'angular-auth-oidc-client -Not able to use latest token that Identity server is sending

identity/authorization server is sending refreshed/latest token in response but somehow my angular application not able to utilize that token

I have angular application that call a REST API endpint . REST ENDPOINT is protected by bearer token .

The flow is as below

  1. Logged in my application and I got bearer token in respsonse and called rest api from angular application using bearer token
  2. after 5 minute silent renew get fired and called authentication/autherization server and in response got latest token
  3. after 5 mint again silent renew get fired (now it is total 10 mint from login time begging) and called authentication/autherization server and in response got latest token but now when Angular application call rest api it come unauthorized call to api .

Note - What I have observed that in local storage under browser it keep very first token ( I mean login time response token)

My code is as below

app.module.ts file

export function configureAuth(oidcConfigService: OidcConfigService) {
return () =>
oidcConfigService.withConfig({
stsServer: environment.stsServer,
redirectUrl: ${window.location.origin}/,
clientId: '<<client id >>',
scope: 'openid profile email <priviledge>',
responseType: 'id_token token',
triggerAuthorizationResultEvent: false,
postLogoutRedirectUri: ${window.location.origin}/unauthorized,
startCheckSession: true,
silentRenew: true,
silentRenewUrl: ${window.location.origin}/silent-renew.html,
postLoginRoute: '/',
forbiddenRoute: '/forbidden',
unauthorizedRoute: '/unauthorized',
historyCleanupOff: true,
autoUserinfo: false,
storage: localStorage
}
);

providers: [

OidcConfigService,
{
provide: APP_INITIALIZER,
useFactory: configureAuth,
deps: [OidcConfigService],
multi: true,
},

silent-renew.html

<script> window.onload = function () 
{ 
   /* The parent window hosts the Angular application */ 
   var parent = window.parent; 
   var event = new CustomEvent('oidc-silent-renew-message', { detail: window.location }); 
   parent.dispatchEvent(event); 
 }; 
</script>

angular.json

"assets": [
"src/favicon.ico",
"src/assets",
"src/silent-renew.html",

oidc-client version

"angular-auth-oidc-client": "^11.6.0",

Any help on this will be really appreciated

angularopenid-connect


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

What is the best approach to logout from keycloak after authentication via pkce?

How do I validate a JWT using JwtSecurityTokenHandler and a JWKS endpoint?

Change the preferred_username in token for client credential grant flow

ASP.NET Web API and OpenID Connect: how to get Access Token from Authorization Code

What are the default Lifetime values for openiddict tokens

Web API with Microsoft Identity Platform Authentication

RFC - Adding Group Claims from OKTA to Role Claims in .net Framework Using OIDC

Blazor WebAssembly Hosted on IIS - only API is working

OpenIdConnectProtocolValidator - nonce error

Logout from Keycloak does not logout Active Directory User

OpenIDConnect provider's HTTPS certificate doesn't match configured thumbprint

How to configure Keycloak to work with Guacamole's OpenID plugin?

Web App SPA & OIDC: How to properly authenticate before accessing the front?

Null Reference Exception when calling GraphServiceClient from a .net core Razor application that uses OpenIdConnect