IdentityModel / oidc-client-js

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
Apache License 2.0
2.43k stars 842 forks source link

Multiple concurent calls issue #1332

Closed BressOne closed 3 years ago

BressOne commented 3 years ago

Hi!

Using the package for a while with REact and found an issue. I am initializing oidc client once in a high-level context. Init is caused only once and I am pretty certain that it is done only once. But for some reason, I see that the oidc-configuration call is issued multiple times, furthermore: renewal of a token is issued multiple times too. That is a bit confusing. Also found that there are multiple iframes in the root of and the count of these iframes is === the count of concurrent calls to the identity server.

Currently, I've allowed refresh token reuse but it is a cheap and dirty workaround. Before that only first of token renew calls was successful and the second failed due to refresh token invalidation.

I am providing my config below.

https://codepen.io/bressone/pen/mdRmXPe?editors=0010

image

image

UPD: if I remember correctly, example here acts the same way: https://github.com/skoruba/react-oidc-client-js

brockallen commented 3 years ago

Ensure you only have one instance of the UserManager, as it's responsible for the user's session. If you have more than one, then you'll have many of them thinking they need to do their job.