@glrs-dev/assume 0.10.3 → 0.10.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +24 -0
- package/package.json +5 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,29 @@
|
|
|
1
1
|
# @glrs-dev/assume
|
|
2
2
|
|
|
3
|
+
## 0.10.4
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- [#273](https://github.com/iceglober/glrs/pull/273) [`a3728ef`](https://github.com/iceglober/glrs/commit/a3728ef1336cec91762e2f1d7cac6a85ddc2a166) Thanks [@iceglober](https://github.com/iceglober)! - fix(assume): stop fabricating the refresh-token lifetime; honest `gsa status`
|
|
8
|
+
|
|
9
|
+
`gsa status` showed "Refresh token: 6d 22h remaining" even right after auto-refresh
|
|
10
|
+
had failed and the SSO session ended — making it look like auto-refresh was broken.
|
|
11
|
+
|
|
12
|
+
Root cause: `refresh_expires_at` was hardcoded to `now + 7 days` and **reset on
|
|
13
|
+
every refresh** (AWS rotates the refresh token each time). AWS SSO never reports
|
|
14
|
+
the refresh token's real lifetime — it's capped by the org's IAM Identity Center
|
|
15
|
+
session limit (often hours), enforced server-side. So the 7-day number was pure
|
|
16
|
+
fiction, and the daemon also hammered refresh every tick near session end.
|
|
17
|
+
|
|
18
|
+
- `refresh()` no longer rolls `refresh_expires_at` forward on rotation; it
|
|
19
|
+
preserves the ceiling set at login.
|
|
20
|
+
- `gsa status` no longer prints a fabricated refresh-token countdown. While the
|
|
21
|
+
session is live it shows `Auto-refresh: on`; once the SSO token is expired
|
|
22
|
+
(auto-refresh couldn't renew it) it shows `SSO session ended — run: gsa login`.
|
|
23
|
+
|
|
24
|
+
Auto-refresh itself was working correctly the whole time — it just can't extend
|
|
25
|
+
past the org's SSO session limit, which is expected AWS behavior.
|
|
26
|
+
|
|
3
27
|
## 0.10.3
|
|
4
28
|
|
|
5
29
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@glrs-dev/assume",
|
|
3
|
-
"version": "0.10.
|
|
3
|
+
"version": "0.10.4",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -51,9 +51,9 @@
|
|
|
51
51
|
"typescript": "^5"
|
|
52
52
|
},
|
|
53
53
|
"optionalDependencies": {
|
|
54
|
-
"@glrs-dev/assume-darwin-arm64": "0.10.
|
|
55
|
-
"@glrs-dev/assume-darwin-x64": "0.10.
|
|
56
|
-
"@glrs-dev/assume-linux-x64": "0.10.
|
|
57
|
-
"@glrs-dev/assume-linux-arm64": "0.10.
|
|
54
|
+
"@glrs-dev/assume-darwin-arm64": "0.10.4",
|
|
55
|
+
"@glrs-dev/assume-darwin-x64": "0.10.4",
|
|
56
|
+
"@glrs-dev/assume-linux-x64": "0.10.4",
|
|
57
|
+
"@glrs-dev/assume-linux-arm64": "0.10.4"
|
|
58
58
|
}
|
|
59
59
|
}
|