Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Refresh token redirects to the initial state url
See original GitHub issueI am using this code (with Code Flow) to be redirected to the initially used url by which the app was called.
constructor(private oauthService: OAuthService, private router: Router) {
this.oauthService.configure(authConfig);
this.oauthService.setupAutomaticSilentRefresh();
this.oauthService.events.subscribe(e => {
if (e.type === 'token_received') {
if (this.oauthService.state && this.oauthService.state !== 'undefined' && this.oauthService.state !== 'null') {
let stateUrl = this.oauthService.state;
if (stateUrl.startsWith('/') === false) {
stateUrl = decodeURIComponent(stateUrl);
}
this.router.navigateByUrl(stateUrl);
}
}
});
}
For this case the code works as expected.
But the token refresh also uses this code and because of this the user is always redirected to the initially used url and stays not on the current url. Is there any mistake with my intention or configuration?
Issue Analytics
- State:
- Created 2 years ago
- Comments:6
Top Results From Across the Web
The Authorization Response - OAuth 2.0 Simplified
With the Implicit grant ( response_type=token ) the authorization server generates an access token immediately and redirects to the callback URL with the...
Read more >Storing access token from a redirect url by an external api
Refresh tokens on regular intervals ( defined by you); Access token directly in code wherever you want; Store token in Session Storage or...
Read more >How can I redirect the user to the original URL after access ...
The redirectUri has been configured in my IDP and is valid: After successful login the user is redirected to http://localhost:4200/ ...
Read more >Using OAuth 2.0 for Web Server Applications | Authorization
The client library also generates correct redirect URLs and helps to ... server to return a refresh token and an access token the...
Read more >Redirect with Actions - Auth0
Due to the fact that using a refresh token requires a backchannel call to /oauth/token , this will also fail if attempting to...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Thanks. Pefect. Works as expected.
Ah yes oh I now see you already had it in your original post, the culprit is at:
I was confused for a moment, because otherwise your code seems to come straight from my example implementation which does not do it on
token_receivedbut only on application bootstrap.You then basically have two options:
Basically both come down to “if you dont want to run the code on token_received, then don’t do it”; I don’t think there’s any other way.