Commit f4ce35e
authored
fix(oidc-client): implement consistent storage caching for userInfo and well-known configuration (release) (#1592)
* fix: add persistent storage caching for userInfo to prevent loss on page refresh
Fixes #898
Problem:
- UserInfo was only cached in memory (oidc.userInfo)
- Lost on page refresh, causing unnecessary /userinfo network requests
- Performance issue for users with configured storage
Solution:
- Add storage check before network fetch using existing storage configuration
- Store userInfo result after successful fetch for persistence across refreshes
- Follows same security pattern as existing token storage
- Respects noCache parameter to bypass both memory and storage cache
Implementation:
- Only 4 lines added to userInfoAsync function
- Uses oidc.configuration.storage (same as tokens)
- Storage key: oidc.{configurationName}.userInfo
- Graceful fallback when storage not configured
Security:
- UserInfo is less sensitive than tokens (already stored in same location)
- Uses optional chaining for safe access
- Maintains all existing security controls
Benefits:
- Eliminates unnecessary userinfo network requests on page refresh
- Improves performance for users with storage configuration
- Zero breaking changes, backward compatible
- Reuses existing infrastructure
* fix: implement consistent storage caching for userInfo and well-known configuration
Fixes #898
Problems:
1. UserInfo lost on page refresh causing unnecessary /userinfo network requests
2. Well-known configuration cache hardcoded to sessionStorage, ignoring user storage preferences
Root Causes:
- UserInfo only cached in memory (oidc.userInfo), lost on refresh
- Well-known cache always used sessionStorage instead of configuration.storage
- Inconsistent storage behavior across different cached data types
Solutions:
1. UserInfo Persistent Caching:
- Add storage check before network fetch using existing storage configuration
- Store userInfo result after successful fetch for persistence across refreshes
- Use same storage key pattern: oidc.{configurationName}.userInfo
2. Well-Known Cache Storage Consistency:
- Respect user's configuration.storage instead of hardcoded sessionStorage
- Maintain backward compatibility with fallback to sessionStorage
Implementation:
- Only 5 lines of code added across 2 files
- Uses oidc.configuration.storage (same as tokens)
- Graceful fallback when storage not configured
- Respects noCache parameter to bypass both memory and storage cache
Security:
- UserInfo is less sensitive than tokens (already stored in same location)
- Uses optional chaining for safe access
- Maintains all existing security controls
Benefits:
- Eliminates unnecessary userinfo and well-known network requests on page refresh
- Consistent storage behavior across all cached data (tokens, userInfo, well-known)
- Improves performance for users with persistent storage configuration
- Zero breaking changes, backward compatible
- Reuses existing infrastructure1 parent 7a99d7c commit f4ce35e
2 files changed
+17
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
252 | 252 | | |
253 | 253 | | |
254 | 254 | | |
255 | | - | |
| 255 | + | |
| 256 | + | |
| 257 | + | |
256 | 258 | | |
257 | 259 | | |
258 | 260 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
10 | 17 | | |
11 | 18 | | |
12 | 19 | | |
| |||
23 | 30 | | |
24 | 31 | | |
25 | 32 | | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
26 | 40 | | |
27 | 41 | | |
0 commit comments