Open ajmaln-tw opened 7 months ago
Its most probably a logic bug in you application code. Maybe enabling logging helps you to find out: https://authts.github.io/oidc-client-ts/#md:logging
This needs addressing in the application logic. A couple of techniques that help to avoid redirect loops:
WHEN TO REDIRECT
Only trigger an authorization redirect if you don't have an access token yet or if access token refresh fails.
Don't trigger an authorization redirect if you get a 401 from an API.
If you get a permanent 401 (after a successful token refresh) it is a sign that the token configuration is wrong. A new authorization redirect won't fix that.
TIME BASED PROTECTION
One technique you can use is to record the time for the last successful login, then use it to prevent a new login:
private async _preventRedirectLoop(api401Error: UIError): Promise<void> {
const currentTime = new Date().getTime();
const millisecondsSinceLogin = currentTime - this._loginTime;
if (millisecondsSinceLogin < 1000) {
await this.clearLoginState();
throw api401Error;
}
}
One place where this is useful is when iframe based renewal fails due to the (third-party) SSO cookie being dropped. For example, this happens in the Safari browser and can be another cause for a redirect loop.
EXAMPLE OF MINE
Any OAuth client needs to write some reliability code to deal with expiry events. You can run my oidc client example or look at its code to get some ideas.
When attempting to implement a redirect to the Identity Server login page, the application appears to be stuck in an infinite redirection loop. I suspect this may be due to calling the handleLogin function within the component. The expected behavior is to redirect to the Identity Server login page upon entering the web app URL (http://localhost:4200/), and after successful login, redirect back to http://localhost:4200/. Additionally, if a session is already present, the app should not redirect to the login page but should display http://localhost:4200/.
here is my code
configuration of oidc client
Inside the App initiated the user manager and pass as props to the ProjectLayout Component
Project layout where OIDC authentication happens
Steps to Reproduce:
Expected Behavior:
Actual Behavior: The application is stuck in an infinite redirection loop.
screenshots![github issues](https://github.com/authts/oidc-client-ts/assets/129822667/da948e28-314a-498e-9e45-6c60b1cb48a3)