-
Notifications
You must be signed in to change notification settings - Fork 678
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question/Support] when a user opens a new tab in the web browser, it will redirect the user back to home page #323
Comments
Aloha! I'm investigating something very similar. First up, there's two things troubling you (I think):
If you solve part 2 then you'd still have your question for new windows, so I suggest possibly solving them both. For (1), using the "state" in the implicit flow to "remember" the route checkout the "Remembering State" docs, I believe that should fix things. For (2) you could use Hope that helps. |
Thx @jeroenheijmans for this great answer! |
@jeroenheijmans , thank you very much. I am going to try it soon. |
something like that: https://github.com/manfredsteyer/angular2-oauth2/blob/master/readme.md. However, I got a infinite authorize loop. Do you have an example that shows how to replace this.oauthService.loadDiscoveryDocumentAndLogin() with this.oauthService.initImplicitFlow('http://www.myurl.com/x/y/z'); this.oauthService.tryLogin()?
I added "{ provide: OAuthStorage, useValue: localStorage }," as you suggested, it is working. |
@yukund If you "get an infinite authorize loop" I suggest creating a minimal repro and posting a question on Stack Overflow, which is a lot better suited for such reproducible problems. As for the example on how to combine loading disco document, implicit flow, and trylogin, you could have a sneak peek at my (work in progress!) example repo where I do something like this: this.authService.loadDiscoveryDocument()
.then(() => this.authService.tryLogin())
.then(() => {
if (!this.authService.hasValidAccessToken()) {
this.authService.silentRefresh()
.catch(result => {
// See https://openid.net/specs/openid-connect-core-1_0.html#AuthError
const errorResponsesRequiringUserInteraction = [
'interaction_required',
'login_required',
'account_selection_required',
'consent_required',
];
if (result && result.reason && errorResponsesRequiringUserInteraction.indexOf(result.reason.error) >= 0) {
this.authService.initImplicitFlow();
}
});
}
}); This will in order:
You could add an ìnitImplicitFlow()` at the complete end too if there's still no valid token, up to your situation. PS. IMHO the security difference between Again, if you have further issues, I suggest asking questions on Stack Overflow, which is much better suited for Q&A than GitHub Issues. |
@jeroenheijmans thank you very much for your examples and clear explanation. It is very helpful. |
Hi guys,
Background:
I am using openid connect and implicit flow with silent refresh.
When a user opens a link (e.g. http://localhost/books) in a new tab in the web browser, firstly the angular app will do the authentication, and then it will redirect the user back to home page (e.g. http://localhost configured in the auth.config.ts show in below)
Question
In this case, if users want to open a new tab to visit http://localhost/books , how should I redirect the user back to http://localhost/books rather than the homepage after re-authenticated?
Any suggestions?
thanks
Yanbo
auth.config.ts
The text was updated successfully, but these errors were encountered: