-
Notifications
You must be signed in to change notification settings - Fork 841
signinSilent() does not working correctly after restarting the browser (only in IE and Firefox) #536
Comments
What's the error you get back? I suspect it's |
Yes you are right, the error is 'login_required' |
It means the user needs to login again - their session is no longer active at the token server. |
To reach a high level of security, I use the IdentityServer in the following way: After 4 weeks the user need to login again. For this I set the following configuration on the server:
So in Chrome everything works as expected. I don't understand why in IE or Firefox the Thanks for helping! |
Sorry, but you'll have to debug why those browsers are not honoring your cookie. |
I try to find the problem since two days.Okay, a soon as I found a solution, I will post it ... |
I found the problem and a workaround. Problem: I use a custom view for my IdenityServer (for developing the custom view I used this sample as template). In the login template I remove the "rememberMe" checkbox, because I want to set the property always true. For this I add the following code in my CustomViewService:
Workaround: Because setting the rememberMe property programmatically doesn't work in all browsers, I modify the default model (which is bound to the html controls). For this I add the following line code to the getModel() function in the app.js file
Now the checkbox for rememberMe is checked as default and refreshing the access token also works after restarting the browser. So if there is a better way to setting the rememberMe property to true as default, please tell me. |
All set on this issue -- can we close? |
My workaround works. So you can close it! Thanks! |
To test my oidc implementation, I configure the AccessTokenLifetime to 120 (2 minutes). After authenticating in my application, the browser refresh the access token correctly after 2 minutes. For this the browser create a request with some cookies to the IdentityProvider
After closing the Internet Explorer and restarting it later, the application calls the signinSilent() methode of the oidc-client, because the AccessToken is expired, but this doesn't work. I believe that the problem is, that the IE creates now the request without the cookies (see RefreshAccessTokenRequestWithoutCookies.PNG).
In Chrome everything works fine. Any idea what could be wrong here?
The text was updated successfully, but these errors were encountered: