guillaume-chervet
commented
3 days ago hi @YaoHure ,
Did you tried to set token_renew_mode: TokenRenewMode.access_token_invalid, in your configuration?
Do you have a sample of your tokens ?
Open YaoHure opened 3 days ago
guillaume-chervet
commented
3 days ago hi @YaoHure ,
Did you tried to set token_renew_mode: TokenRenewMode.access_token_invalid, in your configuration?
Do you have a sample of your tokens ?
YaoHure
commented
21 hours ago Hi @guillaume-chervet,
When i try to put the token_renew_mode: TokenRenewMode.access_token_invalid it worse the token is call almost every 5 secs.
Here is an sample of tokens and scope that i send :
{
"id_token": "abcdJhbGciOiJSUzI1NiIsImtpZCI6IkNEMTIzNEE2NzZBMTlGN0U5MzQ5MkQ0QzQ2Q0IyNkZEIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3MjAxMDE2NTYsImV4cCI6MTcyMDgcyMDEwMTU1OSwiaWRwIjoiQXp1cmVBRCIsImFtcjI6WyJleHRlcmAvQ3EXJtDlTGmXrAPrC3kRlyFZ8fYuBtAwFc2qFY4s_gyAHTDkBPI1bsDT5n9VtTch8HI8f6aWMRSCuWQ5C3aUzY3vbLKoa34XQ0HQLQxrdI1l5BYdxgMNb5zxz5-ovxZb5WInP9hqKDSr8_LIjPRYflmJ8U1ddqGxnAlDWRXzA7vQQtVHJZGoZVpFGFBB5Sxi6d6WhR7lhOsniKtRC84nTxZs0gRyO-HyYVqUqtfLcyo2uOzxQ",
"access_token": "abcdJhbGciOiJSUzI1NiIsImtpZCI6IkNEMTIzNEE2NzZBMTlGN0U5MzQ5MkQ0QzQ2Q0IyNkZEIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3MjAxMDE2NTYsImV4cCI6MTcyMDg2NDU1NiwiaXNzIjoiaHR0cHM6Ly90LWZlLW15Yi1zc28tbWFzdGVyLmVkaXR1c2hvbWUubHUiLCJhdWQiOiJ0aWNrZXRpbmdfdWkiLCJpYXQiOjE3MjAxMDE2NTYsImF0X2hhc2giOiJDSUNPMkVZNkI4Z3FoUkhaUUNLUFhBIiwic3ViIjoiMTIzNGFjZGVmLTA5OGMtNDUyMC05ZWQxLWJhZjUzMjI4OTZlOCIsImF1dGhfdGltZSI6MTcyMDEwMTU1OSwiaWRwIjoiQXp1cmVBRCIsImFtcjI6WyJleHRlcm5hbCJdfQ.JrLSqL8AvQ3EXJtDlTGmXrAPrC3kRlyFZ8fYuBtAwFc2qFY4s_gyAHTDkBPI1bsDT5n9VtTch8HbE70pl8A0bFvBepRFR_Bf4N5lzm-XvLZgVFk1FJduOBgBd6gThFYDQdXOsG3W2MOTY2v1Yb4In9gWFBtO0kALdBPQy5I8f6aWMRSCuWQ5C3aUzY3vbLKoa34XQ0HQLQxrdI1l5BYdxgMNb5zxz5-ovxZb5WInP9hqKDSr8_LIjPRYflmJ8U1ddqGxnAlDWRXzA7vQQtVHJZGoZVpFGFBB5Sxi6d6WhR7lhOsniKtRC84nTxZs0gRyO-HyYVqUqtfLcyo2uOzxQabcdJhbGciOiJSUzI1NiIsImtpZCI6IkNEMTIzNEE2NzZBMTlGN0U5MzQ5MkQ0QzQ2Q0IyNkZEIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3MjAxMDE2NTYsImV4cCI6MTcyMXvLZgVFk1FJduOBgBd6gThFYDQdXOsG3W2MOTY2v1Yb4In9gWFBtO0kALdBPQy5I8f6aWMRSCuWQ5C3aUzY3vbLKoa34XQ0HQLQxrdI1l5BYdxgMNb5zxz5-ovxZb5WInP9hqKDSr8_LIjPRYflmJ8U1ddqGxnAlDWRXzA7vQQtVHJZGoZVpFGFBB5Sxi6d6WhR7lhOsniKtRC84nTxZs0gRyO-HyYVqUqtfLcyo2uOzxQ9wZSI6WyJvcGVuaWQiLCJwcm9maWxlIiwicHJvZmlsZV9leHRlbmRlZCIsInBob2VuaXguc2VhcmNoLnJlYWQiLCJkb21haW4uY29tcGFuaWVzLnJlYWQiLCJkb21haW4udGlja2V0aW5nLnJlYWQiLCJkb21haW4udGlja2V0aW5nLndyaXRlIiwiYXBpX2F1dGhvcml6YXRpb25fYWNjZXNzIiwiZG9tYWlUu7avnR9TH7C-lhbu_UBv86_bOxWZzm3s7r0lRIshAl4F-qU2whcfegmNxvEqiv91XLDaCsDMr9XAYuaUgHY1Y4vw593J0xfPfO4RhFgo9smSPySCe3YDpBphhe6Q4AwQkzqp8PiBpbmIwxXQE4OgaUBKAKQelahX0dq3AF_hiJ4uBBoRDi_8picnMqEVRFoNLZMNMXuMQK0a8FS-MA_5oLkktWudpokd7sODsL5_IyHWILFteFLQpc4cR61qSlHI08aW95tQDtx7DLnNQ",
"expires_in": 120,
"token_type": "Bearer",
"refresh_token": "885552A4C3A2D9AA20E008F7001C259844Y6ED00EFA1FBB5845EDFRE80",
"scope": "openid profile profile_extended offline_access"
}Do you know the lifetime of your access_token and refresh_token ? @YaoHure
guillaume-chervet
commented
20 hours ago You can also set the default behavior to refresh only when needed https://github.com/AxaFrance/oidc-client/blob/main/examples%2Freact-oidc-demo%2Fsrc%2Fconfigurations.ts#L20
It require you to use fetch from the library to ensure a correct behavior.
YaoHure
commented
20 hours ago @guillaume-chervet access_token : 120sec and refresh_token : 30 days
YaoHure
commented
20 hours ago I use to put this : token_automatic_renew_mode: TokenAutomaticRenewMode.AutomaticOnlyWhenFetchExecuted,
but i don't why like 30min after I received any more tokens ...
or do i need to put a new config inside of the openId ?
Issue and Steps to Reproduce
After logging into the application when I see in the log, there are a lot of calls to the token. Like about very 30sec or less ...
Versions
Screenshots
Config
client_id: 'my_clientid', redirect_uri: window.location.origin + '/oidc-callback', silent_redirect_uri: window.location.origin + '/silent-oidc-callback', scope: 'profile offline_access openid profile_extended + my_scopes', authority: GetConfig('ssoUrl'), service_worker_relative_url: '/OidcServiceWorker.js', service_worker_only: true, demonstrating_proof_of_possession: false, acr_values: 'externalAmrAzureEnable:1', loadUserInfo: true, extras: { acr_values: 'externalAmrAzureEnable:1', },