Implicit Flow in Angular 5 Application: Successfully Authenticating but getIdentityClaims() returning NULL Values

Describe the bug There are at least two (2) other issues on GitHub that are similar to this one, but neither of them provide a clear solution to the problem. In my Angular 5 application, I am using a public API for authentication. I do not have “system administrator” access to the authentication/resource server, so I am unable to make any changes in this regard. I do know that its a Microsoft machine and does not have a discovery document (hence, I am using the tryLogin() method).

On the client side, I am able to initialize the Implicit Flow and make the call from within my Angular 5 code. There is no login button for the user to click: If the app does not detect an access_token, it automatically redirects the user to the login form, prompts them to authenticate using a Smart Card, and if successful, redirects them back to the app with the access_token and id_token in the URL query string.

At this point, everything works as expected. But when I attempt to run getIdentityClaims(), it returns null. In other issues I’ve read, some have asked are there console errors at this point. In my application IS a console error (in an earlier post I wrote that there wasn’t a console error): Error validating tokens. Wrong Issuer. This is odd because a token is returned in the URL.

The following are code snippets from my application. I’ve trimmed it down a lot for simplicity purposes, but will provide more detail if requested.

app.module.ts

imports: [
 OAuthModule.forRoot({
      resourceServer: {
          allowedUrls: ['https://apigw-stg.cdc.gov:8443/openid/connect/v1/userinfo'],
          sendAccessToken: true
      }
  })
]

authConfig.ts

export const authConfig: AuthConfig = {
  oidc: true, 
  issuer: 'https://apigw-stg.cdc.gov:8443/auth/oauth/v2',   
  loginUrl: "https://apigw-stg.cdc.gov:8443/auth/oauth/v2/authorize",
  redirectUri:  window.location.href,
  clientId: xxx,
  responseType: 'id_token token',
  scope: "openid profile email",
  tokenEndpoint:  'https://apigw.cdc.gov:8443/auth/oauth/v2/token',
  userinfoEndpoint: "https://apigw-stg.cdc.gov:8443/openid/connect/v1/userinfo",
  showDebugInformation: true,
  strictDiscoveryDocumentValidation: false, 
}

app.component.ts

constructor(private route: ActivatedRoute, private router: Router, private injector: Injector, private http: HttpClient, private oAuthService: OAuthService) {
     this.oAuthCall();
}

oAuthCall() {
     this.oAuthService.configure(authConfig); 
     this.oAuthService.setStorage(sessionStorage);
     this.oAuthService.tokenValidationHandler = new JwksValidationHandler();
     this.oAuthService.tryLogin();
}

runOnAppLoad() {
     let accessToken = SharedUtilities.getURLHashValue('access_token');  // Get token from URL
     if (accessToken) {                  
        const claims = this.oAuthService.getIdentityClaims();
        console.log(claims);  // VALUE IS NULL!
     else {
        this.oAuthService.initImplicitFlow();
     } 
}

Expected behavior Once authentication is successful and the user is redirected back to the application, calling getIdentityClaims() should return object or value other than null.

Desktop (please complete the following information):

• OS: Windows 10
• Browser: Chrome (Version 76.0.3809.100)