Extend the session with IAP-- google APP engine ?

283 views
Skip to first unread message

Sanooj KS

unread,
May 30, 2018, 11:47:07 AM5/30/18
to Google App Engine
hi,

As per the documentation , IAP session is valid for 1 hour , but if user is using the application , will session extend automatically ?  What is the purpose of refresher url ?

/_gcp_iap/session_refresher

Regards
Sanooj

George (Cloud Platform Support)

unread,
May 30, 2018, 2:28:25 PM5/30/18
to Google App Engine
There is more than one way to deal with the problem of expired sessions, all of these treated on the "Managing Cloud IAP sessions" page. To reply to your question regarding automatic extension of a session, handling the HTTP 401 response comes nearest to an automatic solution. You'll need to implement this handling action in your code, in a manner analogous to: 

if (response.status === 401) {
  statusElm.innerHTML = 'Login stale. <input type="button" value="Refresh" onclick="sessionRefreshClicked();"/>';
}

The /_gcp_iap/session_refresher URL serves a page that refreshes to /_gcp_iap/do_session_refresh after 45 minutes.

To come specifically to your question regarding /_gcp_iap/session_refresher, adding an iFrame that points to this address is one of the possible solutions to the session refreshing problem. It is treated in the "Adding an iFrame" sub-chapter of the document linked above. 

Sanooj KS

unread,
May 31, 2018, 2:46:59 PM5/31/18
to google-a...@googlegroups.com
I did look at "Managing Cloud IAP sessions"  page , but none of them looks clean . All the methods need to have a separate browser window that do a 302 to   /_gcp_iap/do_session_refresh . Is there a api way of refreshing session?

Regards
Sanooj

--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscribe@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.
Visit this group at https://groups.google.com/group/google-appengine.
 To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/9fef1aa8-4488-46de-8b97-886a26ba08a8%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

George (Cloud Platform Support)

unread,
Jun 1, 2018, 2:32:56 PM6/1/18
to Google App Engine
An API call requires you to provide certain information and it would return a desired result in form of information as well. This is not a scenario one may apply to IAP sessions, as session expiry depends on data (like timing) outside of your proposed call. The solutions mentioned in my reply above work best. 
Reply all
Reply to author
Forward
0 new messages