search

IdentityModel / oidc-client-js

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
Apache License 2.0
2.43k stars 842 forks source link

Path `id_token_hint` is longer than the maximum allowed length (50). #1386

Closed Mikilll94 closed 3 years ago

Mikilll94 commented 3 years ago

Hello, I have a React SPA app. Normal login works perfectly but silent login is not working. I receive the following error during silent login: 

"message": "Path `id_token_hint` (`[my_token]`) is longer than the maximum allowed length (50).",

Here is my UserManager

const settings: UserManagerSettings = {
  authority: "[censored]",
  client_id: "[censored]",
  redirect_uri: "http://localhost:3000/callback",
  post_logout_redirect_uri: "http://localhost:3000",
  response_type: "code",
  scope: "openid email profile",
  automaticSilentRenew: true,
};

I would be very for glad for any solutions to this error.

brockallen commented 3 years ago

You can disable sending the id_token_hint on silent logins with the includeIdTokenInSilentRenew.

Mikilll94 commented 3 years ago

@brockallen Thanks. But now I receive a different error:

login_required: not able to find valid session

I am also curious why normal login does not have such problems.

brockallen commented 3 years ago

Then if the STS requires a hint but it don't like how big the id_token is, you need to either work on getting it smaller or allowing a larger one to be accepted. Both are changes in the STS, not in this library.