标签:getToken Spartacus AuthStorageService expires access token timeout SAP
问题:Where to configure session timeout in Spartacus
答案
我假设您使用 Hybris OAuth 服务器的默认身份验证流程(密码流程)。 在这种情况下,会话长度是通过后台的 OAuth 客户端设置来控制的。
但是,要知道会话何时到期,您可以检查令牌有效负载 (AuthStorageService.getToken)。属性之一是到期时间,可用于了解会话何时实际结束。
Marcin is correct. Spartacus is 100% API driven, interacting with Commerce backend by sending request to configured endpoints. These endpoints require an access token to be sent with the request, and this access token needs to be retrieved by following the Client Credentials Flow that is defined by the OAuth specification.
As long as you log in successfully, you can find access token issued by Commerce backend in Chrome dev tools, application tab -> Local storage as highlighted below:
the field expires_at stores the value of exact date and time when token will be expired.
you can use the code below in console to convert it to human readable string:
new Date(1627660784476).toGMTString();
You can control the token time-to-live value via configuration in backoffice by property: oauth2.accessTokenValiditySeconds
See document for detail:
if you need to code in Spartacus to know when the token will be expired, inject AuthStorageService in your app.module.ts, and then access expires_at property of result returned by getToken method.
export class AppModule {
constructor(private authService: AuthStorageService){
const token: Observable<AuthToken> = this.authService.getToken();
token.subscribe((token) => console.log('expire at:' , token.expires_at));
}
}
更多Jerry的原创文章,尽在:"汪子熙":
标签:getToken,Spartacus,AuthStorageService,expires,access,token,timeout,SAP 来源: https://www.cnblogs.com/sap-jerry/p/15112286.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。