Closed ddzingielewski closed 2 months ago
Hi I figured out that when AppA and AppB are put to the same domain things are much more simpler. Both apps share storage (session storage) when is same domain, so refreshed tokens from AppB are visible by AppA and vice versa. I can use silent refresh and my code from previouse example shrinks to:
const authConfig: AuthConfig = {
issuer: [some issuer from config],
redirectUri: window.location.origin + '/appContext/',
clientId: 'the_client',
responseType: 'code',
scope: 'openid',
showDebugInformation: true,
waitForTokenInMsec: 300,
};
oauthService.configure(authConfig);
oauthService.setupAutomaticSilentRefresh();
return from(oauthService.loadDiscoveryDocumentAndTryLogin()).pipe(
switchMap((flag) => {
return someOtherInitOperations();
}),
)
As in my previous comment
hi,
Describe the bug Its not a bug, but general/support question (so please forgive me clearing the default post headers).
Support request I have two angular apps: AppA and AppB. Both use angular-oauth2-oidc. Keycloak is the IDP. Here is the scenario: User logs in in AppA (code flow). At some point of time User (because of business logic) from AppA redirects to AppB. AppB logs in too thruu code flow. User works on AppB longer then AppA refresh_token exp. time. App B still has valid refresh_token thru silent refresh, and of course valid session exists on Keycloak. Now: User wants to redirect back to AppA.
The question: What is a proper way to preserve/refresh login state on AppA?
I managed it to work but in a bit weird/cumbersome way: