silent token renew in identity server 4 with js client app not working as expected

Question

I am working with identity server 4 to provide identity services to different apps in an enterprise arch.

Registered an SPA application using implicit flow with the identity server 4 app with oidc-client.js and is working.

But the problem is with token renew, need to preserve user login for a long period of time with out asking user to login again.

To make this happen implemented silent token renew with the following configuration.

var config = {
    authority: "http://localhost:5000",
    client_id: "jswebclient",
    redirect_uri: "http://localhost:5003/callback.html",
    response_type: "id_token token",
    scope: "openid profile api1",
    post_logout_redirect_uri: "http://localhost:5003/loggedout.html",
    automaticSilentRenew: true,
    silent_redirect_uri : "http://localhost:5003/callback.html" };

var mgr = new Oidc.UserManager(config);

with the above configuration automatic renew is happening but it is not silent renew as expected, complete page redirect to the redirect uri is happening to handle response from identity server.

for ex: index.html is my actual page in which silent renew happens and callback.html is the redirect uri , index.html is redirected to callback.html and then renewed and then redirected back to index.html, actual network log is attached below,

can any one pls help me solve the issue to make silent renew happen.

score 6 · Answer 1 · answered Apr 19 '17 at 06:39

after googling a lot and referring to many articles i found out the issue, which is with the configuration, it worked after changing the configuration to the below

var config = {
    authority: "http://localhost:5000",
    client_id: "jswebclient",
    redirect_uri: "http://localhost:5003/callback.html",
    response_type: "id_token token",
    scope: "openid profile api1",
    post_logout_redirect_uri: "http://localhost:5003/loggedout.html",
    automaticSilentRenew: true,
    silent_redirect_uri: "http://localhost:5003/silentrenew.html"   
};

var mgr = new Oidc.UserManager(config);

created a new silentrenew.html page to handle silent renew response and added the below script in the page

 <script>
    new Oidc.UserManager().signinSilentCallback();        
 </script>

thats all... it started working as expected.

Doesn't the silentrenew.html page need OIDC configuration information? It looks like that is only in the index.html page. — Alien Technology, Oct 24 '18 at 19:54
Thanks, it works but I did have to include a call to oidc-client.js in the silentrenew.html page, and of course add the url as an authorised redirect URL in the Identity Server. As per this webpage https://www.scottbrady91.com/OpenID-Connect/Silent-Refresh-Refreshing-Access-Tokens-when-using-the-Implicit-Flow — NDUF, May 17 '19 at 07:15

silent token renew in identity server 4 with js client app not working as expected

1 Answers1