angular-auth-oidc-client icon indicating copy to clipboard operation
angular-auth-oidc-client copied to clipboard

Published 20 hours ago verified publisher icon damienbod

[Question]: Offline Access

Open AlexBollmann opened this issue 3 years ago • 4 comments

What Version of the library are you using? 13.1.0

Question I am currently working on an angular app, and now offline access should be added to this project. I want to use the angular progressive web app (PWA) functionality for that. The problem here is, my app is guarded if not logged in. So if the access-token expires or you accidently hit logout when you are offline, theres no way to use the app. (Also, you cant switch users when offline, which is not required for me, but would be nice. I think this is problematic because the endpoint is not there to authenticate, so no Idea if this would work).

I researched this issue because I think this should be a common problem and OpenId should cover it. In the OpenID docs I found this: https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess.

As I'm using keycloak, I also found this in the keycloak documentation: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/sessions/offline.html They are talking about offline tokens, which do not expire by time.

So my question is, is this topic covered by this library? If yes, how do I do it, because i could not find anything on this in the documentation. If no, any ideas how to implement this? Maybe using custom storage?

Thank you for any hints regarding this problem.

AlexBollmann avatar Feb 15 '22 08:02 AlexBollmann

Hi @AlexBollmann

Yes the lib supports offline_access and most samples are implemented using this. If you use this with a PWA, you need to my the lifespan of the token work with your requirements and also the PWA "IDP requests" should be executed using the server and not cached.

Greetings Damien

damienbod avatar Feb 15 '22 15:02 damienbod

Thanks for responding. So I just have to get the keycloak offline settings right and thats it? Or is there additional coding to do? I did browse through the examples, but I could not point out where offline is implemented, because I don't really know what to look for..

There will just be some calls that will be chached, I don't think I will need to cache identity provider calls at all..

AlexBollmann avatar Feb 22 '22 08:02 AlexBollmann

I don't think this is super clear in the documentation and I think thats a legit question. Very sad this is just being closed.

AlexBollmann avatar Mar 01 '22 09:03 AlexBollmann

@AlexBollmann Would you like to create a PR?

Greetings Damien

damienbod avatar Mar 01 '22 10:03 damienbod

Is this issue still relevant?

FabianGosebrink avatar Dec 08 '22 13:12 FabianGosebrink

Closing as there hasn't been any response from the issue author. Please re-open if you are still seeing problems here.

FabianGosebrink avatar Feb 17 '23 06:02 FabianGosebrink