oidc-client
oidc-client copied to clipboard
AxaFrance
Silent Access token Refresh is not working. it is redirecting to authentication provider every 3-4 min while we have 15min timeout for accesstoken.
Issue and Steps to Reproduce
using following configuration..
const configurationIdentityServer = {
client_id: 'client_id',
redirect_uri: ${window.location.origin}/authentication/callback,
silent_redirect_uri:${window.location.origin}/authentication/silent-callback,
silent_login_uri: window.location.origin + '/authentication/silent-login',
// silent_login_timeout: 3600, // Optional default is 12000 milliseconds
scope: 'openid profile email offline_access',
response_type: 'code',
automaticSilentRenew: true,
authority: stsauthority(),
refresh_time_before_tokens_expiration_in_second: 60,
service_worker_relative_url: '/OidcServiceWorker.js',
service_worker_only: false,
post_logout_redirect_uri: ${window.location.origin},
token_renew_mode: TokenRenewMode.access_token_invalid,
};
Versions
"@axa-fr/react-oidc": "^6.22.0",
Screenshots
Expected
access_token should be renewed in background. without affecting onscreen tasks
Actual
Every 5 min it is redirecting to Authentication Provider and coming back , and showing error "An error Occured During Authentication".
hi @mohitthakur23 ,
Thank you for your issue, i may need more information what can help. do you have network error, or something in your debug console ?
does refresh_token is returned by the first request ?
hi, @guillaume-chervet I did a few modifications with the latest library version here is my latest config.->
const configurationIdentityServer = {
client_id: 'client_id',
redirect_uri: ${window.location.origin}/authentication/callback,
silent_redirect_uri:${window.location.origin}/authentication/silent-callback,
scope: 'openid profile email',
response_type: 'code',
automaticSilentRenew: true,
authority: stsauthority(),
refresh_time_before_tokens_expiration_in_second: 160,
service_worker_relative_url: '/OidcServiceWorker.js',
service_worker_only: false,
post_logout_redirect_uri: ${window.location.origin},
token_renew_mode: TokenRenewMode.access_token_invalid
};
it helped me do a silent refresh one time, but soon after it gives me the same error again with the console error "invalid state".
here is the flow - we have an access token timeout of 15 min after 12-13min of successful login into the application, service-worker starts a silent-callback request it gets successful. after successful updations of the token when the service-worker sends another request, it gives the above error. any help will be appreciated.
hi @mohitthakur23 ,
what is your oidc server?
may you given the content of the last token request ?
"State is not valid" seem to come from react oidc. I need more information to understand. Do you have this error if your remove service worker and uninstall from console debug mode?
hi @guillaume-chervet
we have disabled service-worker in configuration, and it worked fine till today,
but today we again got an invalid state error.
we have also noticed when we get this error ,browser is kind of stuck( showing redirected uri from auth server with authorization code) untill we reopen it in new tab.
hi @mohitthakur23 , do you have service worker well unregistered ?
Do you have more information? a video?