I’m trying tot make use of refresh tokens in my React SPA. I’ve set things up with localstorage and offline_access to do so. Previously, I would use the below code to call logout()
when the timer sees expiration time was hit, but I was hoping to use refresh tokens. I thought getTokenSilently()
would do that, but it doesn’t seem to – the token
variable stays the same. What am I missing?
// Continually check for login expiration
useEffect(() => {
async function refreshToken() {
const isAuthenticated = await auth0Client.isAuthenticated();
const token = await auth0Client.getTokenSilently();
if (isAuthenticated) {
const claims = await auth0Client.getIdTokenClaims();
const claimsDecoded = await jwt_decode(claims.__raw);
dispatch({
type: 'REFRESH_TOKEN',
payload: {
user: {
token: token,
expires: claimsDecoded.exp,
claims: claims.__raw
}
}
});
} else {
logout();
}
};
const delay = 20000;
const timer = setInterval(() => {
console.log(':: expiration check');
let currentDtm = Math.round((new Date()).getTime() / 1000);
if (state.user) {
const expDtm = state.user.expires;
if (currentDtm >= expDtm) {
console.log(':: SESSION EXPIRED');
clearInterval(timer);
//logout();
refreshToken();
}
} else {
clearInterval(timer);
}
}, delay);
return () => clearInterval(timer);
}, [state.isAuthenticated, state.user]);
I should also note that I send the claims
attribute as the Bearer
token to the API. Does the token within the claims get renewed as well?