josno/gist:1ae1ab828d00e2f819c39ea3af7c4d32

## gistfile1.txt
Should the client or the server take more security precautions?
	Both client and servers should take security precautions to ensure that the appropriate user has the right access to server resources. Unfortunately, we can’t see who is actually using an app and what their credentials are for everything and everyone so we need to establish protocols in ensuring that the right people have access in the app.

What's the difference between local storage and session storage?
	Local storage is provides access to the domain within the same browser across all tabs versus a session storage gives access only to one specific tab via a browser.

What problem does a JWT expiry time solve?
	Expiry time limits the authorization access to a server over a specific length of time.

Is a refresh endpoint protected or public?
	It is a protected endpoint - after someone has been authorized and logged in.

What would happen if a refreshed JWT was requested with a JWT that had already expired?
	It would be blacklisted and assumed breached.

What does it mean to queue a callback?
	Set up a timer where the function would be run.

What does the clearTimeout function do and what argument do you pass into it?
	Clear the timer set by setTimeOut. Or stops it.

For which of the following events should a refresh request be queued after?
A successful user registration request
A successful login request - Queue refresh
A page load - Queue refresh
A successful API request to a protected endpoint for posting a comment
A successful refresh request - Queue refresh
A push state navigation event
A user logs out


What is OIDC?
An industry protocol for authenticating systems. Allows clients to authenticate one to one to an authentication server.
	Should the client or the server take more security precautions?
	Both client and servers should take security precautions to ensure that the appropriate user has the right access to server resources. Unfortunately, we can’t see who is actually using an app and what their credentials are for everything and everyone so we need to establish protocols in ensuring that the right people have access in the app.

	What's the difference between local storage and session storage?
	Local storage is provides access to the domain within the same browser across all tabs versus a session storage gives access only to one specific tab via a browser.

	What problem does a JWT expiry time solve?
	Expiry time limits the authorization access to a server over a specific length of time.

	Is a refresh endpoint protected or public?
	It is a protected endpoint - after someone has been authorized and logged in.

	What would happen if a refreshed JWT was requested with a JWT that had already expired?
	It would be blacklisted and assumed breached.

	What does it mean to queue a callback?
	Set up a timer where the function would be run.

	What does the clearTimeout function do and what argument do you pass into it?
	Clear the timer set by setTimeOut. Or stops it.

	For which of the following events should a refresh request be queued after?
	A successful user registration request
	A successful login request - Queue refresh
	A page load - Queue refresh
	A successful API request to a protected endpoint for posting a comment
	A successful refresh request - Queue refresh
	A push state navigation event
	A user logs out


	What is OIDC?
	An industry protocol for authenticating systems. Allows clients to authenticate one to one to an authentication server.
No results found