search

sureshchahal / angular2-adal

Angular 2 wrapper for adal.js
MIT License
41 stars 50 forks source link

Method for refreshing the id_token #71

Open saransh9944 opened 6 years ago

saransh9944 commented 6 years ago

Can we please have a method to refresh the id_token?

Milan03 commented 6 years ago

I am looking for a way to automatically refresh id_token as well.

sureshchahal commented 6 years ago

it should automatically refresh in background.

Milan03 commented 6 years ago

I implemented using this example. After an hour or so I get No JWT present or has expired in console and have to refresh the page in browser to trigger a re-sign-in. Any tips to get auto-refresh to work?

saransh944 commented 6 years ago

I have to refresh the browser to trigger a re-sign-in. Not sure how auto-refresh works as suggested by Sureshchahal. @sureshchahal

Milan03 commented 6 years ago

I figured it out using the example I posted about earlier.

In auth.service he has the following:

import { AdalService } from 'ng2-adal/dist/core'

public callApi(url: string): Observable<Response> {
    return this.adalService
        .acquireToken(this.tokenResource)
        .flatMap<string, Response>((token) => {

            this._setAuthHeaders(token);
            return this.AuthGet(url);
        });
}

private _setAuthHeaders(access_token, token_type = 'Bearer') {
    access_token = access_token || this.adalService.getCachedToken(this.adalConfigService.adalConfig.clientId);
    this.authHeaders = new Headers();
    this.authHeaders.append('Authorization', token_type + ' ' + access_token);
    this.authHeaders.append('Content-Type', 'application/json');
}

/**
 * Example of how you can make auth request using angulars http methods.
 * @param options if options are not supplied the default content type is application/json
 */
AuthGet(url: string, options?: RequestOptions): Observable<Response> {

    if (options) {
        options = this._setRequestOptions(options);
    } else {
        options = this._setRequestOptions();
    }
    return this.http.get(url, options);
}

public _setRequestOptions(options?: RequestOptions) {

    if (options) {
        options.headers.append(this.authHeaders.keys[0], this.authHeaders.values[0]);
    } else {
        options = new RequestOptions({ headers: this.authHeaders, body: '' });
    }

    return options;
}

What I did was call the .callApi(url) on a common GET within my app. The callApi(...) seems to correctly check if the token is expired and if so retrieves another one (w/o refreshing the page). I've tried calling just acquireToken() itself but it didn't do anything, I guess this the proper way to map it.

I have this confirmed working with adal-angular@1.0.14.

saransh944 commented 6 years ago

@Milan03 , when and where are you calling this callAPI method? Is this being called for any api call in the application?

Milan03 commented 6 years ago

@saransh944 If you read my above post I use it on a common GET method so that if the token is expired it will be refreshed upon one of those calls. Theoretically you can use it for all of your calls to your API.