Change how popup lifetime is managed

[tzongithub]

We're integrating AAD authentication in an Angular 5 app using oidc-client and popups. With Edge and IE we've noticed an issue that the popups lose connection with the app as soon as the popup window navigates to the MS login URL. As a result the user can authenticate in the popup with AAD, gets redirected back to the app in the popup, but the popup remains open and the app is not notified.

The issue is not reproducible with Chrome or Firefox. The issue is not reproducible if both the client app and identity server are running on localhost.

Quick repro with current version (1.5.3)

Note: this is not our real scenario, but a simple way to demonstrate the problem Angular sample app -> app-autn-n.service.ts -> change login method to sign in with popup return this._userManager.signinPopup();

• Open the modified angular sample app in MS Edge
• Click login -> popup opens the identity server login page -> note that there are no messages in the main app yet
• In the login page click on the AAD login -> popup navigates to the MS login page -> however, you can see in the messages section that the popup window was detected as closed already

[brockallen]

Sounds like a dup of this: https://github.com/IdentityModel/oidc-client-js/issues/613

[brockallen]

I just tested edge with signin popup and it's working. Perhaps they did an update?

[brockallen]

Any update?

[tzongithub]

I could reproduce the issue with this version of Edge: Microsoft Edge 41.16299.666.0 Microsoft EdgeHTML 16.16299

For IE the simple repro above does not work, because the Angular sample app won't load in IE (exception in _for-of.js (14,1)). But the issue was also reproducible with IE in a more complex app by QA.

[brockallen]

I saw the other day a different way to manage the popup as a child, so I will add an enhancement to do it differently.