Open iedokpayintsb opened 1 month ago
hi @iedokpayintsb , thank you for your issue.
That strange, do you have a sample of your configuration ?
import { nanoid } from 'nanoid';
export const Login_Gov_Config = {
client_id: import.meta.env.VITE_LOGIN_GOV_CLIENT_ID,
redirect_uri: ${window.location.origin}/authentication/callback
,
silent_redirect_uri:${window.location.origin}/authentication/silent-callback
,
scope : ‘openid, email’,
authority:’ https://idp.int.identitysandbox.gov’,
service_worker_relative_url: "/OidcServiceWorker.js", // just comment that line to disable service worker mode
service_worker_only: false,
demonstrating_proof_of_possession: false,
extras:{'acr_values':'http://idmanagement.gov/ns/assurance/ial/2', 'prompt':'select_account', 'nonce': nanoid(22), 'state':nanoid(50)}
};
From: Guillaume Chervet @.> Sent: Thursday, May 23, 2024 12:48 PM To: AxaFrance/oidc-client @.> Cc: Idaho Edokpayi (Contractor) @.>; Mention @.> Subject: Re: [AxaFrance/oidc-client] Error on Logout (Issue #1374)
[CAUTION] This email originated from outside of the organization. Do not click any links or open attachments unless you recognize the sender and know the content is safe.
hi @iedokpayintsbhttps://github.com/iedokpayintsb , thank you for your issue.
That strange, do you have a sample of your configuration ?
— Reply to this email directly, view it on GitHubhttps://github.com/AxaFrance/oidc-client/issues/1374#issuecomment-2127820664, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A6MPVPZ5XCCWRO7NZA6HFQLZDY2XRAVCNFSM6AAAAABIEPGIRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMRXHAZDANRWGQ. You are receiving this because you were mentioned.Message ID: @.**@.>>
CONFIDENTIALITY NOTICE - THIS E-MAIL TRANSMISSION MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL, PROPRIETARY, SUBJECT TO COPYRIGHT, AND/OR EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. IT IS FOR THE USE OF INTENDED RECIPIENTS ONLY. If you are not an intended recipient of this message, please notify the original sender immediately by forwarding what you received and then delete all copies of the correspondence and attachments from your computer system. Any use, distribution, or disclosure of this message by unintended recipients is not authorized and may be unlawful.
Thank you @iedokpayintsb . I will test with your parameters to try to reproduce it.
hi @iedokpayintsb does version 7.22.9-alpha.1456 fixe it?
I will check!
Get Outlook for iOShttps://aka.ms/o0ukef
From: Guillaume Chervet @.> Sent: Friday, June 28, 2024 3:26:24 PM To: AxaFrance/oidc-client @.> Cc: Idaho Edokpayi (Contractor) @.>; Mention @.> Subject: Re: [AxaFrance/oidc-client] Error on Logout (Issue #1374)
[CAUTION] This email originated from outside of the organization. Do not click any links or open attachments unless you recognize the sender and know the content is safe.
hi @iedokpayintsbhttps://github.com/iedokpayintsb does version @.***/oidc-client/v/7.22.9-alpha.1456> fixe it?
— Reply to this email directly, view it on GitHubhttps://github.com/AxaFrance/oidc-client/issues/1374#issuecomment-2197603398, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A6MPVP7SOVTU5QNOXRBISE3ZJXBHBAVCNFSM6AAAAABIEPGIRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJXGYYDGMZZHA. You are receiving this because you were mentioned.Message ID: @.***>
CONFIDENTIALITY NOTICE - THIS E-MAIL TRANSMISSION MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL, PROPRIETARY, SUBJECT TO COPYRIGHT, AND/OR EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. IT IS FOR THE USE OF INTENDED RECIPIENTS ONLY. If you are not an intended recipient of this message, please notify the original sender immediately by forwarding what you received and then delete all copies of the correspondence and attachments from your computer system. Any use, distribution, or disclosure of this message by unintended recipients is not authorized and may be unlawful.
Login.gov logout causes State error
When logging out with Login.Gov I see an error message saying something like: Error: State not valid (expected: null, received: xxxx) I traced it back to oidc-client/packages/[oidc-client] Line 201. The code explicitly sets the state to null!
Versions
"@axa-fr/oidc-client": "^7.22.5", "@axa-fr/react-oidc": "^7.22.4"
Screenshots
Expected
State should be valid until logout
Actual
State is not valid until logout
Additional Details