oidc-client authentication/callback not redirecting to the home page

Issue and Steps to Reproduce

Hi, @guillaume-chervet I found the issue when trying to log in and not redirecting to the home page.

Here is my configuration: Client (using react) running on : http://localhost:4200/ Identity Server (using openiddict) running on : https://localhost:7141/ -> I'm trying to register the wrong Application : http://localhost:4201/ (Wrong port)

when trying to log in, I got an error like this

when I Fix the registered Application in my Identity Server -> change it to http://localhost:4200/ success shows login form (only refresh the browser), but after login, it won't go to redirect Url, stuck like this image:

Versions

"dependencies": { "@axa-fr/react-oidc": "^5.10.0", }

Can you give me a suggestion? I have tried your sample in this repo, but the result still same.

but if the configuration is valid from the start, the issue not happened.

Thank you for your great work.

Jun 06 '22 13:06 frogerdevs

Hi @frogerdevs thank you very much for your issue.

Does the flow work if the configuration is valid from the beginning?

When you are stuck, do you have an error message in the javascript console?

Jun 06 '22 14:06 guillaume-chervet

Hi, @guillaume-chervet thanks for your reply,

Yes, it works great when the configuration is valid from the beginning.
Here's the capture I got when it's stuck

does it help?

Thanks

Jun 06 '22 16:06 frogerdevs

I found a way to reproduce it but i do not know how to fix it yet ^^

Jun 07 '22 15:06 guillaume-chervet

Does the version 5.10.1 fix your issue? It is a bug quite hard to debug ^^

Jun 08 '22 23:06 guillaume-chervet

hi @guillaume-chervet,

I have already updated to version 5.10.1, and still have the same problem.

Jun 09 '22 05:06 frogerdevs

Thank you for the feedback @frogerdevs . I will make some tests again today.

Jun 09 '22 05:06 guillaume-chervet

Thanks for keeping me updated. I hope it will fix soon. God bless you.

Jun 09 '22 06:06 frogerdevs

@guillaume-chervet Thanks for looking into this. Just checking, is this issue fixed, if yes in which version?

Jun 14 '22 17:06 khyapate

I suspect it is link to service worker, because sometime a response promise is never resolved. I am making test all day long but I dont find it.

Jun 14 '22 18:06 guillaume-chervet

Thanks @guillaume-chervet for your quick response.

Jun 14 '22 18:06 khyapate

I pushed a fixed yestaday. I suspect 2 things, so i make a first try. It hard to reproduce debug.

Jun 20 '22 06:06 guillaume-chervet

I will test a lot that fix today.

Jun 20 '22 06:06 guillaume-chervet

Thanks @guillaume-chervet for the updates.

Jun 20 '22 17:06 khyapate

I do not know why but the request token sometime is stuck and never respond. The timeout security i have added work but it fall as an error. The problem is that it seems imposible to reproduce it in debug mode. I really need to fix it.

Jun 21 '22 06:06 guillaume-chervet

@guillaume-chervet thanks for all the effort. I do see this issue in my development environment where redirect_url (pointing to application url : http://localhost:8000/appName) is invoked repeatedly instead of exchanging code for token. I had checked my identity provider to make sure redirect_url is properly configured and I do receive code . Any clues will be helpful thanks again.

Jun 27 '22 13:06 JProbe

Hi @JProbe ,

Your redirect_uri must be an uri not used by your application. For exemple : https://localhost:8000/appName/oidc-callback

Jun 27 '22 18:06 guillaume-chervet

@guillaume-chervet I had fixed redirect_url to https://localhost:8000/appName/authentication/callback. Now I see IdentityProvider sending code and state via redirect URL but I am running into 404 error. It seems react-oidc expects issuer or ISS as a paramer along with others. My identityProvider doesn't support issuer in redirect_url yet. By any chance do you know if I can downgrade to some older version of react-Oidc so that ISS (issuer) is not needed and make this work ?.

Jul 07 '22 13:07 JProbe

Hi @JProbe , hash redirect is now supported. If you have a 404 it is because of server side configuration of your react application.

You can use an uri like : https://youdomain.com#callbackurl

It should work.

Jul 07 '22 13:07 guillaume-chervet

Hi @JProbe , did you try hash redirect? Did you solve ypur problem?

Aug 16 '22 09:08 guillaume-chervet

I'm having a similar issue, but i get stuck on the /callback page, and see this message in the console: Delivering authorization response

it doesn't move from here. It logs the users token, etc.. I'm trying to implement something to similar to signinRedirectCallback, is this possible with this library? Should I open a new issue for discussion?

Aug 18 '22 21:08 drod21

Hi @JProbe , did you try hash redirect? Did you solve ypur problem?

Hello @guillaume-chervet it hasn't worked for us.Our Identity provider doesn't support "iss" parameter and library seem to expect iss or issuer parameter after authorization call.We had to move to other library owing to time constraints.

Aug 18 '22 22:08 JProbe

Hi @JProbe , @drod21 what are your oidc provider name in order to make some test? Appauthjs used in background seems compatible with all oidc provider. If not, we can request update or build one.

Aug 19 '22 06:08 guillaume-chervet

@guillaume-chervet we use IdentityServer 4.

Any idea on how to debug why/where it’s “stuck”? I’m assuming it might be a configuration issue, but just not sure?

Aug 19 '22 09:08 drod21

Hi @drod21 , may you put your oidc configuration here? Identity server 4 must work with react oidc. I will test on the next monday. Did you git clone the demo and remplace the configuration by yours?

Aug 19 '22 12:08 guillaume-chervet

Yep! @guillaume-chervet here you go:

const url = `${window.location.protocol}//${window.location.hostname}${
	window.location.port ? `:${window.location.port}` : ''
}

export const oidcSettings: OidcConfiguration = {
	authority: authUrl,
	authority_configuration: {
		authorization_endpoint: `${authUrl}/connect/authorize`,
		check_session_iframe: `${authUrl}/connect/checksession`,
		end_session_endpoint: `${authUrl}/connect/endsession`,
		revocation_endpoint: `${authUrl}/connect/revocation`,
		token_endpoint: `${authUrl}/connect/token`,
		userinfo_endpoint: `${authUrl}/connect/userinfo`,
	},
	client_id: process.env.REACT_APP_CLIENT_ID ?? '',
	extras: { acr_values: 'tenant:xxxx', issuer: authUrl },
	redirect_uri: `${url}/callback`,
	scope: 'openid *_api profile offline_access', // *_api is placeholder for our api scopes, excluding for post purposes
	silent_redirect_uri: `${url}/callback`,
	token_request_timeout: 60000,
}

I'll give cloning the demo a try and replacing with my config.

Aug 19 '22 12:08 drod21

Thank you @drod21 , you cannot use the same callback uri for silent signin in v6. It may be the problem. What happen if you comment silent login uri for a test purpose.

Aug 19 '22 12:08 guillaume-chervet

sunuva - that worked! thanks. I'll create a new issue if i run into other issues.

Appreciate the help!

@guillaume-chervet if i want to use silent login/refresh tokens, would i comment out redirect_uri?

Aug 19 '22 12:08 drod21

You may also remove authority_configuration. It should work with identity server 4.

Aug 19 '22 12:08 guillaume-chervet

Hi @frogerdevs , thank you for the issue. I close it because i think it all rigth now. Feel free to reopen it if you need it.

Feb 05 '23 07:02 guillaume-chervet