Skip to main content

All Questions

Ask Question
Tagged with
116 questions
Newest Active Bountied Unanswered
0 votes
1 answer
4k views

(oidc-client + React and Typescript) OidcClient.readSigninResponseState: No matching state found in storage

I saw that there are already threads on the subject but they are mostly dead or in any case without any real solution. I'm implementing a react and typescript client, in it I have installed the oidc-...
Matteo Pietro Peru's user avatar
Matteo Pietro Peru
  • 566
1 vote
0 answers
484 views

oidc-client.js Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('') does not match the recipient window's origin ('')

I am getting this error using oidc-client.js oidc-client.min.js:1 Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://auth.xxx.yyy.co.uk') does not match the recipient ...
Alex Driver's user avatar
Alex Driver
  • 125
3 votes
1 answer
309 views

Identity server 4 - prevent replay attack using Authorization Code flow+ PKCE with oidc-client

We recently failed a pen test due to our implementation of Identity Server 4 not preventing a replay attack. I have uploaded a simplified version of our setup to github to demonstrate what is going ...
Alex Driver's user avatar
Alex Driver
  • 125
0 votes
0 answers
820 views

Keycloak login page refresh logs out from other tab

we are using OIDC-client library from react js side and IS4 using keycloak as login provider, open the two tabs and open the same url[e.g. xyz.com] when 1st tab request the url, IS4 provides the ...
Ashutosh Gupta's user avatar
Ashutosh Gupta
  • 1
0 votes
1 answer
1k views

OIDC client silent refresh multiple times

Here is my client config: const settings = { userStore: new WebStorageStateStore({ store: window.localStorage }), client_id: 'authtest', automaticSilentRenew: true, ...
Cezar's user avatar
Cezar
  • 355
4 votes
1 answer
764 views

Custom React GUI for oidc-client-js

is there a way to user your custom React GUI with oidc-client-js? I know that if you trigger authentication endpoint using: // PopUps might be blocked by the user, fallback to redirect ...
Mastenka's user avatar
Mastenka
  • 335
3 votes
1 answer
1k views

Dynamic post_logout_uri and redirect_uri in IdentityServer4

I came across an issue where one of my clients is sending postlogouturi with dynamic parameters. I have registered a client in ClientStore from the IdentityServer4 side new Client({ clientId: "...
p.durga shankar's user avatar
p.durga shankar
  • 1,187
0 votes
3 answers
1k views

OIDC client + Identity Server 4, setting max_age silent token reniew not working

I have an angular 10 application with OIDC JS client as open id connect. On browser or tab close I need to redirect the user back to the login page. By setting max_age to the UserManager the ...
San Jaisy's user avatar
San Jaisy
  • 16.4k
1 vote
1 answer
954 views

Logout user after sliding refresh token lifetime expired

We are using IdentityServer4 and the oidc-client-js library for angular. We noticed that the token is renewed automatically which is fine. But we want the user to be signed out, after the ...
Ben5's user avatar
Ben5
  • 777
5 votes
2 answers
2k views

IdentityServer 4 - Multiple tab login 400 error

I have a .net core 3.1 MVC IdentityServer4 application (A tailored quickstart app provided by the guys at Idsrv) which I use for authentication against a SPA which is built using the oidc-client ...
Jamie Mclaughlan's user avatar
Jamie Mclaughlan
  • 875
2 votes
0 answers
2k views

IdentityServer4 with oidc-client in Angular: login_required error in console when `signinRedirectCallback` is called

I'm using ASP.NET Core IdentityServer4 as the IdP and oidc-client library in my Angular project to integrate the id service. However, after user login, following error occurred twice in the web ...
Sunny Chen's user avatar
Sunny Chen
  • 39
1 vote
1 answer
333 views

Erratic Signing Out with IdentityServer 4

We have users complaining because they are redirected to the login page of the Identity Server while in the middle of their work (and thus losing their current work). We have endeavoured to configure ...
onefootswill's user avatar
onefootswill
  • 3,937
3 votes
3 answers
14k views

The specified 'redirect_uri' is not valid for this client application

I'm using OIDC client and I'm calling below line to siginin, await this.userManager.signinRedirect(this.createArguments(state)); return this.redirect(); after this I see in the network ...
fighter code's user avatar
fighter code
  • 31
0 votes
1 answer
650 views

Client application (oidc) is redirected to login when IdentityServer4 is restarted

I have an implementation of IdentityServer with an external Provider to authenticate and a client application that implements oidc implicit flow with the oidc-client library. All works correctly (...
lucabt's user avatar
lucabt
  • 1
0 votes
0 answers
819 views

How to pass access token in cookie?

Here is my WebAPI configuration: services.AddAuthentication("Bearer") .AddIdentityServerAuthentication("Bearer", options => { options.Authority = "https://...
Vlad's user avatar
Vlad
  • 3,131

15 30 50 per page
1
2 3 4 5
8