Closed dpcodes closed 5 months ago
Hi @dpcodes thank you very much for your issue and all détails. It should be a big bug. I will try to reproduce it and fix it today.
hi @dpcodes ,
I fail to reproduce it. I remove cookie from the demo configured with only silentsignin and it seem to work.
Do you have more information? a video or something else?
I believe the config you are trying is different than what we have:
It fails trying to use the refresh token (expected) once the user gets forcibly logged out passed the SSOLifetime and then loops.
hi @dpcodes do you still have the problem with the latest version ?
hi @dpcodes version 7.15.4-alpha.1309 should fix the loop !
We use IdentityServer4 as our IDP. We also have an SSOLifetime set meaning that the user needs to re-authenticate after X amount of time.
The silent refresh works perfectly, except when it tries to refresh after passing the SSO expiration. It will redirect to the SessionLost component like expected, but then it will completely spam the connect/token endpoint.
The error in appinsight is simply that the refresh token is invalid, as expected since when the IDP logs you out, it also revokes all your tokens.
First, everything goes well, the first refresh works:![image](https://github.com/AxaFrance/oidc-client/assets/21364101/6fecc4b6-20ae-43c8-9dd3-fc53e52e869a)
But then, once it tries to refresh after the SSO expires:
It seems to be stuck in a loop of begin > error
Configuration is nothing special:![image](https://github.com/AxaFrance/oidc-client/assets/21364101/c28608d0-816f-414c-bf71-b7ee3bf2a4ee)
Expected Behavior: I would expect once we hit the SessionLost component that we either wait for a refresh of the browser to retrigger the flow, or query the connect endpoint at a set interval, but not crazy fast like it does right now.
Not exactly sure why it's looping like such, was hoping you'd have more insight.
Thank you!