search

AxaFrance / oidc-client

Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).
MIT License
572 stars 151 forks source link

Infinite requests to refresh the token #1282

Closed pavankjadda closed 4 months ago

pavankjadda commented 5 months ago

Issue and Steps to Reproduce

When user steps away from computer, the library making infinite number calls to OIDC server (https://HOST_URL/_api/v2/auth/NCI-CCR-TEST/oidc/token)

Versions

7.13.14

Screenshots

Attached

Screenshot 2024-02-05 at 12 51 30 PM Screenshot 2024-02-05 at 12 51 40 PM

Expected

Should try and error after few tries

Actual

I see infinite requests to refresh the token (100/second) and brings the OIDC server down

Additional Details

AppProvider.tsx


const configuration = {
    client_id: 'pres',
    redirect_uri: process.env.NEXT_PUBLIC_REACT_APP_BASE_URL + '/authentication/callback',
    silent_redirect_uri: process.env.NEXT_PUBLIC_REACT_APP_BASE_URL + '/authentication/silent-callback',
    scope: 'openid profile email offline_access',
    authority: 'https://HOST_URL/_api/v2/auth/NCI-CCR-TEST',
};

export default function AppProvider(props: { children: React.ReactNode }) {
    const router = useRouter();
    const withCustomHistory = () => {
        return {
            replaceState: (url: any) => {
                router
                    .replace({
                        pathname: url,
                    })
                    .then(() => {
                        // eslint-disable-next-line no-undef
                        window.dispatchEvent(new Event('popstate'));
                    });
            },
        };
    };

    /**
     * This function is called when the user is logged out from another tab or the session is lost
     *
     * @param _configuration event configuration
     * @param name event name
     * @param _data additional data
     */
    function onEvent(_configuration: string, name: string, _data: any) {
        if (name === 'logout_from_another_tab' || name === 'logout_from_same_tab' || name === 'session_lost') {
            window.location.reload();
        }
    }

    return (
        <>
            <OidcProvider
                authenticatingComponent={CenteredCircularProgress}
                loadingComponent={CenteredCircularProgress}
                callbackSuccessComponent={CenteredCircularProgress}
                authenticatingErrorComponent={AuthenticatingErrorComponent}
                sessionLostComponent={SessionLostComponent}
                onSessionLost={() => window.location.reload()}
                configuration={configuration}
                onEvent={onEvent}
                withCustomHistory={withCustomHistory}>
                <>{props.children}</>
            </OidcProvider>
        </>
    );
}
guillaume-chervet commented 5 months ago

hi @pavankjadda ,

version 7.15.4 should fixed this problem :)

pavankjadda commented 5 months ago

hi @pavankjadda ,

version 7.15.4 should fixed this problem :)

Let me try and get back to you