angular-auth-oidc-client icon indicating copy to clipboard operation
angular-auth-oidc-client copied to clipboard

Published 20 hours ago verified publisher icon damienbod

[Question]: Option to control/bypass session storage mechanism

Open prakashsatyani opened this issue 4 months ago • 2 comments

What Version of the library are we using? 15

Question After upgrading from angular-auth-oidc-client library for Angular 13 to the version for Angular 15, we noticed a change in behavior regarding token storage and the handling of the token.oauth API call.

Previously (Angular 13 version), the token.oauth API call was made on every page reload, ensuring that the latest authentication token was retrieved. However, in the Angular 15 version of the library, the token is now being stored in session storage. Upon page reload, if the token is present in session storage, the token.oauth API call is not triggered.

This new behavior is causing an issue in our use case, as we rely on always making the token.oauth API call to fetch an updated token and ensure proper authentication. This also presents a security concern for some of our partners.

Request Is there any way to:

  • Comment out or bypass this session storage mechanism?
  • Provide a configuration option to enable or disable this behavior based on the use case?

Having control over this behavior would be helpful, as different use cases may require either always making the token.oauth API call or relying on session storage for performance optimization.

We appreciate your support and look forward to any suggestions or workarounds.

prakashsatyani avatar Oct 11 '24 14:10 prakashsatyani