search

okta / okta-vue

OIDC SDK for Vue
https://github.com/okta/okta-vue
Other
46 stars 26 forks source link

Fixes issue with navigationGuard by starting oktaAuth service for login redirect #77

Closed denysoblohin-okta closed 2 years ago

denysoblohin-okta commented 2 years ago

PR Checklist

Please check if your PR fulfills the following requirements:

PR Type

What kind of change does this PR introduce?

What is the current behavior?

After expiring of tokens when user tries to navigate to protected page, navigationGuard will be called. _oktaAuth.isAuthenticated() will return false, but _oktaAuth.authStateManager.getAuthState() will contain isAuthenticated: true, so guardSecureRoute will do nothing.

Issue Number: OKTA-420066 Resolves #72

What is the new behavior?

Need to start oktaAuth service after handleLoginRedirect() call in LoginCallback component. This way isAuthenticated will be correct.

Does this PR introduce a breaking change?

Other information

Using okta-auth-js 5.4.3+ will fix issue (see comment) because of using default autoRenew: true in isAuthenticated() call which will remove expired tokens.

Updated okta-auth-js to ^5.8.0

Reviewers

shuowu commented 2 years ago

I think the issue comes from https://github.com/okta/okta-vue/blob/master/src/okta-vue.ts#L120, with the latest version of okta-auth-js, we should just call the oktaAuth.start(), then handleLoginRedirect should be able to update the tokens when it's finished.

This logic has been updated in okta-react and okta-angular, but by some reason this repo has been missed.

https://github.com/okta/okta-angular/blob/master/src/okta/okta.module.ts#L77 https://github.com/okta/okta-react/blob/master/src/Security.tsx#L72

denysoblohin-okta commented 2 years ago

Changed to always start service

denysoblohin-okta commented 2 years ago

@shuo Rebased onto 5.0, added changelog (5.0.2)