After a call to the connect/authorize endpoint on silent renew it invokes silent_renew.html. but on the log its returning OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}
I have an angular client. with silent_renew.html
<!DOCTYPE html>
<html>
<head>
<base href="./" />
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>silent-renew</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
</head>
<body>
<script>
window.onload = function () {
console.log("Testing" + Date.now());
parent.postMessage(location.hash, location.origin);
};
</script>
</body>
</html>
And the client setting in identity server is
new Client
{
ClientId = app.ClientId,
ClientName = app.ClientName,
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = true,
RequireClientSecret = false,
AlwaysSendClientClaims = true,
AllowOfflineAccess = true,
AllowAccessTokensViaBrowser = true,
AlwaysIncludeUserClaimsInIdToken = false,
RequireConsent = false,
AllowRememberConsent = true,
EnableLocalLogin = false,
IdentityProviderRestrictions = new List<string> {
app.Restrictions
},
AccessTokenLifetime = 60,
RedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
$"{configuration["localAddress"]}/callback.html",
$"{configuration["localAddress"]}/silent-renew.html",
app.ClientAddress,
app.ClientAddress + "/index.html",
app.ClientAddress + "/callback.html",
app.ClientAddress + "/silent-renew.html"
},
PostLogoutRedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
app.ClientAddress,
app.ClientAddress + "/index.html"
},
AllowedCorsOrigins =
{
$"{configuration["localAddress"]}",
app.ClientAddress
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
app.ClientCode.ToLower()
}
});
I have spent days trying to find the problem, so any help is appreciated.
If anyone runs to the same problem here is the solution that worked for me. I was using the wrong setting for silent_renew.html. I replaced it with the following code I got from this link link and it worked.
<html>
<body>
<script>
const checks = [
/[\?|&|#]code=/,
/[\?|&|#]error=/,
/[\?|&|#]token=/,
/[\?|&|#]id_token=/,
];
function isResponse(str) {
let count = 0;
if (!str) {
return false;
}
for (let i = 0; i < checks.length; i++) {
if (str.match(checks[i])) return true;
}
return false;
}
let message = isResponse(location.hash)
? location.hash
: "#" + location.search;
console.log(
"Silent refresh iframe is posting to the parent application, message:",
message
);
(window.opener || window.parent).postMessage(message, location.origin);
</script>
</body>
</html>