currentSession doesn't check if token is still valid on Solid server.

Question

currentSession doesn't check if token is still valid on Solid server.

jairo-campos-JD opened this issue 5 years ago · 2 comments

Current Functionality: tracksession check if there is a token in the local storage to validate if the user is logging or not.

Possible issue: Apps doesn't know when the token is invalid to redirect the user to log in. We could use 401 response to fix it but we couldn't make a difference between a token or permissions error.

Solution: New functionality to check if the current session(token) is valid on Solid server and make differences when there is an error for permissions or token.

cc: @RubenVerborgh

Answer 1 · 2019-06-20T18:56:58.000Z

Technically currentSession of webid-oidc.js.

Main problem is that token renewal is not implemented in the OIDC libraries we use.

Answer 2 · 2020-06-12T08:33:06.000Z

Interested in this too!

I'm not sure, but token renewal is here where there is no token on the client and we need to get a new one from the servern right?

What if there is still a token on the client but it's not valid anymore on the server? Can we check that?