IdentityModel / oidc-token-manager

Apache License 2.0
51 stars 36 forks source link

Request state and response state are different on iOS 10.x #68

Closed HBOlsen closed 6 years ago

HBOlsen commented 7 years ago

I know this library is discontinued but hopefully I can be pointed in the right direction.

We use this lib to handle redirect to an Identity Server 3 as well as handling the response provided by said IDS. This works like a charm in Chrome, IE and older iOS devices. On newer iOS devices(verified on iPhone 7 running the latest iOS as well as the simulator available for Safari on Macs) we get an error message saying "Invalid state" when in the function "processResponseAsync".

The settings provided to the OidcTokenManager class are as follows: client_id: 'appsimplicit', redirect_uri: getredirectUri(), post_logout_redirect_uri: window.location.protocol + '//' + window.location.host + '/index.html',
response_type: 'id_token token', scope: 'openid profile appsmanagement', authority: authorityUrl

Have you got any fix suggestions?

brockallen commented 7 years ago

Have you got any fix suggestions?

No, as I don't know what the fundamental issue is.

HBOlsen commented 7 years ago

Ok, what can I do to make you understand the fundamental issue?

Have you encountered any iOS specific issues when using this lib with IDS 3? To me it seems like the state sent to the IDS is somehow changed inside the IDS or is saved incorrectly to localstorage in iOS. Does this seem likely to you?

brockallen commented 7 years ago

Have you encountered any iOS specific issues when using this lib with IDS 3

Nothing I know of. You will need to debug the localStorage and sessionStorage and why it's being lost, or why the state being returned is different.

brockallen commented 6 years ago

This repo is retired. use https://github.com/IdentityModel/oidc-client-js/ instead.