Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

silent token renew in identity server 4 with js client app not working as expected

Tags:

access-token

identityserver4

oidc-client-js

implicit-flow

I am working with identity server 4 to provide identity services to different apps in an enterprise arch.

Registered an SPA application using implicit flow with the identity server 4 app with oidc-client.js and is working.

But the problem is with token renew, need to preserve user login for a long period of time with out asking user to login again.

To make this happen implemented silent token renew with the following configuration.

var config = {
    authority: "http://localhost:5000",
    client_id: "jswebclient",
    redirect_uri: "http://localhost:5003/callback.html",
    response_type: "id_token token",
    scope: "openid profile api1",
    post_logout_redirect_uri: "http://localhost:5003/loggedout.html",
    automaticSilentRenew: true,
    silent_redirect_uri : "http://localhost:5003/callback.html" };

var mgr = new Oidc.UserManager(config);

with the above configuration automatic renew is happening but it is not silent renew as expected, complete page redirect to the redirect uri is happening to handle response from identity server.

for ex: index.html is my actual page in which silent renew happens and callback.html is the redirect uri , index.html is redirected to callback.html and then renewed and then redirected back to index.html, actual network log is attached below,enter image description here

can any one pls help me solve the issue to make silent renew happen.

like image 785
Mahesh Gupta Avatar asked Apr 17 '17 07:04

Mahesh Gupta

1 Answers

after googling a lot and referring to many articles i found out the issue, which is with the configuration, it worked after changing the configuration to the below 

var config = {
    authority: "http://localhost:5000",
    client_id: "jswebclient",
    redirect_uri: "http://localhost:5003/callback.html",
    response_type: "id_token token",
    scope: "openid profile api1",
    post_logout_redirect_uri: "http://localhost:5003/loggedout.html",
    automaticSilentRenew: true,
    silent_redirect_uri: "http://localhost:5003/silentrenew.html"   
};

var mgr = new Oidc.UserManager(config);

created a new silentrenew.html page to handle silent renew response and added the below script in the page

 <script>
    new Oidc.UserManager().signinSilentCallback();        
 </script>

thats all... it started working as expected.

like image 145
Mahesh Gupta Avatar answered Oct 09 '22 00:10

Mahesh Gupta
Sign in to Comment

Related questions

Set Javascript API accessToken
Renew long lived access token server side
Spring OAuth2 - Create an access token
Passport and Passport Local req.isAuthenticated always returns false
Refreshing an OAuth access token for Microsoft Live API
OAuth 2.0 Generating Token and Secret Token [closed]
Access token to encrypt or not
Cannot access application using the specified access_token
Keep token in YAML file *private/secure* (Coveralls.io)
Facebook full permission AccessToken alternative to Offline access token
Using Facebook Javascript SDK to get Graph Data
Facebook - permanent user access token
How to persist bearer token on client side

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!