Due to "Throttling of Javascript timers in background" feature of the browser, the timer slows down when the browser tab is inactive.
This stops the token Auto fresh interval when tab is inactive
If user return to inactive tab, due to expired refresh token, id token and accessToken, call to following will fail
call to tokenRfresh endpoint of OP will fail as refreshToken is expired
library does not handle handle or throw exception in this scenario
Logout call will fail as it also need IdToken to be valid
Probable valid flow:
Option 1: library should check for refresh token expiry before making the refresh call and initiate the login flow
Option 2: If refresh token call returns an invalid grant (401) response, library should initiate the login flow.
As mentioned in this issue: https://github.com/manfredsteyer/angular-oauth2-oidc/issues/1345
Due to "Throttling of Javascript timers in background" feature of the browser, the timer slows down when the browser tab is inactive.
Probable valid flow: Option 1: library should check for refresh token expiry before making the refresh call and initiate the login flow Option 2: If refresh token call returns an invalid grant (401) response, library should initiate the login flow.
Reference: https://stackoverflow.com/q/64836377/846536