Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

silent_refresh erro on remote identity provider #59

Closed
alvaroamorim opened this issue Sep 2, 2020 · 3 comments
Closed

silent_refresh erro on remote identity provider #59

alvaroamorim opened this issue Sep 2, 2020 · 3 comments
Labels
question This is/seems (currently) more a question than an issue with the code.

Comments

@alvaroamorim
Copy link

Folks,

Did you face this problem?

When executing this project, if the angular app and the keycloak are on the same server, the example runs perfectly (local). When changing to a remote keycloak, after log in, the silent_refresh_error occurs.

The only difference is the issuer.

It works:

export const authConfig: AuthConfig = {
issuer: 'http://localhost:8080/auth/realms/myrealm',
clientId: 'spa-sigga-platform', // The "Auth Code + PKCE" client
responseType: 'code',
redirectUri: window.location.origin + '/index.html',
silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
scope: 'openid profile email', // Ask offline_access to support refresh token refreshes
useSilentRefresh: true, // Needed for Code Flow to suggest using iframe-based refreshes
silentRefreshTimeout: 5000, // For faster testing
timeoutFactor: 0.25, // For faster testing
sessionChecksEnabled: true,
showDebugInformation: true, // Also requires enabling "Verbose" level in devtools
clearHashAfterLogin: false, // manfredsteyer/angular-oauth2-oidc#457 (comment),
requireHttps: false
};

It not works:

export const authConfig: AuthConfig = {
issuer: 'http://172.20.0.247:8080/auth/realms/myrealm',
clientId: 'spa-sigga-platform', // The "Auth Code + PKCE" client
responseType: 'code',
redirectUri: window.location.origin + '/index.html',
silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
scope: 'openid profile email', // Ask offline_access to support refresh token refreshes
useSilentRefresh: true, // Needed for Code Flow to suggest using iframe-based refreshes
silentRefreshTimeout: 5000, // For faster testing
timeoutFactor: 0.25, // For faster testing
sessionChecksEnabled: true,
showDebugInformation: true, // Also requires enabling "Verbose" level in devtools
clearHashAfterLogin: false, // manfredsteyer/angular-oauth2-oidc#457 (comment),
//nonceStateSeparator : 'semicolon', // Real semicolon gets mangled by IdentityServer's URI encoding
requireHttps: false
};

Chrome console output:

image
@jeroenheijmans
Copy link
Owner

Hey! Sorry to hear you're having issues. However, this sounds like something quite specific to your setup and situation, and not so much an issue or bug with this sample repository? This sample is just a single-person project by me, so I don't really have time to support individual cases via this issues list. I recommend turning to a consultant, a forum, stack overflow, or similar. Hope you'll understand?

@jeroenheijmans jeroenheijmans added the question This is/seems (currently) more a question than an issue with the code. label Sep 2, 2020
@alvaroamorim
Copy link
Author

Ok.

I believe my problem is related to another issue about Chrome not allowing cookies. I'm already following on another thread. Thanks for the feedback. Your samples helped me a lot!

Thanks!

@jeroenheijmans
Copy link
Owner

You might be interested in #40 and the blogpost I wrote about that topic. Maybe that helps? Take care!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question This is/seems (currently) more a question than an issue with the code.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jeroenheijmans @alvaroamorim