oidc-client-js

问题 On my application I have a timeout feature so when the user is idle for X minutes I want to sign out from Identity Server. My first attempt was to manually create the call without having the user to navigate to the Logout controller. This code looks like this (Angular + TS): this.userManager .createSignoutRequest({ id_token_hint: this.user && this.user.id_token }) .then(signout_request => { this.http .get(signout_request.url, { responseType: 'text', headers: new HttpHeaders().set

问题 I'm trying to implement a third-party auth in my sign up page, but I can't get it to work with IdentityServer4. I have it working in my login page since the oidc client is initiating the login request. However the oidc client is not aware of a request to my registration page, so when I send an auth token back, it doesn't recognize the state and throws an exception: 'No matching state found in storage'. I know IdentityServer4 does not officially support user registration. I've got registration

问题 I'm using the Identity oidc-client-js library and calling this.usermanager.signoutRedirect({ somedata: someObject.Id }); Then in the logout endpoint I do this with the IdentityServer interaction service var logoutRequest= await _interaction.GetLogoutContextAsync(logoutId); I would have expected the somedata to show up in the Parameters property of the LogoutRequest but it doesn't. So how do I add some extra parameters to the signout? I noticed I can return a { state: 'somedata' } but I don't

来源： https://stackoverflow.com/questions/58942766/identity-server-4-silent-renew-errorresponse-login-required

来源： https://stackoverflow.com/questions/63901667/oidc-client-js-silent-access-token-renew-breaks-because-identity-server-authent

问题 I've done auth with google when client auth, receive token_id, send it to server and server retrieve client account info base of that token_id. It was pretty easy because it was documented. Now I try to do with Steam but literally I have 4 rows about OpenID in steam docs. I start using an openID browser lib oidc-client-js but steam docs doesn't help me. The openID lib require this fields: authority client_id redirect_uri response_type scope Steam docs offer just the provider, key and domain

问题 I am facing a weird problem. I am able to do the silent renew, but my IdP cookie is getting sliding. More into the problem... I have an IdP session cookie (IdentityServer) lifetime set to expire in 15 minutes and I kept the same time for the access token and id token lifetime too. On my JavaScript client, I check user activity every 2 minutes and if there is activity in the last 2 min, I will renew the token. I am able to get the access token and id token with renewed expiration times, but

问题 I think this is an error related to angular 5.2.8 & 6 . With angular 5.2.7 work fine. I create a ng5 branch and update angular to latest 5.2.8 and the error com in! anybody can direct me to an angular 5.2.8 and later sample with oidc-client-js ? 回答1: It is caused by URI encoding of state in the window.location.hash. For me this fix the issue: if (window.location.hash) { window.location.hash = decodeURIComponent(window.location.hash); // authorizedCallback returns wrong result when hash is URI

问题 I have an issue with the silen refresh with oidc-client. The signin works fine and I'm able to acquire a token. However, the silent refresh doesn't fire, nothing happen, and when I subscribe to methods that check token expiracy (methods in subscribeevents in authservice.ts), these methods never fire, and method isLoggedIn() always return true event if the token has expired!!!!! Someone could help me? Here is my code : import { Component, OnInit } from '@angular/core'; import { UserManager }

问题 Here's some background, I'm using implicit flow and my token is JWT. To logout, I'm using the method call signoutRedirectCallback. I want to be able to properly logout. So that I can login as a different user. When doing so, I still have the token from the last user? Is there a way to completely log the user out so that it doesn't have the last user's token? The token still persists for some reason. It seems that the only way to truly logout is when the browser page is closed and the cookie