feat: expose revokeRefreshToken#1147
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
✅ Files skipped from review due to trivial changes (1)
📝 WalkthroughWalkthroughAdds ChangesRevoke Refresh Token feature
Estimated code review effort: 2 (Simple) | ~10 minutes Sequence Diagram(s)sequenceDiagram
participant App
participant Auth0Provider
participant Auth0Client
App->>Auth0Provider: revokeRefreshToken(options)
Auth0Provider->>Auth0Client: client.revokeRefreshToken(options)
Auth0Client-->>Auth0Provider: Promise<void>
Auth0Provider-->>App: resolved or rejected
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
__tests__/auth-provider.test.tsx (1)
606-651: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low valueSimplify the memoization test. Move
rerender()outsidewaitFor()so the assertion runs once and is easier to read.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@__tests__/auth-provider.test.tsx` around lines 606 - 651, The memoization test for revokeRefreshToken is doing the rerender inside waitFor, which makes the assertion harder to follow. Update the test in the Auth0Context suite so rerender() is called outside waitFor, then assert that result.current.revokeRefreshToken stays referentially equal to the saved memoized function in a single, straightforward expectation.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@__tests__/auth-provider.test.tsx`:
- Around line 606-651: The memoization test for revokeRefreshToken is doing the
rerender inside waitFor, which makes the assertion harder to follow. Update the
test in the Auth0Context suite so rerender() is called outside waitFor, then
assert that result.current.revokeRefreshToken stays referentially equal to the
saved memoized function in a single, straightforward expectation.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro Plus
Run ID: 7c70426b-6b57-4e41-ac09-42918f17540b
📒 Files selected for processing (6)
EXAMPLES.md__mocks__/@auth0/auth0-spa-js.tsx__tests__/auth-provider.test.tsxsrc/auth0-context.tsxsrc/auth0-provider.tsxsrc/index.tsx
ac2d26f to
073f314
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@EXAMPLES.md`:
- Around line 825-828: Remove the standalone blank blockquote line before the
fenced code block in the refresh-token revocation example, keeping the fence
directly within the blockquote to satisfy markdownlint MD028.
- Around line 825-830: Make the revoke-and-logout example self-contained by
declaring logout alongside revokeRefreshToken, destructuring both from
useAuth0(), or explicitly showing that logout must be obtained from the hook
before it is called.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro Plus
Run ID: c8d93b6c-584e-470c-83a4-a80c4b626f5d
📒 Files selected for processing (6)
EXAMPLES.md__mocks__/@auth0/auth0-spa-js.tsx__tests__/auth-provider.test.tsxsrc/auth0-context.tsxsrc/auth0-provider.tsxsrc/index.tsx
🚧 Files skipped from review as they are similar to previous changes (5)
- src/index.tsx
- mocks/@auth0/auth0-spa-js.tsx
- tests/auth-provider.test.tsx
- src/auth0-provider.tsx
- src/auth0-context.tsx
**Added** - feat: expose revokeRefreshToken [\#1147](#1147) ([yogeshchoudhary147](https://github.com/yogeshchoudhary147)) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added support for exposing `revokeRefreshToken`, enabling applications to revoke refresh tokens. * Added documentation for configuring the token audience when revoking a refresh token. * **Documentation** * Refreshed API reference pages, navigation, hierarchy, and search content. * Updated source links and generated documentation metadata. * **Chores** * Bumped the package version to 2.21.0. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
Summary
Closes #1134
revokeRefreshTokenonAuth0ContextInterfaceand wire it throughAuth0ProviderRevokeRefreshTokenOptionsfrom@auth0/auth0-spa-jsviasrc/index.tsxEXAMPLES.mdTest plan
npm testpasses with 100% coverageManual testing
useRefreshTokens={true}→ callrevokeRefreshToken()→ confirm the nextgetAccessTokenSilently()fails withlogin_required(refresh token is no longer valid)revokeRefreshToken({ audience: 'https://api.example.com' })→ confirm only that audience's token is invalidateduseRefreshTokens={false}→ callrevokeRefreshToken()→ confirm no error is thrown and auth state is unchangedSummary by CodeRabbit
revokeRefreshTokento the authentication context, with optionalaudiencetargeting.RevokeRefreshTokenOptionsfor use with revocation calls.