Angular-oauth2-oidc: Emit "silent_refresh_timeout" error event during 5 -> 10 minutes

Created on 16 May 2018  路  10Comments  路  Source: manfredsteyer/angular-oauth2-oidc
  • When I come back my page duration is 5 => 10 minutes, a error raises like bellow:

    • refresh error OAuthErrorEvent聽{type: "silent_refresh_timeout", reason: null, params: null}.

  • Can you can help me fix it and explain why? thanks so much

  • this is my config:

export const authConfig: AuthConfig = {

// Url of the Identity Provider
issuer: BaseHostConstant.authorityUrl,

// URL of the SPA to redirect the user to after login
redirectUri: ${BaseHostConstant.baseUrl}login,

// URL of the SPA to redirect the user after silent refresh
silentRefreshRedirectUri: ${BaseHostConstant.baseUrl}silent-refresh,

// The SPA's id. The SPA is registerd with this id at the auth-server
clientId: BaseHostConstant.ssoClientId,

responseType: 'id_token token',

oidc: true,

// set the scope for the permissions the client should request
// The first three are defined by OIDC. The 4th is a usecase-specific one
scope: 'openid profile email roles hrtoolInternalApi organization',

showDebugInformation: true,

sessionChecksEnabled: true,

// redirect to login after logout
postLogoutRedirectUri: BaseHostConstant.baseUrl,

// timeoutFactor: 0.002

};

private oauthConfigure() {
this.oauthService.configure(authConfig);
this.oauthService.tokenValidationHandler = new JwksValidationHandler();
this.oauthService.loadDiscoveryDocumentAndTryLogin();

const loginOptions = new LoginOptions();
loginOptions.disableOAuth2StateCheck = true;
this.oauthService.loadDiscoveryDocumentAndLogin(loginOptions).then((res) => {
  if (!this.authService.isAuthenticated) {
    this.oauthService.silentRefresh();
  }
});

}

Component({
template: ``
})
export class SilentRefreshComponent implements OnDestroy {
private timer;

constructor(private authService: OAuthService) {
    this.timer = setTimeout(() => {
        this.oauthService.silentRefresh();
    }, 30000);
}

ngOnDestroy() {
    clearTimeout(this.timer);
}

}

more-info-needed
Source
picture quocboy159

Most helpful comment

I have made everything as described here https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/refreshing-a-token-(silent-refresh).html, but still no success. The token gets updated, but the error does not disappear.

picture uncledent on 4 Jun 2018
👍7

All 10 comments

@manfredsteyer Can you help me?

quocboy159 picture quocboy159 on 18 May 2018

With pleasure. Is your silent-refresh.html defined as an asset? Cann you directly call it or are you redirected to index.html?

What I need is a minimal stackblitz.com-example that demonstrates the issue.

manfredsteyer picture manfredsteyer on 19 May 2018

@manfredsteyer if I use setupAutomaticSilentRefresh(), so do I need define url of silentRefresh' silentRefreshRedirectUri: ${BaseHostConstant.baseUrl}silent-refresh'?

quocboy159 picture quocboy159 on 21 May 2018

I think I am getting similar behaviour when using setupAutomaticSilentRefresh. I set my tokens to expire every minute and this is the sequence of events I see when silent refresh is triggered:

OAuthInfoEvent聽{type: "token_expires", info: "id_token"}
OAuthSuccessEvent聽{type: "discovery_document_loaded", info: null}
OAuthSuccessEvent聽{type: "discovery_document_loaded", info: {鈥}
OAuthSuccessEvent聽{type: "token_received", info: null}
OAuthErrorEvent聽{type: "silent_refresh_timeout", reason: null, params: null}

It seems as though the silently_refreshed event isn't making it through to stop the silent_refresh_timeout. I'll try to set up an example now using a dummy realm on my Keycloak server.

edit: The silent refresh doesn't appear to work inside Stackblitz - probably something to do with the iframe? Here is my attempt at a minimal example demonstrating my setup (I'm actually using Angular 5 whereas this example is Angular 6) https://stackblitz.com/edit/angular-xlfkgj

ed-alertedh picture ed-alertedh on 21 May 2018

Thanks.

You have to consider the following:

  • You need an silent-refresh.html
  • You need to define it as an asset so that it is copied over to the dist folder
  • You need to point to it using a config property

Details can be found here:
https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/refreshing-a-token-(silent-refresh).html

In Angular 6 you have to add the src folder when setting up the assets:

"assets": [
              "src/silent-refresh.html"
],
manfredsteyer picture manfredsteyer on 21 May 2018
👍2

I guess that's what I get for not reading the docs carefully enough... Thanks for the help, it's working as intended now!

What was weird was that the silent refresh actually seemed to work even without the html page set up - it was putting new tokens into storage somehow!

ed-alertedh picture ed-alertedh on 22 May 2018

Thanks, How can I use Single-Sign-Out @manfredsteyer ?

quocboy159 picture quocboy159 on 23 May 2018

I have made everything as described here https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/refreshing-a-token-(silent-refresh).html, but still no success. The token gets updated, but the error does not disappear.

uncledent picture uncledent on 4 Jun 2018
👍7

I am getting the same error while refreshing token. Refreshtoken.html is already set as assets.

Error is :
AuthErrorEvent聽{type: "token_error", reason: {鈥,

neerajkaushik123 picture neerajkaushik123 on 13 Aug 2019

@manfredsteyer
I'm getting this error for silent refresh 'silent_refresh_timeout'.

"assets": [
"src/silent-refresh.html"
],

How I can configure the same for Angular 4 version which doesn't have .angular-cli.json

Anandharaj picture Anandharaj on 7 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

PaulienVa picture PaulienVa  路  4Comments
uzzafar picture uzzafar  路  4Comments
CharlyRipp picture CharlyRipp  路  3Comments
rbkrabbe picture rbkrabbe  路  4Comments
jeroenheijmans picture jeroenheijmans  路  4Comments