Skip to content

Commit 06c5a16

Browse files
docs: address review feedback on IPSIE session expiry examples and test
1 parent 6814d11 commit 06c5a16

2 files changed

Lines changed: 9 additions & 7 deletions

File tree

EXAMPLES.md

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1633,25 +1633,26 @@ exports.onExecutePostLogin = async (event, api) => {
16331633
16341634
### Behavior
16351635
1636-
When the ceiling is reached, `useAuth0()` reflects the expired state on the next render:
1636+
When the ceiling is reached, `useAuth0()` reflects the expired state on the next call to `getAccessTokenSilently`, `getUser`, or `getIdTokenClaims` — there is no background timer or automatic re-check:
16371637
16381638
- `isAuthenticated` becomes `false`
16391639
- `user` becomes `undefined`
16401640
- `getAccessTokenSilently()` returns `undefined` (no error thrown)
16411641
1642-
If your routes are wrapped with `withAuthenticationRequired`, no code changes are required — the state change triggers a redirect to login automatically. Components that call `getAccessTokenSilently()` imperatively (e.g. in a click handler or `useEffect`) need an explicit null check; see [Upgrading existing apps](#upgrading-existing-apps) below.
1642+
If your routes are wrapped with `withAuthenticationRequired`, no code changes are required — the next time a component calls `getAccessTokenSilently` or `getUser`, the state updates and the HOC redirects to login. A user sitting on a page that makes no token or user calls will remain authenticated in the React state until the next such call.
16431643
16441644
```jsx
1645-
// This component already handles the session_expiry ceiling with no changes.
1646-
// When the ceiling passes, isAuthenticated becomes false and the HOC redirects to login.
1645+
// When a token or user call occurs after the ceiling, isAuthenticated becomes false
1646+
// and the HOC redirects to login.
16471647
export default withAuthenticationRequired(Dashboard);
16481648
```
16491649
16501650
### Reading the claim
16511651
1652-
`session_expiry` is a standard ID token claim and is available via `getIdTokenClaims()`:
1652+
`session_expiry` is a standard ID token claim and is available via `getIdTokenClaims()`. Note that `getIdTokenClaims()` returns `undefined` once the ceiling is reached — this is useful for displaying time remaining before expiry, not for detecting expiry itself.
16531653
16541654
```jsx
1655+
import { useEffect } from 'react';
16551656
import { useAuth0 } from '@auth0/auth0-react';
16561657

16571658
function SessionInfo() {

__tests__/auth-provider.test.tsx

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1507,8 +1507,8 @@ describe('Auth0Provider', () => {
15071507
});
15081508
});
15091509

1510-
describe('session_expiry ceiling (IPSIE SL1)', () => {
1511-
it('should return undefined and clear auth state when session ceiling is breached during getAccessTokenSilently', async () => {
1510+
describe('when getTokenSilently returns undefined', () => {
1511+
it('should call getTokenSilently, return undefined, and clear auth state', async () => {
15121512
clientMock.getUser.mockResolvedValue({ sub: '__test_user__', name: 'Test User' });
15131513
const wrapper = createWrapper();
15141514
const { result } = renderHook(() => useAuth0(), { wrapper });
@@ -1523,6 +1523,7 @@ describe('Auth0Provider', () => {
15231523
token = await result.current.getAccessTokenSilently();
15241524
});
15251525

1526+
expect(clientMock.getTokenSilently).toHaveBeenCalled();
15261527
expect(token).toBeUndefined();
15271528
expect(result.current.isAuthenticated).toBe(false);
15281529
expect(result.current.user).toBeUndefined();

0 commit comments

Comments
 (0)