TBD-48 fix: decrease a priority of !validateTokensOpt condition whe…

…n retrieving a CSRF token
oat-sa · Aug 7, 2020 · eafcdd3 · eafcdd3
1 parent 2553913
commit eafcdd3
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/src/core/tokenHandler.js b/src/core/tokenHandler.js
@@ -86,10 +86,7 @@ export default function tokenHandlerFactory(options) {
             return tokenStore
                 .expireOldTokens()
                 .then(() => {
-                    if (!validateTokensOpt) {
-                        return this.getClientConfigTokens()
-                            .then(getFirstTokenValue);
-                    } else if (!clientConfigFetched) {
+                    if (!clientConfigFetched) {
                         // Client Config allowed! (first and only time)
                         return this.getClientConfigTokens()
                             .then(getFirstTokenValue);
@@ -99,6 +96,9 @@ export default function tokenHandlerFactory(options) {
                                 if (queueSize > 0) {
                                     // Token available, use it
                                     return getFirstTokenValue();
+                                } else if (!validateTokensOpt) {
+                                    return this.getClientConfigTokens()
+                                        .then(getFirstTokenValue);
                                 } else {
                                     // No more token options, refresh needed
                                     return Promise.reject(new Error('No tokens available. Please refresh the page.'));