search

manfredsteyer / angular-oauth2-oidc

Support for OAuth 2 and OpenId Connect (OIDC) in Angular.
MIT License
1.88k stars 687 forks source link

Not staying authenticated after successfully authenticating #1434

Open briclabs opened 2 weeks ago

briclabs commented 2 weeks ago

Describe the bug I'm using Authentik as my identity provider, and can see that when I click login, it is in fact redirecting to Authentik and authenticating. However, it then redirects back to my app like its supposed to, but it doesn't retain state: it forgets it just authenticated. I feel like its reloading the SPA and in doing so is losing knowledge of the access token etc that it just got back from Authentik? It then tries to do it again, causing it to loop indefinitely, authenticating successfully each time and promptly forgetting it did so every time as well. Very confused.

AuthConfig:

export const authCodeFlowConfig: AuthConfig ={
  issuer: 'http://localhost:9000/application/o/evcoordinator/',
  tokenEndpoint: 'http://localhost:9000/application/o/token/',
  redirectUri: window.location.origin,
  requireHttps: false,
  clientId: 'evcoordinator',
  responseType: 'code',
  scope: 'openid profile email offline_access',
  useSilentRefresh: true,
  showDebugInformation: true,
  strictDiscoveryDocumentValidation: false,
}

Constructor of a service that is injected into my component:

  constructor(private readonly oauthService: OAuthService, private httpClient: HttpClient) {
    oauthService.configure(authCodeFlowConfig);
    oauthService.loadDiscoveryDocument()
      .then( () => {
      oauthService.tryLoginCodeFlow().then( () => {
        if (!oauthService.hasValidAccessToken()) {
          oauthService.initLoginFlow();
        } else {
          oauthService.loadUserProfile().then( (userProfile) => {
            console.log(JSON.stringify(userProfile));
          })
        }
      })
    })
  }

Credit to https://www.youtube.com/watch?v=QV5YtczsorY for getting me this far. This seems like it should work. I feel like I must be missing something pretty simple but I can't figure out what it is.

Menschomat commented 1 week ago

Did you find any solution for authentik?

briclabs commented 1 week ago

No sir; dunno why what I posted wouldn't work.

briclabs commented 5 days ago

I just confirmed the same code does the same thing with Keycloak. This makes no sense to me.