How to get expiration time for silent token in Oidc-Client

0
votes

I have SPA developed application on which I used to implement Oidc-Client for OAUTH authentication and below are the clarifications.

  1. How to configure silent-refresh page with web pack config file in angular structure based project since silent-refresh.html is not invoked on token expiration.
  2. Even if silent token generated then how to get/set expiration time of silently generated token?

Kindly help and suggest.

2
single-page-applicationopenid-connectwebpack-dev-serveroidc-client-js

2 Answers

0
votes

SILENT REFRESH

Rather than a separate HTML page, my personal preference is to handle this by a silent token renewal response to the index.html page. Then write code like this:

if (window.top === window.self) {

    // Run the main app
    const app = new App();
    app.execute();

} else {

    // If our SPA is running on an iframe, handle token renewal responses
    const app = new IFrameApp();
    app.execute();
}

I find that this approach avoids adding complexity to the WebPack / build system. The code for the iframe app does very little other than receiving the silent token renewal response.

EXPIRY

Interesting why you want to use access token expiry times directly. You can get the value like this:

const user = await this._userManager.getUser();
if (user) {
  console.log(user.expires_at);
}

The real requirement here is to ensure that you avoid errors for end users when an API call fails due to an expired access token. This is best handled via the following actions:

  • If an API call fails with a 401 status code
  • Then try to get a new access token, generally via userManager.signInSilent()
  • Then retry the API call with the new access token

Therefore the way you call APIs should have a helper class with some retry logic, as in my example here.

0
votes

To get notified after silent refresh, add an event handler for userLoaded: UserManager.events.addUserLoaded. This will pass the new User with a new expire time