IdentityModel / oidc-token-manager

Apache License 2.0
51 stars 36 forks source link

[question] iframe instead of popup #53

Closed michaldudak closed 8 years ago

michaldudak commented 8 years ago

I set my project according to the sample in this repo and I'm wondering - is it possible to display the login popup inside the application, eg. in an iframe?

brockallen commented 8 years ago

Usually IdPs (including IdentityServer) prevent running in an iframe (via XFO).

michaldudak commented 8 years ago

Thanks. The reason I asked is that I'm working on a SPA application that uses Windows authentication. I set up Identity Server according to this sample: https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/WebHost%20(Windows%20Auth%20All-in-One) and I'm using OIDC Token Manager on the client. The problem (or, more like an inconvenience) is that every time I log in, a pop-up appears for just a brief moment. Because credentials are sent by the browser automatically, there's no need for any user input - that's why I'd prefer not to have the pop-up at all. Could you suggest any sensible solution?

brockallen commented 8 years ago

Ah, ok... well, I've been rewriting this project in ES6 now and doing login via an iframe is now part of the normal useage. Perhaps it would be useful for you to switch to it? It's not on npm yet -- just on the dev branch: https://github.com/IdentityModel/oidc-client-js/tree/dev

michaldudak commented 8 years ago

Thanks, I'll give it a try.