okta-auth-js
okta-auth-js copied to clipboard
okta
tokenManager 'error' event not getting fired on expired token
Hello, my team is experiencing an issue on Safari desktop browser only where the tokenManager.on('error') subscription is not receiving an error event when the current token has expired and a network request is made.
We are using version 2.11.0
This is working as expected on other browsers. Instead, in Safari we are seeing the following errors in the console:
Unrecognized Content-Security-Policy direction 'report-to'.
error.errorCode: login_required, error.description: The client specified not to prompt but the user is not logged in.
I've confirmed that we had previously subscribed to the error with:
authClient.tokenManager.on('error', (error: any) => {
console.log("TokenManager error", error);
})
And the above console log is not found anywhere.
Any advice or thoughts on a workaround to make sure we are able to successfully log the user out on an expired token?
@chadmg - Thanks for the report. Can you clarify a few things?
- are you saying there IS an error, but the error event isn't fired?
- are you saying the error event DOES fire on other browsers, but not on Safari?
@chadmg - Thanks for the report. Can you clarify a few things?
- are you saying there IS an error, but the error event isn't fired?
Yes, the error event should have been fired but it is not.
- are you saying the error event DOES fire on other browsers, but not on Safari?
Yes, the error event is fired and received properly on Chrome, we are able to correctly log the user out and ask them to log back in. On Safari, no error event is ever fired.
Thanks @swiftone !
@chadmg The safari issue may cause by the Prevent cross-site tracking was enabled in the browser.
With the current version of okta-auth-js, you can add offline_access to scopes to enable refresh token feature to bypass the third party cookie restrictions.
Reference: https://developer.okta.com/docs/guides/refresh-tokens/overview/
