search

okta / okta-auth-js

The official js wrapper around Okta's auth API
Other
453 stars 265 forks source link

authStateManager subscription callback not triggered on clear user session #1260

Open fseee opened 2 years ago

fseee commented 2 years ago

Describe the bug?

Subscribing to the authStateManager, according to documentation:

const oktaAuth = new OktaAuth(config);
oktaAuth.authStateManager.subscribe(authState => {
  console.log(authState.isAuthenticated);
});

i would expect to receive a callback immediately after user has been deactivated and or user session has been cleared. At the moment the callback is not triggered.

What is expected to happen?

I expect to receive an isAuthenticated=false message immediately after user session has been closed (by Session API or Admin Console).

What is the actual behavior?

Once user has been deactivated/session cleared, the authState will be updated only when the access token lifetime set in the authServer will expire: image

Reproduction Steps?

  1. Login user
  2. Subscribe to authStateManager
  3. Deactivate user / clear use session

SDK Versions

"@okta/okta-angular": "^5.1.0",
"@okta/okta-auth-js": "6.4.5",
"@okta/okta-signin-widget": "6.3.3"

Execution Environment

Chrome

Additional Information?

No response

juztinlazaro commented 2 days ago

any news? im also having an issue after upgrade in this version,

// not triggering oktaAuth.authStateManager.subscribe(authState => {

}

  "@okta/okta-auth-js": "7.8.1",
    "@okta/okta-react": "6.9.0",
    "@okta/okta-signin-widget": "7.24.2",