The project I am currently working on has this configuration:
auth: {
silentRenew: true,
maxIdTokenIatOffsetAllowedInSeconds: 700,
useRefreshToken: true,
renewTimeBeforeTokenExpiresInSeconds: 60,
}
I think by setting silentRenew and useRefreshToken to true, it would automatically extend the session.
But how do they actually work behind the scene?
I am currently trying to implement a function where a modal will pop up when the session time is 5 mins left.
How I was observing my session expire time:
- After the user got the token, I call a check token method:
- In the check token method, I basically just console.log the current time and expired time
this.oidcSecurityService.isAuthenticated$.subscribe(() => {
this.token = this.oidcSecurityService.getToken();
this.checkTokenExpired(this.token);
});
checkTokenExpired( tokenId: String) {
setInterval( () => {
const currentTime = (new Date).getTime();
const expireSessionTime = (JSON.parse(atob(tokenId.split('.')[1]))).exp * 1000;
const exp= new Date(expireSessionTime);
const cur = new Date(currentTime);
console.log('cur', cur);
console.log('exp', exp);
}, 10000);
}
However, after the session time expired, the session is still working and user can still interact with the App.
So I assume that the silentRenew and useRefresh token renew the session behind the scene.
But when did it renew the session and how can I catch that so I can get the renewed session expire time?