Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Question] - Re: Authorizing in a popup or iframe, how to "pass state" back to parent window?
See original GitHub issueUltimate goal is to not require client app reload when log in is necessary.
I have from Authorizing in a popup or iframe
login() {
this.oidcSecurityService.authorize((authUrl) => {
// handle the authorrization URL
window.open(authUrl, '_blank', 'toolbar=0,location=0,menubar=0');
});
}
I am reaching but tried the following… On the STS I created a SilentRenew View with the following script block.
@section script
{
<script>
window.onload = function () {
/* The parent window hosts the Angular application */
var parent = window.parent;
/* Send the id_token information to the oidc message handler */
var event = new CustomEvent('oidc-silent-renew-message', { detail: window.location.hash.substr(1) });
parent.dispatchEvent(event);
};
</script>
}
And my OpenIDImplicitFlowConfiguration is like this:
openIDImplicitFlowConfiguration.stsServer = 'http://localhost:5000';
openIDImplicitFlowConfiguration.redirect_url = 'http://localhost:4200';
openIDImplicitFlowConfiguration.client_id = 'angularOidcClient';
openIDImplicitFlowConfiguration.response_type = 'id_token token';
openIDImplicitFlowConfiguration.scope = 'webapi openid';
openIDImplicitFlowConfiguration.post_logout_redirect_uri = 'http://localhost:4200';
openIDImplicitFlowConfiguration.start_checksession = false;
openIDImplicitFlowConfiguration.silent_renew = true;
openIDImplicitFlowConfiguration.silent_renew_url = 'http://localhost:5000/Account/SilentRenew';
openIDImplicitFlowConfiguration.post_login_route = '/home';
// HTTP 403
openIDImplicitFlowConfiguration.forbidden_route = '/Forbidden';
// HTTP 401
openIDImplicitFlowConfiguration.unauthorized_route = '/home';
openIDImplicitFlowConfiguration.log_console_warning_active = true;
openIDImplicitFlowConfiguration.log_console_debug_active = true;
openIDImplicitFlowConfiguration.max_id_token_iat_offset_allowed_in_seconds = 10;
When the window opens, and after successful log in, its redirected to the “post_login_route” of /home.
I need to close that window and pass the window.location.hash(I presume?) back to the parent form and then automatically close the window. I assumed I do that with new CustomEvent.
Do I create a custom View for openIDImplicitFlowConfiguration.redirect_url or ??
Thanks for any help
Issue Analytics
- State:
- Created 5 years ago
- Comments:37 (21 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
this.oidcSecurityServiceis not defined for whatever reason. You’ll need to figure out why.My guess is that you aren’t binding corrently, and thus losing scope of
this.also, when you do figure out why, you’ll need to pass the hash from the event to the
authorizedCallback()call.so like:
@profet23 I don’t think so, because this is not really a standard flow and the silent renew code is documented as well as this issue. But if you have an idea that would help, it’s always good.
Greetings Damien