MWPW-192707 Decryption Utility#58
Open
KetakiD-Deshwandikar wants to merge 40 commits into
Open
Conversation
Bootstrap ms-apps
added 7 commits
May 8, 2026 12:03
…S signIn with reAuthenticate/prompt login (no extra “switch account” UI). - @adobe.com: show “Signed in as …” under the field; reset when sign-in required again. - Session UX (client-side; APIs unchanged): shared localStorage activity + max session windows, JWT exp check, periodic/visibility checks; idle/max enforced only for corporate decrypt users so personal-ID denied flow is unchanged. - Cross-tab: broadcast on sign-out so other tabs reload/sync IMS state. - Add “Sign out” next to signed-in hint; same teardown path as session expiry (broadcast, signOut, clear keys, IMS signIn).
|
Hello, I'm the AEM Code Sync Bot and I will run some actions to deploy your branch and validate page speed.
Commits
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves: MWPW-192707
Summary
Adds a decrypt experience for the Trust Center URL utility (standalone decrypt.html + shared utils.js) and extends the protect (encrypt) flow.
Decrypt is IMS-gated and limited to signed-in users with a corporate Adobe ID (@adobe.com); the server still enforces access (401/403).
What is built
Protect (encrypt): User enters a plain www.adobe.com URL → client calls /trustcenter/api/encrypturl → shows protected/encrypted output; copy control; progress UI; validates host in prod (with ?nonprod=1 the host check is relaxed for QA).
Decrypt: User pastes protected text → client obtains IMS access token → POST /trustcenter/api/decrypturl with Authorization: Bearer and URL-safe base64 payload → shows decrypted URL; copy + error styling.
IMS: Milo loadIms, client adobedotcom-cc, email from profile or JWT if profile is missing.
Decrypt page UX: Field hint, “Sign in” overlay when auth is required, “Sign out” for corporate users, “Signed in as …” when profile shows @adobe.com.
API & environment routing
Stage APIs: https://www.stage.adobe.com/trustcenter/api/{encrypturl|decrypturl}
Prod APIs: https://www.adobe.com/trustcenter/api/{encrypturl|decrypturl}
Host allowlists map window.location.host (Franklin *.aem.page / *.aem.live, stage.adobe.com, www.stage.adobe.com, etc.) to the right endpoint; ?nonprod=1 on .aem.live hosts targets stage APIs for testing.
Edge case: If the page host is not in the allowlists, fetch may get an undefined URL — only matters for unknown preview hosts.
Security & access (client)
Decrypt: Requires signed in + access token; 403 → not an Adobe employee; 401 → sign in again.
Non–@adobe.com (when we can read email): Access denied copy, form disabled ~3s, then sign out + IMS sign-in with reAuthenticate + prompt: 'login' to reduce silent wrong-account reuse.
Server remains source of truth; client rules are UX + avoiding useless calls.
Session, tabs, and idle (client-only)
localStorage tracks last activity and session start; 30 min idle or 8 h max session (and JWT exp with 1 min skew) can end the utility session for @adobe.com decrypt users.
On expiry / teardown: sign out path, clear session keys, broadcast to other tabs → reload / sync IMS; decrypt uses full sign-in options after certain flows (e.g. peer tab sign-out) so IMS shows a real login.
Activity throttled on pointer / key / scroll to refresh “last activity.”
Manual sign-out
“Sign out”as as small blue inline linknext to“Signed in as …”(not a large primary button).
Triggers full IMS sign-out for the tool,broadcasts to other tabs, clears client session tracking, then prompts IMS sign-inagain — same core behavior assession expiry for decrypt.
Session & tab behavior (client-side UX; APIs unchanged)
Idle timeout:30 minuteswithout meaningful activity (shared across tabs on the same site vialocalStorage).
Maximum session:8 hours from when the tracked session started.
Access token expiry:When the IMS JWT is expired (with a small clock-skew buffer), user is signed out and prompted to sign in again.
Corporate-only:Idle / max session checks apply when the user is recognized as@adobe.comso the non‑employee denied flow is unchanged.
Cross-tab sync:Signing out in one tab notifies other open tabs on thes ame origin so they reload/sign out and stay aligned.
Error / edge messaging
Empty decrypt input → “Please enter the protected link.” (not generic decrypt failure).
Sign-in required → dedicated copy + Sign in UI.
Not @adobe.com → access denied path above.
Other failures → generic “could not decrypt / check input.”
Protect invalid/empty input → www.adobe.com validation messages (unchanged pattern).
Out of scope / dependencies for reviewers
Edge / proxy: www.stage.adobe.com / www.adobe.com must expose /trustcenter/api/decrypturl (same class of setup as encrypt). 404 there is infra, not fixable in this PR alone.
screen-recording-2026-05-07-at-91332-pm_9fraBel9.mp4