Merge branch 'release/16.1'

Author: iOvergaard

src/Umbraco.Web.UI.Client/package-lock.json

@@ -215,7 +215,7 @@
 		"@tiptap/extension-underline": "2.11.7",
 		"@tiptap/pm": "2.11.7",
 		"@tiptap/starter-kit": "2.11.7",
-		"@umbraco-ui/uui": "1.14.1",
+		"@umbraco-ui/uui": "1.14.2",
 		"@umbraco-ui/uui-css": "1.14.1",
 		"dompurify": "^3.2.5",
 		"element-internals-polyfill": "^3.0.2",

src/Umbraco.Web.UI.Client/package.json

@@ -93,7 +93,6 @@ export class UmbAuthFlow {
 	readonly #postLogoutRedirectUri: string;
 	readonly #clientId: string;
 	readonly #scope: string;
-	readonly #timeoutSignal;
 
 	// tokens
 	#tokenResponse?: TokenResponse;
@@ -113,13 +112,11 @@ export class UmbAuthFlow {
 		openIdConnectUrl: string,
 		redirectUri: string,
 		postLogoutRedirectUri: string,
-		timeoutSignal: Subject<void>,
 		clientId = 'umbraco-back-office',
 		scope = 'offline_access',
 	) {
 		this.#redirectUri = redirectUri;
 		this.#postLogoutRedirectUri = postLogoutRedirectUri;
-		this.#timeoutSignal = timeoutSignal;
 		this.#clientId = clientId;
 		this.#scope = scope;
 
@@ -305,25 +302,25 @@ export class UmbAuthFlow {
 	/**
 	 * This method will check if the token needs to be refreshed and if so, it will refresh it and return the new access token.
 	 * If the token does not need to be refreshed, it will return the current access token.
-	 * @returns The access token for the user.
+	 * @returns {Promise<string>} The access token for the user.
 	 */
 	async performWithFreshTokens(): Promise<string> {
 		// if the access token is valid, return it
 		if (this.#tokenResponse?.isValid()) {
 			return Promise.resolve(this.#tokenResponse.accessToken);
 		}
 
+		// if the access token is not valid, try to refresh it
 		const success = await this.makeRefreshTokenRequest();
+		const newToken = this.#tokenResponse?.accessToken ?? '';
 
 		if (!success) {
+			// if the refresh token request failed, we need to clear the token state
 			this.clearTokenStorage();
-			this.#timeoutSignal.next();
-			return Promise.reject('Missing tokenResponse.');
 		}
 
-		return this.#tokenResponse
-			? Promise.resolve(this.#tokenResponse.accessToken)
-			: Promise.reject('Missing tokenResponse.');
+		// if the refresh token request was successful, return the new access token
+		return Promise.resolve(newToken);
 	}
 
 	/**

src/Umbraco.Web.UI.Client/src/packages/core/auth/auth-flow.ts

@@ -73,12 +73,7 @@ export class UmbAuthContext extends UmbContextBase {
 		this.#serverUrl = serverUrl;
 		this.#backofficePath = backofficePath;
 
-		this.#authFlow = new UmbAuthFlow(
-			serverUrl,
-			this.getRedirectUrl(),
-			this.getPostLogoutRedirectUrl(),
-			this.#isTimeout,
-		);
+		this.#authFlow = new UmbAuthFlow(serverUrl, this.getRedirectUrl(), this.getPostLogoutRedirectUrl());
 
 		// Observe the authorization signal and close the auth window
 		this.observe(