Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

silent refresh not working

See original GitHub issue

Problem: In the sample application the silent refresh is not working. The same happens if I try it with a config for my own KeyCloak Server:

Found following log messages in the conosle:

angular-oauth2-oidc.umd.js:612 sessionCheckEventListener wrong origin http://localhost:4200 expected https://steyer-identity-server.azurewebsites.net/identity
angular-oauth2-oidc.umd.js:612 got info from session check inframe MessageEvent {isTrusted: true, data: "#error=login_required&state=WyjkaQ4byB6pGzoi7cEHAd8YxxOBrL2lVktl9Cyp", origin: "http://localhost:4200", lastEventId: "", source: Window, …}
angular-oauth2-oidc.umd.js:612 parsed url {error: "login_required", state: "WyjkaQ4byB6pGzoi7cEHAd8YxxOBrL2lVktl9Cyp"}
angular-oauth2-oidc.umd.js:612 error trying to login
app.component.ts:46 oauth/oidc event OAuthErrorEvent {type: "silent_refresh_error", reason: {…}, params: null}params: nullreason: {error: "login_required", state: "WyjkaQ4byB6pGzoi7cEHAd8YxxOBrL2lVktl9Cyp"}type: "silent_refresh_error"__proto__: OAuthEvent
app.component.ts:46 oauth/oidc event OAuthErrorEvent {type: "token_error", reason: {…}, params: {…}}
angular-oauth2-oidc.umd.js:612 tryLogin during silent refresh failed OAuthErrorEvent {type: "token_error", reason: {…}, params: {…}}params: {error: "login_required", state: "WyjkaQ4byB6pGzoi7cEHAd8YxxOBrL2lVktl9Cyp"}reason: {}type: "token_error"__proto__: OAuthEvent
home.component.ts:75 refresh error OAuthErrorEvent {type: "silent_refresh_error", reason: {…}, params: null}

the last message in detail:

OAuthErrorEvent {type: "silent_refresh_error", reason: {…}, params: null}
params: null
reason: {error: "login_required", state: "WyjkaQ4byB6pGzoi7cEHAd8YxxOBrL2lVktl9Cyp"}
type: "silent_refresh_error"

caused / catched by following code

 testSilentRefresh() {
        /*
         * Tweak config for implicit flow.
         * This is needed b/c this sample uses both flows
        */
        //this.oauthService.clientId = "spa-demo";
        this.oauthService.oidc = true;

        this
            .oauthService
            .silentRefresh()
            .then(info => console.debug('refresh ok', info))
            .catch(err => console.error('refresh error', err));
    }

Steps to reproduce:

  1. Run sample app with npm run start
  2. Click Login, login with max/geheim
  3. Click Test silent refresh

Expected behavior: No error is thrown

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:6

github_iconTop GitHub Comments

4reactions
AndrewNikolincommented, Nov 13, 2020

@lamnv5490 You can work around this issue by setting chrome://flags/#same-site-by-default-cookies to Disabled and relaunching Chrome

2reactions
a2glukhovcommented, Apr 7, 2020

In your silent-refresh.html file repleace this code:

parent.postMessage(location.hash, location.origin);

with the folowing:

(window.opener || window.parent).postMessage(location.hash || ('#' + location.search), location.origin);

Read more comments on GitHub >

github_iconTop Results From Across the Web

Silent Refresh not working after Google Chrome updated to ...
Hello, I am using angular-oidc-auth2 v9.2.0 to request token renewal by silent refresh. I am using implicit flow. it was working good until ......
Read more >
Silent refresh is not working in angular oauth oidc
This event is getting captured in the angular-oauth2-oidc.js in silentRefreshPostMessageEventListener. But the problem is the message I am ...
Read more >
Angular Oidc Refresh Timeout - StackBlitz
Run `ng serve --open` to get it running on ... /localhost:4200/silent-refresh.html` for this. to work. ## Example. The application is supposed to look ......
Read more >
Silent Refresh - angular-oauth2-oidc
This is a well-known solution that compensates the fact that implicit flow does not allow for issuing a refresh token. It uses a...
Read more >
How to do silent refresh from SPA that uses implicit flow
Hi Ashin,. You need to have an active session with Okta to be able to get new tokens (without a refresh token). Refresh...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Problems when token is not existing

Next page

Implicit and password flow together - demo