposed changes
Implements JWT expiration checks for profiles using a token for authentication.
How to test
Release Notes
Milestone: 3.1.0
Changelog:
Types of changes
Checklist
General
yarn workspace vscode-extension-for-zowe vscode:prepublish
pnpm --filter vscode-extension-for-zowe vscode:prepublish
Code coverage
Deployment