Skip to content

poc #388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ruchI9897 wants to merge 7 commits into
base: main
Choose a base branch
from
Open

poc #388

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ef8d648
poc
ruchI9897 Dec 16, 2025
7d82476
token doc update
ruchI9897 Dec 17, 2025
5cd10d2
doc update
ruchI9897 Dec 17, 2025
183de1b
test
ruchI9897 Dec 17, 2025
d4435c9
removed extra check
ruchI9897 Dec 17, 2025
bf87caf
skip validation
ruchI9897 Dec 17, 2025
4daa1d8
added changes
ruchI9897 Dec 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 28 additions & 2 deletions src/authToken.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,42 @@ const storeAuthTokenInCache = (token: string): void => {
storeValueInWindow(cacheAuthTokenKey, token);
};

/**
*
* @param embedConfig
*/
export async function getAuthTokenWithoutCache(embedConfig: EmbedConfig): Promise<string> {
const { authEndpoint, getAuthToken } = embedConfig;

let authToken = null;
if (getAuthToken) {
authToken = await getAuthToken();
} else {
const response = await fetchAuthTokenService(authEndpoint);
authToken = await response.text();
}
try {
// this will throw error if the token is not valid
await validateAuthToken(embedConfig, authToken);
} catch (e) {
logger.error(`${ERROR_MESSAGE.INVALID_TOKEN_ERROR} Error : ${e.message}`);
throw e;
}

storeAuthTokenInCache(authToken);
return authToken;
}

// This method can be used to get the authToken using the embedConfig
/**
*
* @param embedConfig
*/
export async function getAuthenticationToken(embedConfig: EmbedConfig): Promise<string> {
export async function getAuthenticationToken(embedConfig: EmbedConfig, skipvalidation: boolean = false): Promise<string> {
const cachedAuthToken = getCacheAuthToken();
// Since we don't have token validation enabled , we cannot tell if the
// cached token is valid or not. So we will always fetch a new token.
if (cachedAuthToken && !embedConfig.disableTokenVerification) {
if (cachedAuthToken && !embedConfig.disableTokenVerification && !skipvalidation) {
Comment on lines +45 to +49
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The parameter name skipvalidation does not follow the camelCase naming convention used throughout the codebase (e.g., disableTokenVerification, cachedAuthToken). For consistency and better readability, it should be renamed to skipValidation.

Suggested change
export async function getAuthenticationToken(embedConfig: EmbedConfig, skipvalidation: boolean = false): Promise<string> {
const cachedAuthToken = getCacheAuthToken();
// Since we don't have token validation enabled , we cannot tell if the
// cached token is valid or not. So we will always fetch a new token.
if (cachedAuthToken && !embedConfig.disableTokenVerification) {
if (cachedAuthToken && !embedConfig.disableTokenVerification && !skipvalidation) {
export async function getAuthenticationToken(embedConfig: EmbedConfig, skipValidation: boolean = false): Promise<string> {
const cachedAuthToken = getCacheAuthToken();
// Since we don't have token validation enabled , we cannot tell if the
// cached token is valid or not. So we will always fetch a new token.
if (cachedAuthToken && !embedConfig.disableTokenVerification && !skipValidation) {

let isCachedTokenStillValid;
try {
isCachedTokenStillValid = await validateAuthToken(embedConfig, cachedAuthToken, true);
Expand Down
30 changes: 27 additions & 3 deletions src/embed/ts-embed.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import {
UIPassthroughRequest,
} from './hostEventClient/contracts';
import { logger } from '../utils/logger';
import { getAuthenticationToken } from '../authToken';
import { getAuthenticationToken, getAuthTokenWithoutCache } from '../authToken';
import { AnswerService } from '../utils/graphql/answerService/answerService';
import {
getEncodedQueryParamsString,
Expand Down Expand Up @@ -507,6 +507,31 @@ export class TsEmbed {
}
};

/**
* Refresh the auth token if the autoLogin is true and the authType is TrustedAuthTokenCookieless
* @param _
* @param responder
*/
private tokenRefresh = async (_: any, responder: any) => {
const { authType, autoLogin } = this.embedConfig;
const isAutoLoginTrue = autoLogin ?? (authType === AuthType.TrustedAuthTokenCookieless);
if (isAutoLoginTrue && authType === AuthType.TrustedAuthTokenCookieless) {
try {
const authToken = await getAuthTokenWithoutCache(this.embedConfig);
responder({
type: EmbedEvent.RefreshAuthToken,
data: { authToken },
});
} catch (e) {
logger.error(`${ERROR_MESSAGE.INVALID_TOKEN_ERROR} Error : ${e?.message}`);
processAuthFailure(e, this.isPreRendered ? this.preRenderWrapper : this.el);
}
} else if (isAutoLoginTrue) {
handleAuth();
}
notifyAuthFailure(AuthFailureType.EXPIRY);
}

/**
* Sends updated auth token to the iFrame to avoid user logout
* @param _
Expand Down Expand Up @@ -566,12 +591,11 @@ export class TsEmbed {
this.on(EmbedEvent.APP_INIT, this.appInitCb, { start: false }, true);
this.on(EmbedEvent.AuthExpire, this.updateAuthToken, { start: false }, true);
this.on(EmbedEvent.IdleSessionTimeout, this.idleSessionTimeout, { start: false }, true);

const embedListenerReadyHandler = this.createEmbedContainerHandler(EmbedEvent.EmbedListenerReady);
this.on(EmbedEvent.EmbedListenerReady, embedListenerReadyHandler, { start: false }, true);

const authInitHandler = this.createEmbedContainerHandler(EmbedEvent.AuthInit);
this.on(EmbedEvent.AuthInit, authInitHandler, { start: false }, true);
this.on(EmbedEvent.RefreshAuthToken, this.tokenRefresh, { start: false }, true);
};

/**
Expand Down
13 changes: 13 additions & 0 deletions src/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3115,6 +3115,19 @@ export enum EmbedEvent {
* @version SDK: 1.43.0 | ThoughtSpot: 10.15.0.cl
*/
ApiIntercept = 'ApiIntercept',

/**
* @hidden
* Emitted when the auth token is about to get expired and needs to be refreshed.
* @example
* ```js
* embed.on(EmbedEvent.RefreshAuthToken, (payload) => {
* console.log('payload', payload);
* })
* ```
* @version SDK: 1.45.0 | ThoughtSpot: 26.2.0.cl
*/
RefreshAuthToken = 'RefreshAuthToken',
}

/**
Expand Down
Loading
Loading