angular-auth-oidc-client icon indicating copy to clipboard operation
angular-auth-oidc-client copied to clipboard

Published 20 hours ago verified publisher icon damienbod

Fire event when valid token is being loaded from store

Open ThorstenKunz opened this issue 3 years ago • 2 comments

Is your feature request related to a problem? Please describe. I need to update some UI elements based on information from an AccessToken. I tried to register to the NewAuthenticationResult event type. That works well for the initial authentication flow as well as renewals. But it failes on page reload when the token is being loaded from session store because no event is fired and the UI elements or the refreshed app are stuck in default state without any info from the accessToken.

Describe the solution you'd like I need some kind of event fired via PublicEventService when a valid token is loaded from the store instead of a regular flow. This could either be a NewAuthenticationResult or a new created event type like TokenLoadResult

ThorstenKunz avatar Nov 03 '21 16:11 ThorstenKunz

Thinking about this somewhat more it would be great if there would be an event emitted whenever the current token gets updated/changed. The following scenarios would then all generate a NewAccessToken event:

  • initial login via a flow
  • a new token was fetched via an existing refresh token
  • existing token was restored from store upon e.g. page reload

Given that often roles or other custom assertions are part of the token this would be very helpful and would allow to react to eventual changes in the token data.

ThorstenKunz avatar Nov 09 '21 10:11 ThorstenKunz

Just wanted to add that we would also have a use case for this. We just migrated from another oidc lib to this one (really great work btw.) and the last thing I have to solve is to refresh the session after the user reloads the page. Forcefully calling the forceRefreshSession method at startup is not very efficient and also breaks the flow after full login with our auth server (idsrv4). I suspect that the refresh token is then accidentally used twice. So the suggestion from Thorsten Kunz sounds really good imho and would help us to cleanly distinguish between the different scenarios.

Tre665 avatar Dec 03 '21 09:12 Tre665

Is this issue still relevant?

FabianGosebrink avatar Nov 30 '22 06:11 FabianGosebrink

Closing as there hasn't been any response from the issue author. Please re-open if you are still seeing problems here.

FabianGosebrink avatar Dec 08 '22 12:12 FabianGosebrink