Oidc-client-js: Silent renew stops when reloading the page

Created on 30 Jun 2016 · 15Comments · Source: IdentityModel/oidc-client-js

I'm working in a jsclient (SPA), the automatic silent renew is working fine but when I reload the page (e.g: pressing F5) it does not anymore, I can even see the valid token in the storage but it seems that the userManager does not "realize" that it is going to expire.

This scenario worked without any problem with the oidc-token-manager (I'm migrating). Is it about some new validation or a bug that the timer is turned off after the page-reload?

Best regards.

bug

Source

wilsonmontalvo

Most helpful comment

I've not looked at this yet (I'm traveling, but I will on Friday), but I suspect when the user is loaded from the local store we're simply missing the check to initiate the timer.

brockallen on 7 Jul 2016

👍3

All 15 comments

Hi,

I think I'm experiencing the exact same issue. My application is a React based SPA, with the Oidc.UserManager being initialised in the entry index.js file. I've enabled logging of info messages, and can see that on the first load of the application UserManager and AccessTokenEvents are configured and timers are setup to handle token refresh. At this point tokens are renewed as expected.

If I then refresh the page (e.g. CTRL+F5), a far smaller set of messages are logged and from this point no attempts to refresh the token are ever made. I've included the post CTRL+F5 logging output below, and can provide more logs as required (please excuse the anonymised URL / Client strings!)

Thanks

automaticSilentRenew is configured, setting up silent renew
oidc-client.min.js:26UserManager.getUser
oidc-client.min.js:26_loadUser
oidc-client.min.js:26WebStorageStateStore.get user:https://www.dummy.co.uk:dummy-ui
oidc-client.min.js:26UserManager.getUser
oidc-client.min.js:26_loadUser
oidc-client.min.js:26WebStorageStateStore.get user:https://www.dummy.co.uk:dummy-ui
oidc-client.min.js:26UserManager.getUser
oidc-client.min.js:26_loadUser
oidc-client.min.js:26WebStorageStateStore.get user:https://www.dummy.co.uk:dummy-ui
oidc-client.min.js:26user storageString loaded
oidc-client.min.js:26User.fromStorageString
oidc-client.min.js:26user storageString loaded
oidc-client.min.js:26User.fromStorageString
oidc-client.min.js:26user storageString loaded
oidc-client.min.js:26User.fromStorageString
3oidc-client.min.js:26user loaded

JMonono on 30 Jun 2016

👍1

Possibly. I'll have a look when I can.

brockallen on 30 Jun 2016

The problem extends when I open a new tab, one tab does the renewal and the other not. So, if I close the first one, the second expires soon.

wilsonmontalvo on 1 Jul 2016

Same problem for me as well, after the refresh the 'Events.load' don't show up in the log.

Initial page load log:

automaticSilentRenew is configured, setting up silent renew
…REMOVED SOME LOG ITEMS...
claims processed
got signin response
_storeUser storing user
User.toStorageString
WebStorageStateStore.set user:https://localidentity.XXX.it/identity/:XXX
user stored
UserManagerEvents.load
AccessTokenEvents.load
canceling existing access token timers
access token present, remaining duration: 10799
registering expiring timer in: 10699
registering expired timer in: 10800
Raising event: User loaded

Log on Page Refresh (F5)

automaticSilentRenew is configured, setting up silent renew
UserManager.getUser
_loadUser
WebStorageStateStore.get user:https://localidentity.XXX.it/identity/:XXX
user storageString loaded
User.fromStorageString
user loaded

MichielNL83 on 7 Jul 2016

👍1

I've not looked at this yet (I'm traveling, but I will on Friday), but I suspect when the user is loaded from the local store we're simply missing the check to initiate the timer.

brockallen on 7 Jul 2016

👍3

I get the same in an angular app.
@brockallen yes, the timer is only initiated after a fresh sign in without a user in storage.

mbeckenbach on 16 Jul 2016

👍1

Ok, fixing this issue: https://github.com/IdentityModel/oidc-client-js/issues/43 has caused this one. I'll see if I can thread this correctly...

brockallen on 17 Jul 2016

Ok, I pushed a fix under 1.1.0-beta.3. Very sorry for how long it took me to get to this -- as always, super busy.

Please let me know if it's working now for you.

brockallen on 17 Jul 2016

❤1

@brockallen No need to apologise - it's much appreciated you looked at the issue at all! I've just tried the fix locally and after my initial tests it seems to work perfectly for me. If there is any further information / testing I can provide please let me know.

Thanks for the fix!

JMonono on 18 Jul 2016

Ok, thanks. I'll close this now.

brockallen on 18 Jul 2016

@brockallen thanks for your response. But the problem persist in my case with the beta3. @JMonono , @MichielNL83 , @mbeckenbach have you tested this new release? is it working ok for you?

wilsonmontalvo on 20 Jul 2016

@Wilsonmg from the looks of it, it seems to be working correctly now. User loads correctly from storage and AccesTokenEvents timers are running.

I'm not in the office right now so i can't connect to my local IdentityServer with short lived tokens so i haven't tested the actual refresh.

MichielNL83 on 20 Jul 2016

@Wilsonmg I can confirm that beta3 fixed the issue for me as well. On first load of the application and after refreshing the page UserManager and AccessTokenEvents are configured and timers are setup to handle token refresh.

JMonono on 20 Jul 2016

@Wilsonmg maybe you have a cached version?

brockallen on 20 Jul 2016

Thank you all. @brockallen it might be that... I haven't had enough time to work more on this again, I'll be back when I can.
Regards and thanks for the fix.

wilsonmontalvo on 21 Jul 2016

Was this page helpful?

0 / 5 - 0 ratings