search

IdentityModel / oidc-client-js

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
Apache License 2.0
2.43k stars 841 forks source link

how to persist user and have updated access_token until the user is using client app? #454

Closed leo9223 closed 6 years ago

leo9223 commented 6 years ago

First, I have tried to implement silentSignin like described on many posts I get error refused to display ''x-frame-options" are set to "sameorigin" However, I also saw somewhere in the posts @brockallen said it is not supported by many browsers

Secondly, I saw this https://damienbod.com/2017/06/02/implementing-a-silent-token-renew-in-angular-for-the-openid-connect-implicit-flow/ blog post but in this post it seems the author is not using the methods in oidc-client.js

So, I want to persist a user until s/he is using my app. Without asking s/he to put his/her credentials again.

Any help would be highly appreciable

timaxapa commented 6 years ago

Hi. You have implemented signing in action yet and only need silent refresh mechanism?

brockallen commented 6 years ago

First, I have tried to implement silentSignin like described on many posts I get error refused to display ''x-frame-options" are set to "sameorigin"

signin silent should never run into CSP issues because if it's successful then it will never be rendering html. It should also never be rendering a login page because prompt=none should be part of the silent request. If it does need to render html, then it's an error page, so I suspect you have some error somewhere (possibly config).

leo9223 commented 6 years ago

I am making an angular4 client using oidc-client.js

@timaxapa Yes I am able to successfully login, Now I just have to persist the session untill user is using my app

@brockallen

Config const config: any = { authority: 'http://localhost:5000', client_id: '1', redirect_uri: 'http://localhost:4200/callback', silent_redirect_uri: 'http://localhost:4200/silent-callback', automaticSilentRenew: true, response_type: 'id_token token', scope: 'openid profile mad-resource', post_logout_redirect_uri: 'http://localhost:4200', };

http://localhost:4200/silent-callback export class SilentCallbackComponent implements OnInit { constructor(private _oidc: OidcService, private router: Router) { } ngOnInit() { this._oidc.mgr.signinSilentCallback(); } }

Event at main page _oidc.mgr.events.addSilentRenewError((error) => { alert(error); });

Result when token is expiring image

timaxapa commented 6 years ago

@leo9223 Your endpoints

http://localhost:4200/callback
http://localhost:4200/silent-callback

have to be added to SSO server config as an acceptable redirect urls. Do you have an access to SSO server configuration?

leo9223 commented 6 years ago

@timaxapa Ah! you are right. I was not setting the http://localhost:4200/silent-callback in my auth server. After setting the redirect uri its working awesomely fine. Thank you so much :)