Oidc-client-js: First session check should happen immediately, rather than after checkSessionInterval

Created on 21 May 2018  路  3Comments  路  Source: IdentityModel/oidc-client-js

If a user changes their OIDC session through another site, then loads a page on my site, there is a delay before the change in session is noticed. This allows a brief opportunity for the user to interact with my site under the original session.

I believe this could be addressed by having the start function in CheckSessionIFrame.js call the trigger function immediately, as well as setting the interval.

https://github.com/IdentityModel/oidc-client-js/blob/f564f974809c90e8093f6f5006b07e2b0e7a0b4a/src/CheckSessionIFrame.js#L61

enhancement
Source
picture tamias

Most helpful comment

Thank you! I acknowledge that there will always be a small window of opportunity for the old session to be used. This should help, though, so I appreciate the change.

picture tamias on 22 May 2018
👍2

All 3 comments

The interval can already be set in the options, FWIW.

I'm not sure doing the check at start time will always help your situation, as you could have already started, then the user signs out. So I think you will always have the possibility of this delay.

brockallen picture brockallen on 22 May 2018

Ok, I changed the check to run immediately on start. It's been pushed to npm in 1.5.0-beta.4.

brockallen picture brockallen on 22 May 2018
👍1

Thank you! I acknowledge that there will always be a small window of opportunity for the old session to be used. This should help, though, so I appreciate the change.

tamias picture tamias on 22 May 2018
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

slug56 picture slug56  路  4Comments
bialabs picture bialabs  路  3Comments
mode777 picture mode777  路  3Comments
ycrumeyrolle picture ycrumeyrolle  路  5Comments
LEW21 picture LEW21  路  4Comments