Oidc-client-js: SilentRenewError Event never hit

Created on 26 Oct 2018  路  8Comments  路  Source: IdentityModel/oidc-client-js

We've got silent renew all working in our app and the default session timeout duration on our OP (id server 3) which I believe is 8 hours. I notice that if I leave the application logged in overnight it will successfully silent renew 8 times each time extending the access token by an hour (circa 3600 seconds) as can be seen by this logging

UserManager.signinSilent: successful, signed in sub:  004e970f-XXXX-49e7-846f-XXXXXXXXXX
CheckSessionIFrame: unchanged message from check session op iframe
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expiring timer expires in: 3533
Timer.callback; Access token expired timer expires in: 3594

but the 9th time the client tries to silently renew the access token I get the following in the console

Timer.callback; Access token expired timer expires in: 59
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
Timer.callback; Access token expired timer expires in: 54
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
Timer.callback; Access token expired timer expires in: 49
CheckSessionIFrame: unchanged message from check session op iframe
IFrameWindow.message
IFrameWindow.timeout
IFrameWindow: cleanup
Frame window timed out
UserManager._signinStart: Error after preparing navigator, closing navigator window
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 44
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 39
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 34
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 29
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 24
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 19
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 14
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 9
CheckSessionIFrame: unchanged message from check session op iframe
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: 4
CheckSessionIFrame: unchanged message from check session op iframe
Timer.callback; Access token expired timer expires in: -1
Timer.cancel:  Access token expired

I hook into the access token expired event and trigger a signoutRedirect which kicks the user to id server to log in again which is great and we have a nice 8 hour session but I still have that 'Frame window timed out' console error. Surely the SilentRenewError event should be raised which I can use to trigger the signout flow?

I imagine the reason the frame is timing out is because the user's session has expired and yet the oidc client is trying to hit some renew endpoint that is now returning an unauthorised response?

Is this perhaps simply a misconfiguration or something I am failing to set on the oidc client config?

question
Source
picture piehouserat
👍4

Most helpful comment

Don't know if it's misconfiguration but i'm experiencing the same thing, the whole silent process flow work's 3-4 times then i get a connection canceled and the iframe timeout.

so your not alone.

picture superrugdr on 8 Nov 2018
👍3

All 8 comments

Don't know if it's misconfiguration but i'm experiencing the same thing, the whole silent process flow work's 3-4 times then i get a connection canceled and the iframe timeout.

so your not alone.

superrugdr picture superrugdr on 8 Nov 2018
👍3

but I still have that 'Frame window timed out' console error

when you get this, then for some reason the token server is prolly showing an error page. check the logs.

if the user is anonymous or their session has logged out, and there's no error then it should not be on an error page and should return immediately with a login_required error.

what token server are you using?

brockallen picture brockallen on 8 Nov 2018

Any update?

brockallen picture brockallen on 16 Nov 2018

Token server is IdentityServer3, I will pull the logs on Monday and update here with any relevant errors

piehouserat picture piehouserat on 23 Nov 2018

I think I'm getting the same with keycloak as the server

Powersource picture Powersource on 24 Nov 2020

Ok maybe not exactly the same one, but something's up with the silent renewal. I might open a new issue

Powersource picture Powersource on 24 Nov 2020

My issue https://github.com/bjerkio/oidc-react/issues/361 (not the same repo and maybe not the same issue but I think if someone ends up in this thread they might be having the same thing as me)

Powersource picture Powersource on 25 Nov 2020

Any update?

MikyChow picture MikyChow on 18 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rmja picture rmja  路  3Comments
saeed-badar picture saeed-badar  路  4Comments
primozs picture primozs  路  3Comments
arnaldo-infinite picture arnaldo-infinite  路  4Comments
wsimf picture wsimf  路  4Comments