• Sean Hammond's avatar
    Don't delete the cached OAuth access token · 0e229735
    Sean Hammond authored
    This fixes an issue that, when the client is embedded on a partner site
    using third-party auth:
    
    1. The client reads grant token that the client embeds in their page
       from the page
    2. The oauth-auth service sends a grant token request, receives back an
       access token which it caches
    3. session.js calls oauth-auth's clearCache(), which deletes the access
       token
    4. The next time the access token is needed the oauth-auth sends a
       second grant token request, with the same grant token, and gets a
       second access token
    
    So two grant token requests are sent, when only one was needed, because
    the cached access token is deleted unnecessarily.
    
    The fix is to make clearCache() in oauth-auth a no-op for now. For now
    it never makes sense for oauth-auth to clear its cached access token.
    OAuth is currently only used when the client is embedded in partner
    sites and the grant token is embedded in the page by the client. Since
    the grant token never changes, there's never any reason to clear the
    access token and request a new one using the same grant token again (you
    would just be requesting a new access token for the same user account).
    0e229735
Name
Last commit
Last update
.github Loading commit data...
docs Loading commit data...
images Loading commit data...
scripts Loading commit data...
src Loading commit data...
.eslintignore Loading commit data...
.eslintrc Loading commit data...
.gitignore Loading commit data...
.npmignore Loading commit data...
.npmrc Loading commit data...
.travis.yml Loading commit data...
CHANGELOG.md Loading commit data...
CODE_OF_CONDUCT Loading commit data...
Jenkinsfile Loading commit data...
LICENSE Loading commit data...
Makefile Loading commit data...
README.md Loading commit data...
gulpfile.js Loading commit data...
npm-shrinkwrap.json Loading commit data...
package.json Loading commit data...