Handle expired token and CORS errors (2 separate issues)
These are 2 separate issues, but both related to token communication
-
When the IAM id_token becomes invalid after 1 hour then ESAP-GUI gets in a unpredictable state where the user can not save the shopping basket anymore (https://support.astron.nl/jira/browse/SDC-271) -
When the oidc refresh token tries to check if the id_token is still valid (default every 15 minutes) then it reports a CORS error (since moving the backend away from port 5555 to 80/443). Currently the 'OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS' value in the backend has been set to 3600 to avoid the error before the token becomes invalid anyway. (https://support.astron.nl/jira/browse/SDC-272)