FFM-11972 Add authRequestReadTimeout option#135
Merged
erdirowlands merged 6 commits intomainfrom Sep 3, 2024
Merged
Conversation
erdirowlands
commented
Sep 2, 2024
| ); | ||
| ``` | ||
|
|
||
| ## API Middleware |
Contributor
Author
There was a problem hiding this comment.
Deciding to document this here, mainly to show users that they can use this to timeout the remaining SDK requests like evaluations / metrics
erdirowlands
force-pushed
the
FFM-11972
branch
from
a05c804 to
07e61bf
Compare
erdirowlands
commented
Sep 2, 2024
src/index.ts
Outdated
| try { | ||
| const response = await fetch(url, requestOptions) | ||
|
|
||
| if (!response.ok) { |
Contributor
Author
There was a problem hiding this comment.
We never checked the response was successful before. We relied on flakey behaviour of parsing the JWT token which would result in an invalid token exception logged as the reason. We now get to see the actual http error.
erdirowlands
force-pushed
the
FFM-11972
branch
from
54e73ca to
7e1b72e
Compare
github-merge-queue bot
referenced
this pull request
in open-feature/playground
Sep 12, 2024
…1.28.0 (#372) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@harnessio/ff-javascript-client-sdk](https://redirect.github.com/harness/ff-javascript-client-sdk) | [`1.26.2` -> `1.28.0`](https://renovatebot.com/diffs/npm/@harnessio%2fff-javascript-client-sdk/1.26.2/1.28.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>harness/ff-javascript-client-sdk (@​harnessio/ff-javascript-client-sdk)</summary> ### [`v1.28.0`](https://redirect.github.com/harness/ff-javascript-client-sdk/releases/tag/1.28.0) [Compare Source](https://redirect.github.com/harness/ff-javascript-client-sdk/compare/1.27.0...1.28.0) #### What's Changed Enhancements: FFM-11972 Add`authRequestReadTimeout` config option - see [readme](https://redirect.github.com/harness/ff-javascript-client-sdk/blob/main/README.md#authentication-request-timeout) for further information and how to enable [@​erdirowlands](https://redirect.github.com/erdirowlands) in [https://github.com/harness/ff-javascript-client-sdk/pull/135](https://redirect.github.com/harness/ff-javascript-client-sdk/pull/135) Bug fixes FFM-11972 If authentication fails the the correct error will be logged instead of `Invalid Token` by [@​erdirowlands](https://redirect.github.com/erdirowlands) in [https://github.com/harness/ff-javascript-client-sdk/pull/135](https://redirect.github.com/harness/ff-javascript-client-sdk/pull/135) **Full Changelog**: harness/ff-javascript-client-sdk@1.27.0...1.28.0 ### [`v1.27.0`](https://redirect.github.com/harness/ff-javascript-client-sdk/releases/tag/1.27.0) [Compare Source](https://redirect.github.com/harness/ff-javascript-client-sdk/compare/1.26.3...1.27.0) #### What's Changed ##### Enhancements: - FFM-11788 Add `maxStreamRetries` config option by [@​erdirowlands](https://redirect.github.com/erdirowlands) in [https://github.com/harness/ff-javascript-client-sdk/pull/126](https://redirect.github.com/harness/ff-javascript-client-sdk/pull/126) If retries are exhausted, one of two states can occur: 1. If Polling is enabled, the SDK will remain in polling mode and no further streaming reconnection attempts will be made. The default polling option, if not supplied, is whatever the streamingEnabled value is. or 2. If polling is disabled, the SDK will not get any further evaluation updates for the remainder of the SDK client instance's life. The SDK will need re-initialised, e.g the app being restarted, to get new evaluations in this state. ##### Bug fixes FFM-11852 Fixes an edge case where if the stream disconnects and resumes during a request made by the fallback poller (60 seconds later), the fallback poller will not be disabled and will continue polling for the lifetime of the SDK instance by [@​erdirowlands](https://redirect.github.com/erdirowlands) in [https://github.com/harness/ff-javascript-client-sdk/pull/131](https://redirect.github.com/harness/ff-javascript-client-sdk/pull/131) **Full Changelog**: harness/ff-javascript-client-sdk@1.26.3...1.27.0 ### [`v1.26.3`](https://redirect.github.com/harness/ff-javascript-client-sdk/releases/tag/1.26.3) [Compare Source](https://redirect.github.com/harness/ff-javascript-client-sdk/compare/1.26.2...1.26.3) #### What's Changed - Maintenance: Patches the following CVEs - GHSA-3h5v-q93c-6h6q - GHSA-grv7-fg5c-xmjg [https://github.com/harness/ff-javascript-client-sdk/pull/127](https://redirect.github.com/harness/ff-javascript-client-sdk/pull/127)pull/127 by [@​erdirowlands](https://redirect.github.com/erdirowlands) **Full Changelog**: harness/ff-javascript-client-sdk@1.26.2...1.26.3 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-feature/playground). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC43NC4xIiwidXBkYXRlZEluVmVyIjoiMzguNzQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsicmVub3ZhdGUiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds configuration option
authRequestReadTimeoutwhich allows users to specify a timeout for the authentication request made by the SDK. The default value is0(to keep backwards compatability) which means no timeout will occur. If set to a value greater than0, the request will abort. An error will be logged and theERROR_AUTHandERRORevents will be emitted.For older browsers (prior to 2016) which do not support the
AbortController; ifauthRequestReadTimeoutis configured the auth request will proceed without a timeout and a warning will be logged.Also patches GHSA-952p-6rrq-rcjv. This is found in
micromatchwhich is used by dev dependencies and not shipped to users.Testing
Using a local proxy tool to simulate network delays:
Default (
authRequestReadTimeoutnot supplied meaning no timeout):Configured timeout: