8

I am trying to replace the old oidc-token-manager with oidc-client in my angular app, but I keep getting this error "No state in response", I have look at brockallen sample to learn how to use it, but not luck so far. Here is what I have in my service.

var config = {
                client_id: "myClient"
                , redirect_uri: "http://127.0.0.1:51899/callback.html"
                , response_type: "id_token token"
                , scope: "openid profile test"
                , authority: "https://localhost:44369"
            };
            var mgr = new Oidc.UserManager(config);

and similar thing on my callback page.

This is what I have in my mainController

var tokenManager = {
            mgr: {}
        };
        tokenManager.mgr = oidc.tokenManager();
        startSigninMainWindow(tokenManager);

        function startSigninMainWindow(tokenManager) {
            tokenManager.mgr.signinRedirectCallback().then(function (user) {
                var data = user.state.some;
            }, function (err) {
                console.log(err); // err:'No state in response'
            });
        }

Could any body tell me what I am doing wrong? Thanks. PS: BTW, I don't even get to see the login screen in the Identity Server any more

Peter
  • 123
  • 1
  • 9
  • Enable logging and see where the error comes from. – Brock Allen Aug 22 '16 at 13:20
  • I have logging enabled, but it doesn't say much. UserManager.signingRedirectCalback, RedirectNavigator.url , _signingEnd, OidcClient.processingSigningResponse, UrlUtility.parseUrlFragment this is all the information in the logging. – Peter Aug 22 '16 at 16:24
  • 3
    Did you ever resolve this - am having the exact same issue – SteveL Mar 02 '17 at 10:30
  • 1
    With angular 5.2.8 I had the same issue. I put the line: window.location.hash = decodeURIComponent(window.location.hash); before calling signinRedirectCallback on UserManager. Give it a try. This is a breaking change in Angular 5.2.8 that they started to encode the hash. But I do not really understand the details. – Daniel Leiszen Mar 22 '18 at 23:15

2 Answers2

1

In my case, there was garbage in the Local Storage. Open the chrome debugger "Application" tab and clear all the Local and Session storage. Then reload the app.

NOTE: as a developer you need to know that oidc-client uses session/local storage for a cache. It does not refresh the cache if, for example, you change the configuration of your token. You must manually clear the storage.

John Henckel
  • 10,274
  • 3
  • 79
  • 79
  • This was a small piece in a very long puzzle, but thank you for pointing me to the Local and Session storage. Just to help answer the actual question, it turned out that my Client was sending a "state" param (And it's value was a key to lookup a state object in Local storage), but my Server was not sending the "state" back. And so, "No state in response". – Matthew Peel Mar 26 '20 at 15:51
0

In my case, someone was calling the /login callback route directly from the UI code. The /login route should only be called by the SSO server (Identity Provider, whatever you call it) and never by the UI itself. So in our authGuard we replaced this.router.navigate(['/login']); with this.userManager.signinRedirect(); and it cleared right up.

Ron Newcomb
  • 2,886
  • 21
  • 24