Add support for session credential rekeying
castle-lemongrab opened this issue · comments
If any Set-Cookie
headers are sent in response to a request that contain an MST or JST, update the credential store automatically. Provide an option to write these new values out to a configuration file (not necessarily the same one the application was started with). Handle urlencoded MST and JST tokens in configuration files more gracefully (this isn't possible in general, but we can attempt to use decodeURIComponent
on failure, try again if we get a different string back, and print a warning).
Three hours dungeon. Then... acceptable. Likely acceptable. Three hours no trials.
Acceptable. Potentially noisy during credential updates, but acceptable. Logging can be cleaned up later if needed. Acceptable.