search

AxaFrance / oidc-client

Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).
MIT License
570 stars 152 forks source link

How to handle 500 errors when refreshing a token? #1366

Open Mikilll94 opened 1 month ago

Mikilll94 commented 1 month ago

Issue and Steps to Reproduce

Currently if the /token request returns 500, the SessionLost component is displayed with "Session timeout" text. The same happens when refresh token is expired and /token endpoint return 401.

For 500 responses I would prefer to display to the user that there is an error. How to do it with this library? Currently it looks like this is not possible.

Versions

7.22.4

Screenshots

Expected

Some way to handle 500 when refreshing access token.

Actual

No way to handle 500 when refreshing access token.

Additional Details

guillaume-chervet commented 1 month ago

Hi @Mikilll94 thank you for your issue. Definitly session lost should be displayed only with an HTTP 400 error. I thought it was the case, i will look at it quickly.