@salesforce/webapp-template-feature-react-authentication-experimental 1.109.6 → 1.109.7

package/dist/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.109.7](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.109.6...v1.109.7) (2026-03-19)
+
+**Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental
+
+
+
+
+
 ## [1.109.6](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.109.5...v1.109.6) (2026-03-19)
 
 **Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental

package/dist/force-app/main/default/webapplications/feature-react-authentication/package.json

@@ -15,8 +15,8 @@
     "graphql:schema": "node scripts/get-graphql-schema.mjs"
   },
   "dependencies": {
-    "@salesforce/sdk-data": "^1.109.6",
-    "@salesforce/webapp-experimental": "^1.109.6",
+    "@salesforce/sdk-data": "^1.109.7",
+    "@salesforce/webapp-experimental": "^1.109.7",
     "@tailwindcss/vite": "^4.1.17",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
@@ -43,7 +43,7 @@
     "@graphql-eslint/eslint-plugin": "^4.1.0",
     "@graphql-tools/utils": "^11.0.0",
     "@playwright/test": "^1.49.0",
-    "@salesforce/vite-plugin-webapp-experimental": "^1.109.6",
+    "@salesforce/vite-plugin-webapp-experimental": "^1.109.7",
     "@testing-library/jest-dom": "^6.6.3",
     "@testing-library/react": "^16.1.0",
     "@testing-library/user-event": "^14.5.2",

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/features/authentication/sessionTimeout/SessionTimeoutValidator.tsx

@@ -253,19 +253,14 @@ function useSessionTimeout(config: SessionTimeoutConfig): SessionTimeoutResult {
 		isPollingRef.current = true;
 		setIsPolling(true);
 
-		try {
-			const response = await pollSessionTimeServlet(basePath);
+		const response = await pollSessionTimeServlet(basePath);
+		isPollingRef.current = false;
+		setIsPolling(false);
 
-			// Success - reset retry state and process response
-			isPollingRef.current = false;
-			setIsPolling(false);
+		if (response) {
 			retry.resetRetry();
 			processTimeoutResponse(response.sr);
-		} catch (error) {
-			console.error("[useSessionTimeout] Poll failed:", error);
-			// Reset polling flags before retry so handleRetryWithBackoff doesn't skip
-			isPollingRef.current = false;
-			setIsPolling(false);
+		} else {
 			handleRetryWithBackoff(() => checkSessionRef.current?.());
 		}
 	}, [basePath, retry, processTimeoutResponse, handleRetryWithBackoff]);
@@ -274,15 +269,12 @@ function useSessionTimeout(config: SessionTimeoutConfig): SessionTimeoutResult {
 	 * Extend the session (called when user clicks "Continue Working")
 	 */
 	const extendSession = useCallback(async () => {
-		try {
-			const response = await extendSessionTime(basePath);
+		const response = await extendSessionTime(basePath);
 
-			// Reset retry state and process the new session time
+		if (response) {
 			retry.resetRetry();
 			processTimeoutResponse(response.sr);
-		} catch (error) {
-			console.error("[useSessionTimeout] Failed to extend session:", error);
-			// On failure, retry extending session (not checkSession)
+		} else {
 			handleRetryWithBackoff(() => extendSessionRef.current?.());
 		}
 	}, [basePath, retry, processTimeoutResponse, handleRetryWithBackoff]);

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/features/authentication/sessionTimeout/sessionTimeService.ts

@@ -20,10 +20,9 @@ export interface SessionResponse {
  * Handles CSRF protection prefix
  *
  * @param text - Raw response text from servlet
- * @returns Parsed session response
- * @throws Error if response cannot be parsed
+ * @returns Parsed session response, or undefined if parsing fails
  */
-function parseResponseResult(text: string): SessionResponse {
+function parseResponseResult(text: string): SessionResponse | undefined {
 	let cleanedText = text;
 
 	// Strip CSRF protection prefix if present
@@ -45,25 +44,23 @@ function parseResponseResult(text: string): SessionResponse {
 		return parsed;
 	} catch (error) {
 		console.error("[sessionTimeService] Failed to parse response:", error, "Text:", cleanedText);
-		throw new Error(
-			`Failed to parse session response: ${error instanceof Error ? error.message : "Unknown error"}`,
-		);
 	}
 }
 
 /**
  * Call SessionTimeServlet API
- * Internal function used by both poll and extend functions
+ * Internal function used by both poll and extend functions.
+ * Returns undefined on any failure so the session timeout feature
+ * never crashes the running application.
  *
  * @param basePath - Community base path (e.g., "/sfsites/c/")
  * @param extend - Whether to extend the session (updateTimedOutSession param)
- * @returns Session response with remaining time
- * @throws Error if API call fails or security checks fail
+ * @returns Session response with remaining time, or undefined on failure
  */
 async function callSessionTimeServlet(
 	basePath: string,
 	extend: boolean = false,
-): Promise<SessionResponse> {
+): Promise<SessionResponse | undefined> {
 	// Build URL with cache-busting timestamp
 	const timestamp = Date.now();
 	let url = `${basePath}${SESSION_CONFIG.SERVLET_URL}?buster=${timestamp}`;
@@ -75,47 +72,37 @@ async function callSessionTimeServlet(
 	try {
 		const response = await fetch(url, {
 			method: "GET",
-			credentials: "same-origin", // Include cookies for session
+			credentials: "same-origin",
 			cache: "no-cache",
-			// Security headers
 			headers: {
-				"X-Requested-With": "XMLHttpRequest", // Helps identify XHR requests
+				"X-Requested-With": "XMLHttpRequest",
 			},
 		});
 
 		if (!response.ok) {
-			// Provide more context for common error codes
-			if (response.status === 401) {
-				throw new Error("Session expired or unauthorized");
-			} else if (response.status === 403) {
-				throw new Error("Access forbidden");
-			} else if (response.status === 404) {
-				throw new Error("Session endpoint not found");
-			} else {
-				throw new Error(`HTTP ${response.status}: ${response.statusText}`);
-			}
+			console.error(`[sessionTimeService] HTTP ${response.status}: ${response.statusText}`);
+			return undefined;
 		}
 
-		// Security: Validate content type (should be text or JSON)
 		const contentType = response.headers.get("content-type");
 		if (contentType && !contentType.includes("text") && !contentType.includes("json")) {
-			throw new Error(`Unexpected content type: ${contentType}`);
+			console.error(`[sessionTimeService] Unexpected content type: ${contentType}`);
+			return undefined;
 		}
 
 		const text = await response.text();
 		const parsed = parseResponseResult(text);
-
-		// Apply latency buffer to account for network delay
-		const adjustedSecondsRemaining = Math.max(0, parsed.sr - SESSION_CONFIG.LATENCY_BUFFER_SECONDS);
+		if (!parsed) {
+			return undefined;
+		}
 
 		return {
 			sp: parsed.sp,
-			sr: adjustedSecondsRemaining,
+			sr: Math.max(0, parsed.sr - SESSION_CONFIG.LATENCY_BUFFER_SECONDS),
 		};
 	} catch (error) {
-		// Don't log the full URL in production to avoid leaking sensitive info
 		console.error("[sessionTimeService] API call failed:", error);
-		throw error;
+		return undefined;
 	}
 }
 
@@ -124,17 +111,17 @@ async function callSessionTimeServlet(
  * Called periodically to monitor session status
  *
  * @param basePath - Community base path (e.g., "/sfsites/c/")
- * @returns Session response with remaining time (after latency buffer adjustment)
- * @throws Error if API call fails
+ * @returns Session response with remaining time, or undefined on failure
  *
  * @example
- * const { sr, sp } = await pollSessionTimeServlet('/sfsites/c/');
- * if (sr <= 300) {
- *   // Less than 5 minutes remaining
+ * const response = await pollSessionTimeServlet('/sfsites/c/');
+ * if (response && response.sr <= 300) {
  *   showWarning();
  * }
  */
-export async function pollSessionTimeServlet(basePath: string): Promise<SessionResponse> {
+export async function pollSessionTimeServlet(
+	basePath: string,
+): Promise<SessionResponse | undefined> {
 	return callSessionTimeServlet(basePath, false);
 }
 
@@ -143,14 +130,15 @@ export async function pollSessionTimeServlet(basePath: string): Promise<SessionR
  * Called when user clicks "Continue Working" in warning modal
  *
  * @param basePath - Community base path (e.g., "/sfsites/c/")
- * @returns Session response with new remaining time
- * @throws Error if API call fails
+ * @returns Session response with new remaining time, or undefined on failure
  *
  * @example
- * const { sr } = await extendSessionTime('/sfsites/c/');
- * console.log(`Session extended. ${sr} seconds remaining.`);
+ * const response = await extendSessionTime('/sfsites/c/');
+ * if (response) {
+ *   console.log(`Session extended. ${response.sr} seconds remaining.`);
+ * }
  */
-export async function extendSessionTime(basePath: string): Promise<SessionResponse> {
+export async function extendSessionTime(basePath: string): Promise<SessionResponse | undefined> {
 	return callSessionTimeServlet(basePath, true);
 }
 

package/dist/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-  "version": "1.109.6",
+  "version": "1.109.7",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-      "version": "1.109.6",
+      "version": "1.109.7",
       "license": "SEE LICENSE IN LICENSE.txt",
       "devDependencies": {
         "@lwc/eslint-plugin-lwc": "^3.3.0",

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-  "version": "1.109.6",
+  "version": "1.109.7",
   "description": "Base SFDX project template",
   "license": "SEE LICENSE IN LICENSE.txt",
   "publishConfig": {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-feature-react-authentication-experimental",
-  "version": "1.109.6",
+  "version": "1.109.7",
   "description": "Authentication feature for web applications",
   "license": "SEE LICENSE IN LICENSE.txt",
   "author": "",
@@ -16,7 +16,7 @@
     "clean": "rm -rf dist"
   },
   "devDependencies": {
-    "@salesforce/webapp-experimental": "^1.109.6",
+    "@salesforce/webapp-experimental": "^1.109.7",
     "@tanstack/react-form": "^1.27.7",
     "@types/react": "^19.2.7",
     "@types/react-dom": "^19.2.3",