Skip to content

SSO warnings: write "session expires in ..." when refresh token is present#1685

Merged
jedisct1 merged 6 commits into
mainfrom
fdenis/refresh
Mar 18, 2026
Merged

SSO warnings: write "session expires in ..." when refresh token is present#1685
jedisct1 merged 6 commits into
mainfrom
fdenis/refresh

Conversation

@jedisct1

Copy link
Copy Markdown
Contributor

Change summary

When a refresh token is available, prefix expiration warnings with "session" to distinguish refresh-based expiry from access token expiry (e.g. "Your active token session expires in 10 minutes").

Also suppress access-token expiration warnings when a refresh token exists but has no expiry set, since the token will auto-refresh and the warning would be misleading.

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?

New Feature Submissions:

  • Does your submission pass tests?

Changes to Core Features:

  • Have you written new tests for your core changes, as applicable?
  • Have you successfully run tests with your changes locally?

User Impact

Clearer expiration warnings: "session expires in ..." instead of "expires in ..."

Are there any considerations that need to be addressed for release?

No breaking changes. This is a cosmetic/UX improvement to warning messages only.

…esent

When a refresh token is available, prefix expiration warnings with
"session" to distinguish refresh-based expiry from access token expiry.

Also suppress access-token expiration warnings when a refresh token
exists but has no expiry set (it will auto-refresh).
@jedisct1 jedisct1 requested a review from a team as a code owner March 11, 2026 15:27
@jedisct1 jedisct1 requested a review from philippschulte March 11, 2026 15:27
@jedisct1 jedisct1 added the Skip-Changelog do not add a changelog entry for this change label Mar 11, 2026
@kpfleming

Copy link
Copy Markdown
Member

No concerns from me. Most users aren't going to care about the difference between the tokens and their expirations, but when we are assisting users who have reported problems the additional information will be very useful.

@jedisct1 jedisct1 enabled auto-merge (squash) March 18, 2026 19:20
@jedisct1 jedisct1 merged commit 1687e85 into main Mar 18, 2026
13 checks passed
@jedisct1 jedisct1 deleted the fdenis/refresh branch March 18, 2026 19:32
jedisct1 added a commit that referenced this pull request Mar 23, 2026
* main:
  [CDTOOL-1304] Ensure that the Fastly Auth type commands respect the `--quiet` Flag (#1710)
  build(deps): bump the go-dependencies group with 2 updates (#1707)
  [CDTOOL-1102]  Add support for the `service vcl snippet describe` `--content` flag (#1706)
  SSO warnings: write "session expires in ..." when refresh token is present (#1685)

# Conflicts:
#	pkg/app/run.go
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Skip-Changelog do not add a changelog entry for this change

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants