Angular-auth-oidc-client: App does not load if STS has an issue, CORS for Example

Created on 8 May 2020  路  6Comments  路  Source: damienbod/angular-auth-oidc-client

Describe the bug
If the sts server has no cors enabled, the application will not start

To Reproduce
Steps to reproduce the behavior:

  1. Use a server (stsServer) who has no cors enabled
  2. If you add 
    OidcConfigService,
    {
      provide: APP_INITIALIZER,
      useFactory: configureAuth,
      deps: [OidcConfigService],
      multi: true,
    },

to your app-module.ts providers section, you will see that the application will not start anymore.

Expected behavior
The application should start anyway.

Desktop (please complete the following information):
All

Smartphone (please complete the following information):
All

enhancement investigate
Source
picture paulstelzer

Most helpful comment

Cors is enabled now, I only found the issue and want to let you know. I think it's better to have an application that is running than having a white page :)

picture paulstelzer on 8 May 2020
👍2 🎉1

All 6 comments

Hi @paulstelzer Just wondering if this is good or not. Why should the APP start? If the STS is setup incorrectly and you can not authenticate from the Angular APP, then there is no point in having the authn in the Angular APP.

Greetings Damien

damienbod picture damienbod on 8 May 2020

Have you tried to catch the error in the init and return a resolved (but empty) promise instead?

FabianGosebrink picture FabianGosebrink on 8 May 2020

If CORS is broken on your STS, then you have a DevOps problem maybe, or the system never ran. This is one thing I don't understand in catching. But yes, maybe the app should be able to recover from this.

damienbod picture damienbod on 8 May 2020

Cors is enabled now, I only found the issue and want to let you know. I think it's better to have an application that is running than having a white page :)

paulstelzer picture paulstelzer on 8 May 2020
👍2 🎉1

Totally. Thanks for mentioning this. Glad your issue is fixed. Maybe we will tackle this in future versions. But this would be a breaking change again. We have to draw this first, try it out and maybe bring that up in future versions. Thanks for using the lib 馃檭

FabianGosebrink picture FabianGosebrink on 8 May 2020

Hey @paulstelzer , just wanted to let you know that we just merged a PR which gives you the possibility to lazy load the config and so move the error - if there is one at your sts - to the moment when the user clicks login.

https://github.com/damienbod/angular-auth-oidc-client/pull/724/files#diff-e71cfa1c040ef2eea5de14baab837af9

describes the feature. If you set the eagerLoadAuthWellKnownEndpoints to false your app will start right away and do the call when you call authenticate. Hope this helps.

FabianGosebrink picture FabianGosebrink on 13 May 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

brentos99 picture brentos99  路  4Comments
jhossy picture jhossy  路  4Comments
Roman1991 picture Roman1991  路  4Comments
revok picture revok  路  4Comments
profet23 picture profet23  路  3Comments