Angular-auth-oidc-client: Token stuck in URL and not make its way to session storage in latest version
I am using Angular 10 with "angular-auth-oidc-client": "^11.2.2", i can see https://localhost:4200/home#state=04f0e57bbd69090ce405c785b0d82b70c3p5aGjeg&access_token=eyJ0eXAi ... in url and it used to go to SessionStorage by default but it does not.
As a result it retuns false from
this.oidcSecurityService.isAuthenticated$.subscribe(
(isAuthenticated: boolean) => {
console.log('isAuthenticated:', isAuthenticated);
}
);
please help !!!!
here is oidcConfig->
oidcConfigService.withConfig({
stsServer: environment.login_url + environment.policy,
redirectUrl: environment.redirect_url,
postLogoutRedirectUri: environment.post_logout_redirect_uri,
clientId: environment.client_id,
scope: environment.scope,
responseType: 'id_token token',
logLevel: LogLevel.Debug,
forbiddenRoute: '/logout',
unauthorizedRoute: '/unauthorized',
autoUserinfo: false,
storage: sessionStorage,
silentRenew: true,
silentRenewUrl: window.location.origin + '/silent-renew.html',
maxIdTokenIatOffsetAllowedInSeconds: 1000,
});
mhadji
All 11 comments
Hello @mhadji
Please share your logs from console. Log level should be Debug when you pass configuration for the library (OidcConfigService.withConfig()).
Expelz
on 17 Nov 2020
Anyone know what's the latest working version?
lwensveen
on 17 Nov 2020
@mhadji Do you handle the callback on the return URL? See the examples for reference
Greetings Damien
damienbod
on 17 Nov 2020
10.0.15 is the latest working version for me?
mhadji
on 17 Nov 2020
@damienbod Please give a link for example and by the way, I am using this since version 6 and it is the first time I have an issue with it. I followed "Azure B2C Code Flow PKCE with Silent renew" from samples in doc.
mhadji
on 17 Nov 2020
Hi @mhadji ye sorry, version 10 to verison 11 had major breaking changes...
https://github.com/damienbod/angular-auth-oidc-client/blob/main/docs/samples.md#azure-b2c-code-flow-pkce-with-silent-renew
Greetings Damien
damienbod
on 17 Nov 2020
@damienbod , i followed the exact example.
mhadji
on 17 Nov 2020
@mhadji I will look into B2C then, I usually stick with AAD or IdentityServer4.
damienbod
on 17 Nov 2020
this thing also happened to me because I hadn't called checkAuth
if you don't subscribe to the result of checkAuth isAuthenticated is always false
so in ngOnInit
ngOnInit(): void {
this.oidcSecurityService
.checkAuth()
.subscribe((auth) => console.log('is authenticated', auth));
}
and elsewhere (in constructor for me)
constructor(
private oidcSecurityService: OidcSecurityService
) {
this.isAuthenticated$ = this.oidcSecurityService.isAuthenticated$;
this.userData$ = this.oidcSecurityService.userData$;
}
if there is another method I am always open to better solutions 馃槃 馃槃
cedbesafilm
on 20 Nov 2020
@cedbesafilm your solution kinda worked (i am seeing other errors to which it could not be related).
mhadji
on 20 Nov 2020
@mhadji my solution is the first step in quickstart guide 馃槃
@damienbod for clarity perhaps it would be better to indicate that without the call to checkAuth (and its subscription) the flow does not start?
cedbesafilm
on 20 Nov 2020
Related issues
yelhouti
路
4Comments
sdev95
路
3Comments
hannesrohde
路
3Comments
Jonesie
路
4Comments
daudihusbands
路
3Comments
Most helpful comment
@mhadji my solution is the first step in quickstart guide 馃槃
@damienbod for clarity perhaps it would be better to indicate that without the call to checkAuth (and its subscription) the flow does not start?