Repeated calls to getUser() aborts restarts the SilentLoginTimer, causing expiration of token

[abergs]

Hi,

When calling the getUser() method repeatedly it will reset the SilentLoginTimers causing the silentLogin method to never to be called, ultimately expiring the token.

1. Recreate by following this guide: http://docs.identityserver.io/en/release/quickstarts/7_javascript_client.html

2. Enable silentlogin (myConfig):

var config = {
    authority: "http://localhost:5000",
    client_id: "webplatform1",
    redirect_uri: "http://localhost:5003/callback.html",
    response_type: "id_token token",
    scope: "openid profile api1",
    post_logout_redirect_uri: "http://localhost:5003/index.html",
    automaticSilentRenew: true,
    silent_redirect_uri: "http://localhost:5003/silent.html"
};

3. Click API button repeatedly.

Debug logs from console:

UserManager.getUser
15:03:37.717 Log.js:63 _loadUser
15:03:37.717 Log.js:63 WebStorageStateStore.get user:http://localhost:5000:webplatform1
15:03:37.717 Log.js:63 user storageString loaded
15:03:37.717 Log.js:63 User.fromStorageString
15:03:37.717 Log.js:68 user loaded
15:03:37.717 Log.js:63 UserManagerEvents.load
15:03:37.717 Log.js:63 AccessTokenEvents.load
15:03:37.718 Log.js:63 canceling existing access token timers
15:03:37.718 Log.js:63 Timer.cancel:  Access token expiring
15:03:37.718 Log.js:63 Timer.cancel:  Access token expired
15:03:37.718 Log.js:63 access token present, remaining duration: 65
15:03:37.718 Log.js:63 registering expiring timer in: 5
15:03:37.719 Log.js:63 Timer.init timer Access token expiring for duration: 5
15:03:37.719 Log.js:63 registering expired timer in: 66
15:03:37.719 Log.js:63 Timer.init timer Access token expired for duration: 66
15:03:38.091 Log.js:63 UserManager.getUser
15:03:38.091 Log.js:63 _loadUser
15:03:38.091 Log.js:63 WebStorageStateStore.get user:http://localhost:5000:webplatform1
15:03:38.092 Log.js:63 user storageString loaded
15:03:38.092 Log.js:63 User.fromStorageString
15:03:38.092 Log.js:68 user loaded
15:03:38.092 Log.js:63 UserManagerEvents.load
15:03:38.092 Log.js:63 AccessTokenEvents.load
15:03:38.092 Log.js:63 canceling existing access token timers
15:03:38.092 Log.js:63 Timer.cancel:  Access token expiring
15:03:38.093 Log.js:63 Timer.cancel:  Access token expired
15:03:38.093 Log.js:63 access token present, remaining duration: 64
15:03:38.093 Log.js:63 registering expiring timer in: 4
15:03:38.093 Log.js:63 Timer.init timer Access token expiring for duration: 4
15:03:38.093 Log.js:63 registering expired timer in: 65
15:03:38.093 Log.js:63 Timer.init timer Access token expired for duration: 65
15:03:38.198 Log.js:63 unchanged message from check session op iframe
15:03:38.435 Log.js:63 UserManager.getUser
15:03:38.435 Log.js:63 _loadUser

[brockallen]

Yes, because each time you load from storage the expiration might be different. If you have a workaround or better workflow, please suggest.

[abergs]

@brockallen Could we maybe check if the expiration have changed?

Or maybe before doing the TimersReset,check if the lastTimerTriggerAt was more than TimerTrigger seconds ago, if so. perform the TimerTrigger anyway.

I believe it's a problem because right now the pattern for fetching the current user in the docs will actually cause problems which are non intuitive.

[brockallen]

Ok, I'll have a look to see if I can make this smarter.

[brockallen]

I just made an update to try to address this. Not up on npm yet, but feel free to try it from a local build.

[brockallen]

I just released 1.5.0-beta.2. Let me know.

[brockallen]

I'll close to track completion, but please let me know here if any feedback. Thanks