When authorizing, a GET request is sent instead of a POST. On iPhone

AxaFrance / oidc-client

Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).

MIT License

601 stars 161 forks source link

When authorizing, a GET request is sent instead of a POST. On iPhone #1443

Open vital21 opened 3 months ago

vital21 commented 3 months ago

Hi @guillaume-chervet.

When I log into my application using my iPhone, my post request for the token turns into a get. So my page keeps reloading. Everything works on other devices.

I'm using iPhone 7 with iOS 15.8.3

My config

Here are the errors that are displayed in Safari using the extension. I don't have a MAC so this is the only way I can do it.

In the logs on the server you can also see that a get request is coming.

image (2)

How can I fix this problem?

guillaume-chervet commented 3 months ago

Hi @vital21 , thank you for your feedback. This is very strange. I do know how to investigate. Do you have the same behavior if you desactivate the serviceworker mode?

vital21 commented 3 months ago

We commented out the line and added a forced replacement of the access token in requests. It helped. Is disabling ServiceWorker the only solution, or are there other solutions to this problem? //service_worker_relative_url: '/OidcServiceWorker.js',

guillaume-chervet commented 3 months ago

Thank you @vital21 for your feedback. This strange problem comes from ServiceWorkerMode.

Temporaly your can desactivate ServiceWorker on iphone by using service_worker_activate property.

Your may find more information here => https://github.com/AxaFrance/oidc-client/blob/main/packages/oidc-client/README.md