5

I was following the getting-started guide for the angular-oauth2-oidc library, but the only thing it stores is the nonce value, the access_token doesn't appear anywhere.

This is the configuration I have for AuthConfig.

export const AUTHCONFIG: AuthConfig = {
    loginUrl: 'https://login.microsoftonline.com/xxxxxxxx/oauth2/authorize',
    redirectUri: window.location.origin + '/', //localhost:4200/
    clientId: 'the id of my angular app registered in azure',
    resource: 'the id of my web api in nodejs also registered',
    oidc: true,
    requireHttps: false // this is for testing in localhost
};

My app.component.ts has the following:

export class AppComponent {
     constructor(private oauthService: OAuthService) {this.loadConfig()}
     loadConfig(): void {
         this.ouathService.configure(AUTHCONFIG);
         this.ouathService.tokenValidationHandler
                          = new JwksValidationHandler();
         this.ouathService.token.setStorage(localStorage);
     }
}

In my login.component.ts I have:

export class LoginComponent {
    constructor(private oauthService: OAuthService) {}
    login(): void { this.oauthService.initImplicitFlow();}
}

After the user gets redirected here, I can see in the url the params of access_token and etc.

But when I go to localStorage the only thing I can see is nonce and its value, but not the access_token. I've already tried to print it in the console and I receive null.

This the url I get back: http://localhost:4200/#access_token=thetoken&etcparams.

Jeroen
  • 60,696
  • 40
  • 206
  • 339
Otto Cheley
  • 552
  • 9
  • 20
  • Are you sure that library is compatible with Azure AD? – juunas Jan 15 '18 at 17:41
  • 1
    @juunas yeah, I saw this tutorial https://www.youtube.com/watch?v=RSqREkxe2z0. I have already solved my problem, now I can see the access_token, I have a new error where it is saying that I have a wrong issuer so it can't validate the token. I set my issuer property to https://login.microsoftonline.com but it keeps saying that is a wrong issuer. – Otto Cheley Jan 15 '18 at 17:55
  • 1
    where was the error and how did you fix it? i also can't access the token after returning from login page - even tho it is set as a paremeter in the url. – Alexander Belokon Jan 22 '18 at 05:33
  • @Entertain The error was that I was not setting the issuer and jwks properties in my AuthConfig, which apparently are required in order to work properly, once you fill those props, It should work fine :). – Otto Cheley Jan 22 '18 at 23:40
  • @Entertain Did it work for you friend? – Otto Cheley Jan 24 '18 at 21:56
  • @OttoCheley I am having same issue. I am also setting issuer and jwks properties but no luck. – shobhit vaish Jun 12 '18 at 16:58
  • @shobhitvaish How is your configuration? – Otto Cheley Jun 12 '18 at 17:14
  • @OttoCheley Here is how it looks like. I am using identity server 4 this.oAuthService.issuer = 'http://localhost:58117'; this.oAuthService.redirectUri = 'http://localhost:4200'; this.oAuthService.clientId = "angular_web_spa_external_auth"; this.oAuthService.scope = "openid profile email taaable_api"; this.oAuthService.customQueryParams = { acr_values: 'idp:Google' }; this.oAuthService.tokenValidationHandler = new JwksValidationHandler(); this.oAuthService.loadDiscoveryDocumentAndTryLogin(); – shobhit vaish Jun 12 '18 at 17:24
  • The problem is in you issuer, you must place a url there that is not localhost, you will find the issuer and all the other keys in the following url https://login.windows.net/{tenant-name or id}/.well-known/openid-configuration – Otto Cheley Jun 12 '18 at 18:27
  • @OttoCheley Looks correct to me {"issuer":"http://localhost:58117","jwks_uri":"http://localhost:58117/.well-known/openid-configuration/jwks","authorization_endpoint":"http://localhost:58117/connect/authorize","token_endpoint":"http://localhost:58117/connect/token","userinfo_endpoint":"http://localhost:58117/connect/userinfo","end_session_endpoint":"http://localhost:58117/connect/endsession","check_session_iframe":"http://localhost:58117/connect/checksession","revocation_endpoint":"http://localhost:58117/connect/revocation","introspection_endpoint":"http://localhost:58117/conn ......... – shobhit vaish Jun 12 '18 at 18:56
  • Believe I tried using localhost and it didn't work – Otto Cheley Jun 12 '18 at 19:00
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/173007/discussion-between-otto-cheley-and-shobhit-vaish). – Otto Cheley Jun 12 '18 at 19:00
  • Was this ever figured out? I'm having an exact same problem :) – Nick Manojlovic Jun 17 '19 at 20:48
  • Have you checked the generated `response_type` if it contains `token`? `access token` is only returned when `response_type=token` or `response_type=id_token token` actually. – Son Aug 20 '19 at 22:13

1 Answers1

0

@Otto Cheley you dont need to add JWK validator.

    export class AppComponent {
     constructor(private oauthService: OAuthService) {this.loadConfig()}
     loadConfig(): void {
         this.ouathService.configure(AUTHCONFIG);
        // this.ouathService.tokenValidationHandler = new JwksValidationHandler();
         this.ouathService.token.setStorage(localStorage);
     }
    }

Try with commenting tokenValidator

lczapski
  • 4,026
  • 3
  • 16
  • 32
mannbavara
  • 1
  • 3