All Questions
Tagged with identityserver4 oidc-client-js
116
questions
0
votes
1
answer
4k
views
(oidc-client + React and Typescript) OidcClient.readSigninResponseState: No matching state found in storage
I saw that there are already threads on the subject but they are mostly dead or in any case without any real solution.
I'm implementing a react and typescript client, in it I have installed the oidc-...
1
vote
0
answers
484
views
oidc-client.js Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('') does not match the recipient window's origin ('')
I am getting this error using oidc-client.js
oidc-client.min.js:1 Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://auth.xxx.yyy.co.uk') does not match the recipient ...
3
votes
1
answer
309
views
Identity server 4 - prevent replay attack using Authorization Code flow+ PKCE with oidc-client
We recently failed a pen test due to our implementation of Identity Server 4 not preventing a replay attack.
I have uploaded a simplified version of our setup to github to demonstrate what is going ...
0
votes
0
answers
820
views
Keycloak login page refresh logs out from other tab
we are using OIDC-client library from react js side and IS4 using keycloak as login provider,
open the two tabs and open the same url[e.g. xyz.com]
when 1st tab request the url, IS4 provides the ...
0
votes
1
answer
1k
views
OIDC client silent refresh multiple times
Here is my client config:
const settings = {
userStore: new WebStorageStateStore({ store: window.localStorage }),
client_id: 'authtest',
automaticSilentRenew: true,
...
4
votes
1
answer
764
views
Custom React GUI for oidc-client-js
is there a way to user your custom React GUI with oidc-client-js? I know that if you trigger authentication endpoint using:
// PopUps might be blocked by the user, fallback to redirect
...
3
votes
1
answer
1k
views
Dynamic post_logout_uri and redirect_uri in IdentityServer4
I came across an issue where one of my clients is sending postlogouturi with dynamic parameters.
I have registered a client in ClientStore from the IdentityServer4 side
new Client({
clientId: "...
0
votes
3
answers
1k
views
OIDC client + Identity Server 4, setting max_age silent token reniew not working
I have an angular 10 application with OIDC JS client as open id connect. On browser or tab close I need to redirect the user back to the login page.
By setting max_age to the UserManager the ...
1
vote
1
answer
954
views
Logout user after sliding refresh token lifetime expired
We are using IdentityServer4 and the oidc-client-js library for angular.
We noticed that the token is renewed automatically which is fine. But we want the user to be signed out, after the ...
5
votes
2
answers
2k
views
IdentityServer 4 - Multiple tab login 400 error
I have a .net core 3.1 MVC IdentityServer4 application (A tailored quickstart app provided by the guys at Idsrv) which I use for authentication against a SPA which is built using the oidc-client ...
2
votes
0
answers
2k
views
IdentityServer4 with oidc-client in Angular: login_required error in console when `signinRedirectCallback` is called
I'm using ASP.NET Core IdentityServer4 as the IdP and oidc-client library in my Angular project to integrate the id service. However, after user login, following error occurred twice in the web ...
1
vote
1
answer
333
views
Erratic Signing Out with IdentityServer 4
We have users complaining because they are redirected to the login page of the Identity Server while in the middle of their work (and thus losing their current work). We have endeavoured to configure ...
3
votes
3
answers
14k
views
The specified 'redirect_uri' is not valid for this client application
I'm using OIDC client and I'm calling below line to siginin,
await this.userManager.signinRedirect(this.createArguments(state));
return this.redirect();
after this I see in the network ...
0
votes
1
answer
650
views
Client application (oidc) is redirected to login when IdentityServer4 is restarted
I have an implementation of IdentityServer with an external Provider to authenticate and a client application that implements oidc implicit flow with the oidc-client library.
All works correctly (...
0
votes
0
answers
819
views
How to pass access token in cookie?
Here is my WebAPI configuration:
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication("Bearer", options =>
{
options.Authority = "https://...