Skip to content

Refresh stale IMS access token on collab WebSocket auth failures#937

Merged
chrischrischris merged 5 commits into
mainfrom
imstoken
May 15, 2026
Merged

Refresh stale IMS access token on collab WebSocket auth failures#937
chrischrischris merged 5 commits into
mainfrom
imstoken

Conversation

@chrischrischris
Copy link
Copy Markdown
Contributor

@chrischrischris chrischrischris commented May 14, 2026

getAuthToken now reads window.adobeIMS.getAccessToken() live instead of returning the page-load snapshot that nx's loadIms() captures in onReady. On the collab WebSocket, refresh provider.protocols on connection-close so y-websocket's next reconnect picks up a fresh token without rebuilding the provider; 4403 stops reconnection.

@chrischrischris @claude
Refresh stale IMS access token on collab WebSocket auth failures
ed6fa06 
getAuthToken now reads window.adobeIMS.getAccessToken() live instead of
returning the page-load snapshot that nx's loadIms() captures in onReady.
On the collab WebSocket, refresh provider.protocols on connection-close so
y-websocket's next reconnect picks up a fresh token without rebuilding the
provider; 4403 stops reconnection.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@aem-code-sync
Copy link
Copy Markdown

aem-code-sync Bot commented May 14, 2026
edited
Loading

Hello, I'm the AEM Code Sync Bot and I will run some actions to deploy your branch.
In case there are problems, just click the checkbox below to rerun the respective action.

  • Re-sync branch
Commits

chrischrischris and others added 2 commits May 14, 2026 17:11
@chrischrischris @claude
Stop collab reconnect loop when 4401 cannot be recovered
7df4652 
On a 4401 close, force an imslib refresh and bail (shouldConnect=false) if
the resulting token is null or identical to what we just sent. Avoids
infinite retries when the SSO session is gone or imslib has not rotated
the token, and covers the anonymous-trying-private-doc path.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@chrischrischris @claude
Route signed-in users through IMS sign-in on unrecoverable collab 4401
dd8be66 
When we bail out of the reconnect loop because imslib cannot produce a
usable token, call handleSignIn() so the user is sent through IMS for
re-auth instead of being silently stuck. Mirrors daFetch's 401 behaviour.
Only fires when nx-ims is set, so anonymous users hitting a private doc
are not punted into a sign-in flow they did not ask for.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@chrischrischris @claude
Restore afterEach cleanup of nx-ims localStorage key
8e37443 
The createConnection describe block's afterEach only restored a prior
truthy value, leaving the key in place when a test had populated an
originally-empty slot. handleSignIn writes nx-ims back, so the 4401 bail
tests leaked the key into subsequent test files whose daFetch calls then
crashed in initIms because getNx was unset there.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@chrischrischris chrischrischris merged commit bdc8966 into main May 15, 2026
4 checks passed
@chrischrischris chrischrischris deleted the imstoken branch May 15, 2026 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@auniverseaway auniverseaway auniverseaway approved these changes

+1 more reviewer

@chrissmillar chrissmillar chrissmillar approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chrischrischris @auniverseaway @chrissmillar