perarnborg/vuex-oidc

error=login_required on authenticateOidcSilent is not caught because of ignoreErrors: true block - causing page hang

prefabcode opened this issue · 3 comments

Hi,

When I go to my application and my session has expired - an authenticateOidcSilent request is sent by vuex-oidc and a response is returned by my SSO provider: http://localhost:8080/silent-auth#error=login_required

The library does not catch this error because of the following code: (on line 197 of create-store-module.js)

 if (authenticateSilently) {
      _authenticateOidcSilent(context, {
       ignoreErrors: true // this causes the error to be ignored, no redirect occurs
 }).then(function () {
     oidcUserManager.getUser().then(function (user) {
      if (!user) {
        authenticate();
      }
// line 73 of create-store-module.js, authenticateOidcSilent function
.catch(err => {
    context.commit('setOidcAuthIsChecked')
    if (payload.ignoreErrors) {
      resolve(null) // no redirect occurs to my SSO provider because of this, and my page just hangs. 
    } else {
      context.commit('setOidcError', errorPayload('authenticateOidcSilent', err))
      reject(err)
    }
  })
})

If I set ignoreErrors to false here - everything works as expected, I get navigated to SSO to login with no problems.

My question is - is there a particular reason why ignoreErrors is set to true on line 197? Could this possibly be a bug?

Is there a way to configure the library so that it does not ignore errors from authenticateOidcSilent when it first initializes?

Is there another way that I can initialize a redirect to my SSO provider if I detect this error (I realize that maybe I can parse the error out of the URL, or that vue router has access to the hash property which would contain the error).

I remember this discussed here, and not only once. You may try to find other discussion threads here.

I am sorry for this late resonse!

What version are you using? I believe a fix of this was made by @coolhome that was published in v3.10.1. The fix adds a check if the user has expired in these cases, so this was indeed a bug.

Please repoen if you still have a problem with this.