Skip to content

fix(seedless-onboarding): update tests for optional refreshToken and proactive renewal #8148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
himanshuchawla009 wants to merge 9 commits into
base: main
Choose a base branch
from
+764 −176
Open

fix(seedless-onboarding): update tests for optional refreshToken and proactive renewal #8148

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
9ee361d
fix(seedless-onboarding): update tests for optional refreshToken and …
himanshuchawla009 Mar 9, 2026
d905738
feat(seedless-onboarding): proactive 90% lifetime token expiry check
himanshuchawla009 Mar 10, 2026
f3503dd
chore(seedless-onboarding): expand [Unreleased] changelog for PR #8148
himanshuchawla009 Mar 10, 2026
ac6a62a
refactor(seedless-onboarding): apply PR review feedback
himanshuchawla009 Mar 11, 2026
71ca377
fix(seedless-onboarding): address cursor bot review comments
himanshuchawla009 Mar 11, 2026
73d482b
fix(seedless-onboarding): don't coalesce refreshAuthTokens calls with…
himanshuchawla009 Mar 11, 2026
358e1b9
chore(seedless-onboarding): mark breaking change in changelog
himanshuchawla009 Mar 11, 2026
0574664
refactor(seedless-onboarding): remove skipRenewRefreshToken, fix comm…
himanshuchawla009 Mar 12, 2026
d3b0814
code comments updated
himanshuchawla009 Mar 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions packages/seedless-onboarding-controller/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Changed

- Token refresh now uses a dedicated private `#reAuthenticate` method that only accepts the tokens returned by the JWT-refresh service (`idTokens`, `accessToken`, `metadataAccessToken`), making the re-authentication path stricter than the initial `authenticate` call ([#8148](https://github.com/MetaMask/core/pull/8148))
- After a successful JWT refresh the controller proactively rotates the refresh/revoke token pair (when the vault is unlocked) via a new private `#rotateRefreshToken` method ([#8148](https://github.com/MetaMask/core/pull/8148))
- Token expiry checks now use a 90% lifetime threshold for proactive refresh: access tokens and metadata access tokens are refreshed when less than 10% of their lifetime remains (requires `iat`), while node auth tokens fall back to exact-expiry checking ([#8148](https://github.com/MetaMask/core/pull/8148))

### Removed

- **BREAKING:** Removed public `renewRefreshToken` method — refresh token rotation is now handled automatically by the controller after a successful JWT refresh ([#8148](https://github.com/MetaMask/core/pull/8148))

## [8.1.0]

### Changed
Expand Down
Loading
Loading