You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I'm integrating keycloak-angular into an existing Angular 5 app and am experiencing an issue when using the implicit flow. (I'm new to keycloak and this library so it's entirely possible I've not configured something properly or misunderstood use cases.)
From a behaviour prospective, after initializing the keycloak.service, I am forwarded to the Keycloak login page and after login, successfully land back in my app. The app loads up, initializes the keycloak.service again; however, soon I find that the browser tries to navigate back to keycloak, keycloak redirects to my app, app to keycloak, keycloak back to app, and so forth.
Debugging my code, I see both isLoggedIn() and getToken() call updateToken which calls keycloak-js's updateToken which returns an error'd promise since there are no refresh tokens in an implicit flow.
I'm extending from keycloak-auth-guard.service and using the interceptor. The former calls isLoggedIn() directly in canActivate(...) and the latter calls addTokenToHeader() that then calls getToken().
I'm wondering what I'm doing wrong in the init or general usage that is causing this unexpected behaviour? Any help would be appreciated, thanks :)
Config
Using keycloak-angular 1.4.0 whose using keycloak-js 3.4.3. Example config used for init.
@jdmaguire, I was able to reproduce your issue and you are right, when using the implicit flow the behavior should be different, otherwise it will face an endless redirect loop.
Thanks for opening this issue!
mauriciovigolo
changed the title
[Question] Implicit Flow Checks Non-Existing Refresh Token
Implicit Flow Checks Non-Existing Refresh Token
Jun 12, 2018
Hello, I'm integrating keycloak-angular into an existing Angular 5 app and am experiencing an issue when using the
implicit
flow. (I'm new to keycloak and this library so it's entirely possible I've not configured something properly or misunderstood use cases.)From a behaviour prospective, after initializing the keycloak.service, I am forwarded to the Keycloak login page and after login, successfully land back in my app. The app loads up, initializes the keycloak.service again; however, soon I find that the browser tries to navigate back to keycloak, keycloak redirects to my app, app to keycloak, keycloak back to app, and so forth.
Debugging my code, I see both isLoggedIn() and getToken() call updateToken which calls keycloak-js's updateToken which returns an error'd promise since there are no refresh tokens in an implicit flow.
I'm extending from keycloak-auth-guard.service and using the interceptor. The former calls
isLoggedIn()
directly incanActivate(...)
and the latter callsaddTokenToHeader()
that then callsgetToken()
.I'm wondering what I'm doing wrong in the init or general usage that is causing this unexpected behaviour? Any help would be appreciated, thanks :)
Config
Using keycloak-angular 1.4.0 whose using keycloak-js 3.4.3. Example config used for init.
The text was updated successfully, but these errors were encountered: