2

I am getting below error enter image description here

I am having below UserManagerSettings

private getClientSettings(loginType?): UserManagerSettings {
    let logout;
    if (window.sessionStorage.getItem('loginType') === 'Internal') {
      logout = environment.post_logout_redirect_uri + 'biz-admin';
    } else {
      logout = environment.post_logout_redirect_uri;
    }

    return {
      authority: environment.authority,
      client_id: environment.client,
      redirect_uri: environment.redirectUri,
      post_logout_redirect_uri: logout,
      response_type: 'id_token token',
      scope: environment.scopes,
      filterProtocolClaims: true,
      silent_redirect_uri: 'http://localhost:4200/assets/silent-refresh.html',
      loadUserInfo: true,
      extraQueryParams: {
        loginType: loginType,
      },
    };
  }

Below adds an expiring event

this.manager.events.addAccessTokenExpiring(x => {
  this.renewToken().then(u => {
    this.user = u;
  });
});

Below functions call sign in silent

 public renewToken(): Promise<User> {
    return this.manager.signinSilent(this.getClientSettings('Internal'));
  }

Silent-refresh.html

<script src="https://cdnjs.cloudflare.com/ajax/libs/oidc-client/1.7.0/oidc-client.js"></script>
<script>
  var mgr = new Oidc.UserManager();
  mgr.signinSilentCallback().catch(error => {
        console.error(error);
    });
</script>

URI, I have custom logic based on loginType

redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fassets%2Fsilent-refresh.html&response_type=id_token&scope=openid&state=307b01d8e3234027b92e0f2920364d4a&nonce=c8d110e677bd4fc8a993b77798893edf&prompt=none&loginType=undefined

Also, I have correct redirect URI in the database, still, renew do not work. renewtoken() gets called but never comes back to 'then' code.

Questions -

  1. How does silent renew manages to get access_token? does it take saved id password from somewhere?
  2. How can I send extra query params to signInSilent() it is undefined even after I am passing it as params, how does signInSilent() gets the user manager setting?
Ishika Jain
  • 949
  • 2
  • 11
  • 23
  • If I use automaticsilentrenew: true I do not get frame timeout error but login type is still undefined, and where can I receive the user in that case? I added user load event but it did not trigger after silent renew get called. – Ishika Jain Jul 11 '20 at 08:42
  • I observed this error comes http://localhost:4200/assets/silent-refresh.html#error=login_required&state=8d9934fc15cc44da9927fd940efc4586 with below request authorize?client_id=GhipLocal&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fassets%2Fsilent-refresh.html&response_type=id_token&scope=openid&state=8d9934fc15cc44da9927fd940efc4586&nonce=20d96f83442b4a69aa4e13706338c3e5&prompt=none&loginType=undefined Also response type is id_token – Ishika Jain Jul 12 '20 at 02:56

1 Answers1

0

I managed to solve my issue by following steps-

Startup

 services.AddIdentityServer(options =>
            {
                options.Authentication.CookieLifetime = TimeSpan.FromDays(30);
                options.Authentication.CookieSlidingExpiration = true;
            })

services.AddAuthentication(x => x.DefaultAuthenticateScheme = IdentityServer4.IdentityServerConstants.DefaultCookieAuthenticationScheme);

Logout

public async Task<IActionResult> Logout(LogoutInputModel model) { await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.DefaultCookieAuthenticationScheme);}

There is nothing at the angular side, we need to configure the above setting at identity server code

Thanks to below user's comment https://github.com/IdentityModel/oidc-client-js/issues/911#issuecomment-617724445

Ishika Jain
  • 949
  • 2
  • 11
  • 23