angular-auth-oidc-client icon indicating copy to clipboard operation
angular-auth-oidc-client copied to clipboard

Published 20 hours ago verified publisher icon damienbod

[Bug]: Forced redirect to http:/

Open mills-andrew opened this issue 3 years ago • 10 comments

What Version of the library are you using? v13.1.0

Describe the bug When the authorization library logs in and performs its suggested checkAuth in appComponent ngOninit. It tries to redirect to http:/. Removing this check removes the redirect. If I don't wild card redirect back to another component. It sends a bug to the console.

Cannot match any routes. URL Segment: 'http:'

To Reproduce Redirect to a specific url. In my case it was http://localhost:4200/_signedin. In your app.component.ts NgOninit function. Perform the suggested checkAuth.

Expected behavior The redirect stays on _signedIn route. No forced redirect after logging in is performed.

Additional context I believe this could be an intentional feature. But I would like to be able to toggle it off. I don't want this package to control my redirects, I want it to tell my IDP what to redirectTo and to check if authenticated. Thats all.

mills-andrew avatar Feb 21 '22 15:02 mills-andrew

I agree with @NachoBoss. This happens in my project as well, and I do not want this library to force redirect to the main route.

diblaze avatar Mar 02 '22 13:03 diblaze

It seems like check-auth.service.ts#L137 will redirect always to the saved url. But this URL will be empty if not used in a route guard, therefore will redirec to '/' always?

diblaze avatar Mar 02 '22 13:03 diblaze

Seems that way. I am confused as I supply the redirect but it doesn't use it. Is the redirectUrl defined in the config settings different somehow?

mills-andrew avatar Mar 02 '22 14:03 mills-andrew

The redirectUrl in config should corrospond to the redirectUrl provided at the IDP. In my case redirectUrl is set to redirect to my auth-callback component, where I will do other checks. However this is not possible because checkAuth redirects to / before my component is able to do stuff.

diblaze avatar Mar 02 '22 15:03 diblaze

That's what I thought. It seems your workflow follows a similar one to mine.

mills-andrew avatar Mar 02 '22 15:03 mills-andrew

Current workaround is to save the URL locally before authorize . When getting back from the authorization process, navigate to the saved url.

This is what the library is trying to do I guess, but with a empty URL.

diblaze avatar Mar 02 '22 15:03 diblaze

Could you supply a code sample on how to save it? I assumed that was the workaround but I couldn't figure out how to get that redirect to go to a redirect I wanted to. I figured a redirect back to the windows origin is fine and then have this redirect go to my signed in component and have it do extra checks but I was having so much trouble trying to figure out the code to change that redirect.

mills-andrew avatar Mar 02 '22 15:03 mills-andrew

@NachoBoss Yes, I do the same as the library, but just locally. So I save the redirect URL to localStorage, and then retrieve in checkAuth, if there is an URL there, then I redirect.

localStorage.setItem(REDIRECT_URL_STORAGE, url); Then I retreive it in checkAuth: localStorage.getItem(REDIRECT_URL_STORAGE);

diblaze avatar Mar 04 '22 12:03 diblaze

so there user logs in, is redirected to your redirectUrl. Then this package redirects us to '/'. Then you redirect back or to a different route? Seems messy and hoppy

mills-andrew avatar Mar 04 '22 16:03 mills-andrew

Yes, until v14 comes out this is the workaround sadly. It is not hoppy for my use case as the redirect component has no html, so you do not notice the redirects.

I see in v14 documentation that redirectUrl can be set with the authorize method.

diblaze avatar Mar 04 '22 16:03 diblaze

Fixed in V 14.

FabianGosebrink avatar Aug 12 '22 17:08 FabianGosebrink