fix(oidc-client): tokens refresh conflict multiple tabs

Author: guillaume-chervet

packages/oidc-client/src/initSession.ts

@@ -42,7 +42,7 @@ export const initSession = (configurationName, storage = sessionStorage) => {
         return { nonce: storage[`oidc.nonce.${configurationName}`] };
     };
 
-    const setDemonstratingProofOfPossessionNonce = (dpopNonce:string) => {
+    const setDemonstratingProofOfPossessionNonce = async (dpopNonce:string) => {
         storage[`oidc.dpop_nonce.${configurationName}`] = dpopNonce;
     };
 

packages/oidc-client/src/initWorker.ts

@@ -157,16 +157,16 @@ export const initWorkerAsync = async(configuration, configurationName) => {
         return getLoginParamsCache[configurationName];
     };
 
-    const setDemonstratingProofOfPossessionNonce = (demonstratingProofOfPossessionNonce: string) => {
-        sendMessageAsync(registration)({ type: 'setDemonstratingProofOfPossessionNonce', data: { demonstratingProofOfPossessionNonce }, configurationName });
+    const setDemonstratingProofOfPossessionNonce = async (demonstratingProofOfPossessionNonce: string) => {
+        await sendMessageAsync(registration)({ type: 'setDemonstratingProofOfPossessionNonce', data: { demonstratingProofOfPossessionNonce }, configurationName });
     };
 
     const getDemonstratingProofOfPossessionNonce = async () => {
         const result = await sendMessageAsync(registration)({type: 'getDemonstratingProofOfPossessionNonce', data: null, configurationName});
         return result.demonstratingProofOfPossessionNonce;
     };
 
-    const setDemonstratingProofOfPossessionJwkAsync = (demonstratingProofOfPossessionJwk:string) => {
+    const setDemonstratingProofOfPossessionJwkAsync = async (demonstratingProofOfPossessionJwk:string) => {
         const demonstratingProofOfPossessionJwkJson = JSON.stringify(demonstratingProofOfPossessionJwk);
         sendMessageAsync(registration)({ type: 'setDemonstratingProofOfPossessionJwk', data: { demonstratingProofOfPossessionJwkJson }, configurationName });
     };

packages/oidc-client/src/renewTokens.ts

@@ -6,20 +6,30 @@ import timer from './timer.js';
 import { StringMap } from './types.js';
 
 export async function renewTokensAndStartTimerAsync(oidc, refreshToken, forceRefresh = false, extras:StringMap = null) {
-    const updateTokens = (tokens) => { oidc.tokens = tokens; };
-    const { tokens, status } = await oidc.synchroniseTokensAsync(refreshToken, 0, forceRefresh, extras, updateTokens);
 
-    const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName);
-    if (!serviceWorker) {
-        const session = initSession(oidc.configurationName, oidc.configuration.storage);
-        await session.setTokens(oidc.tokens);
-    }
+    const configuration = oidc.configuration;
+    const lockResourcesName = `${configuration.client_id}_${oidc.configurationName}_${configuration.authority}`;
+    const tokens = await navigator.locks.request(lockResourcesName, async (lock) => {
+        const updateTokens = (tokens) => {
+            oidc.tokens = tokens;
+        };
+        const {tokens, status} = await oidc.synchroniseTokensAsync(refreshToken, 0, forceRefresh, extras, updateTokens);
 
-    if (!oidc.tokens) {
-        await oidc.destroyAsync(status);
-        return;
-    }
+        const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName);
+        if (!serviceWorker) {
+            const session = initSession(oidc.configurationName, oidc.configuration.storage);
+            await session.setTokens(oidc.tokens);
+        }
 
+        if (!oidc.tokens) {
+            await oidc.destroyAsync(status);
+            return null;
+        }
+        return tokens
+    });
+    if(!tokens){
+        return null;
+    }
     if (oidc.timeoutId) {
         oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt, extras);
     }