aurelia-contrib / aurelia-open-id-connect Goto Github PK

Hello,
I started a new project using the ASP.NET Core SpaTemplate and get this error when adding:

import { PLATFORM, autoinject } from 'aurelia-framework';
import { Router, RouterConfiguration } from 'aurelia-router';
import { OpenIdConnect, OpenIdConnectRoles } from "aurelia-open-id-connect";

@autoinject()
export class App {
    ...
    configureRouter(config: RouterConfiguration, router: Router) {
        ...
        this.openIdConnect.configure(config); //<- Two different types with this name exist, but they are unrelated
        ...
    }
}

This is because their are two versions of the Aurelia codebase.

• node_modules\aurelia-router\
• node_modules\aurelia-open-id-connect\node_modules\aurelia-router\

When I remove them inside the project node_modules the issue is resolved.

Shouldn't the 'yarn.lock' be removed from this repository?

We don't really need the iframe I guess. To shut oidc client up, just add these to the parameters:

automaticSilentRenew : false,
monitorSession : false,

It might be nice for the connector to override these in the code, the connector can already track the session itself, see the demo for that.

See #4

I have my own idsr app, that works fine and it is published on my IIS server (maybe it dont good idea, but thus I can check how it will work in production).
Also I have my au-app based on AspNetCore.SpaTemplates. But after webpack 4 was released, I modernized this template to work with webpack 4. I spend a lot of time to do this but point was reached.
After that I connected and set up aurelia-open-id-connect plugin. In debug all works fine. User can authorize and app can do request to API .
But I decided to check how it will work after publish also on my IIS server. And I have one problem:

1. User click button login.
2. User is redirected to idsr app (app.com/Name/account).
3. User login there.
4. User is redirected back (app.com/Name/au-app/Name/au-app/signin-oidc).
5. Aurelia-router can't found route (/Name/au-app/signin-oidc).
   
   Is my oidc plugin config wrong? Is it problem with pushState on IIS (without oidc-plugin routing works fine)?
   Also I had tried it with your example (https://github.com/aurelia-contrib/aurelia-open-id-connect-demos/tree/master/aurelia-app-aspnet-core) but got the same after publishing. In debug all works fine.
   

When logged into Identity server, the aurelia client application is throwing an error approximately every 2 seconds:

oidc-client.min.js:75 Uncaught TypeError: Cannot read property 'postMessage' of null

I'm trying to add this package via jspm to an aurelia project that uses jspm, but the package is not installed completely in the jspm_packages, and when I run it I obtain the error message

jection (SystemJS) XHR error (500 Internal Server Error) loading http://localhost:5000/jspm_packages/github/shaunluttin/[email protected]
Error: XHR error (500 Internal Server Error) loading http://localhost:5000/jspm_packages/github/shaunluttin/[email protected]
Error loading http://localhost:5000/jspm_packages/github/shaunluttin/[email protected]

About 6 months ago I created a proto of Identity Server 3 with AspNet Identity and an Aurelia app. Also with the suggested pushState = true for the Aurelia router. At the time was told to shelve the proto but, was working great. Fast-forward to 6+ months of Aurelia development and now dusting off the proto for OIDC. We now have many items using the hashbang, google tag manager and a WordPress homepage to name a few. So, everything works until I set pushState = true. I've tried many different configs with the redirect urls without any luck. I do not know how to create a hack to make this work or even where to start.

Any ideas would be very helpful.

The resource return errors regarding to CORS not being set up correctly.

Fetch API cannot load https://zamboni-resource-01.azurewebsites.net/api/private. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://zamboni-app.azurewebsites.net' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Our project is using ES6 so my attempt at using the plugin is not going well. I keep getting this error no matter how I write the configuration. I've tried using typescript and I get the same issue.

Unhandled rejection TypeError: Cannot read property 'userManagerSettings' of undefined

Here is the open-id-connect-configuration.js I've created. While userManagerSettings is a TS interface, I don't understand why it's not seeing it correctly. It's probably obvious to some but I honestly have no idea what I'm doing wrong here. Many Thanks

import environment from "./environment";
import { OpenIdConnectConfiguration } from "aurelia-open-id-connect";
import { UserManagerSettings, WebStorageStateStore } from "oidc-client";

const oidcConfig = {
    loginRedirectModuleId: "home",
    logoutRedirectModuleId: "home",
    userManagerSettings: {
        // number of seconds in advance of access token expiry
        // to raise the access token expiring event
        accessTokenExpiringNotificationTime: 1,
        authority: environment.urls.authority,
        automaticSilentRenew: false, // true,
        //interval in milliseconds to check the user's session
        checkSessionInterval: 10000,
        client_id: "aurelia",
        filterProtocolClaims: true,
        loadUserInfo: false,
        post_logout_redirect_uri: `${environment.urls.host}/signout-oidc`,
        redirect_uri: `${environment.urls.host}/signin-oidc`,
        response_type: "id_token token",
        scope: "openid email roles profile",
        //number of millisecods to wait for the authorization
        // server to response to silent renew request
        silentRequestTimeout: 10000,
        silent_redirect_uri: `${environment.urls.host}/signin-oidc`,
        userStore: new WebStorageStateStore(w => {
            w.prefix = "oidc",
            w.store = window.localStorage
        })
    }
};

export default oidcConfig;

Hi there, and firstly, thank you for the plugin; I am slowly making progress.

The thing I am unsure of is, What do i need to do in order to receive the token. leaving things as they are, on successful login and redirect i get the following error: ERROR [app-router] Error: Route not found: /signin-oidcid_token along with my token. Am I doing anything wrong?

Thanks in advance

As is, the 19.0 release breaks the 18.0 plugin API.

I would like to integrate OIDC onto the Aurelia Microsoft.AspNetCore.SpaTemplates...
Currently I'm getting "Uncaught (in promise) Error: Unable to find module with ID: aurelia-open-id-connect".

On page load, there are two errors in succession:

[Error] ERROR [app-router] Error
	g (zamboni-app.azurewebsites.net, line 68)
	error (vendor-bundle.js, line 13857)
	log (vendor-bundle.js, line 13545)
	error (vendor-bundle.js, line 13578)
	processResult (vendor-bundle.js, line 18135)
	(anonymous function) (vendor-bundle.js, line 18088)
	tryCatcher (vendor-bundle.js, line 3394)
	_settlePromiseFromHandler (vendor-bundle.js, line 2594)
	_settlePromise (vendor-bundle.js, line 2651)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2775)
	_fulfill (vendor-bundle.js, line 2720)
	_settlePromise (vendor-bundle.js, line 2664)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2775)
	_fulfill (vendor-bundle.js, line 2720)
	_resolveCallback (vendor-bundle.js, line 2537)
	_settlePromiseFromHandler (vendor-bundle.js, line 2606)
	_settlePromise (vendor-bundle.js, line 2651)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2771)
	_drainQueue (vendor-bundle.js, line 168)
	_drainQueues (vendor-bundle.js, line 178)
	drainQueues (vendor-bundle.js, line 47)
	PromiseResolutionHandlerFunction ([native code], line 0)

Then

[Error] ERROR [app-router] Router navigation failed, and no previous location or fallbackRoute could be restored.
	g (zamboni-app.azurewebsites.net, line 68)
	error (vendor-bundle.js, line 13857)
	log (vendor-bundle.js, line 13545)
	error (vendor-bundle.js, line 13578)
	restorePreviousLocation (vendor-bundle.js, line 18179)
	processResult (vendor-bundle.js, line 18138)
	(anonymous function) (vendor-bundle.js, line 18088)
	tryCatcher (vendor-bundle.js, line 3394)
	_settlePromiseFromHandler (vendor-bundle.js, line 2594)
	_settlePromise (vendor-bundle.js, line 2651)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2775)
	_fulfill (vendor-bundle.js, line 2720)
	_settlePromise (vendor-bundle.js, line 2664)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2775)
	_fulfill (vendor-bundle.js, line 2720)
	_resolveCallback (vendor-bundle.js, line 2537)
	_settlePromiseFromHandler (vendor-bundle.js, line 2606)
	_settlePromise (vendor-bundle.js, line 2651)
	_settlePromise0 (vendor-bundle.js, line 2696)
	_settlePromises (vendor-bundle.js, line 2771)
	_drainQueue (vendor-bundle.js, line 168)
	_drainQueues (vendor-bundle.js, line 178)
	drainQueues (vendor-bundle.js, line 47)
	PromiseResolutionHandlerFunction ([native code], line 0)

This issue involves choosing what test framework & runner to use and then using those tools to increase test coverage. We will probably use Mocha + Chai + Karma. Here are some testing packages:

• Karma
• Jasmine
• Mocha with Chai and Sinon.
• Jest
• QUnit

Annotated Resources

https://stackoverflow.com/questions/26032124/karma-vs-testing-framework-jasmine-mocha-qunit

https://stackoverflow.com/questions/9710297/jasmine-vs-mocha-javascript-testing-for-rails-3-1

• (Mocha + Chai) seems equivalent to Jasmine.

https://npmcompare.com/compare/jasmine,mocha,qunit

• Mocha is the most popular, Jasime follows it, QUnit is quite far behind in popularity.

https://stackoverflow.com/questions/23272521/difference-between-karma-and-mocha

• Karma appears to provide more features including spawning web browsers.

https://developer.telerik.com/featured/journey-client-side-testing-javascript/

• Testing Frameworks: Mocha, Jasmine, Chai. suite, describe, test, it let us group tests into suites.
• Assertion Library: Assert (comes with NodeJS), Chai, Expect, should.js...
• Test runner: These wrap test suites to be run in specific contexts (e.g. Web browser).
  • Roll our own (e.g. TestRunner.html that imports mocha.js and calls mocha.run())
  • Additionally, call TestRunner.html with Phantom.js
  • Instead of rolling our own, use Karma because it provides runner features.

Bundling with webpack I get the following errors:

Error: Cannot find module './aurelia-open-id-connect/open-id-connect-user-block'.
Error: Cannot find module './aurelia-open-id-connect/open-id-connect-role-filter'.

This is coming from plugin.ts

config.globalResources([
    "./open-id-connect-user-block",
    "./open-id-connect-role-filter",
])

Experiencing "No key matching kid or alg found in signing keys" in the demo here:

https://github.com/shaunluttin/aurelia-open-id-connect-demos

Related:

IdentityModel/oidc-client-js#326

IdentityModel/oidc-client-js#264

maxmantz/redux-oidc#35

Hi, I'm using this plugin and it works really good so far, great work. I have an issue though with the fetch client. When calling a controller method of my api, the authorization header is missing in the request. I guess I need to configure it with the access token from my user but when I debug and check for that info the access token is not set in the user object. Would normally be the access token the one to set in the header? I'm using Bearer authentication.
Is that the general approach to configure the fetch client headers to use that access token or how would that work? Any help is appreciated.

Can this work with IdenetityServer4.

What changes will require for it to work with IdentityServer4.

Thanks

Hi,

First thank you very much for you job it's a nice plugin.

I don't know if it's a bug or if i am doing something wrong but:

For example i set 40 for accessTokenExpiringNotificationTime and i close the browser when 45s left for the token expire and i open it again when time to expire is 35, the token was not refresh, the manual silent login don't work and when the token was expired the login button don't show because you only check if an user exist.

That only occurs when i sign in whit RememberMe = false if it's set to true work well.

Thanks

Hi,
In my application I need to set the signin redirect after the default page is loaded and click on login button from that default page.

This scenario works on debug mode but not in production.

It works in production only if I do it from app.ts in which case I loose the option to choose between register / login.
It does not throw any error in production, but it just never redirects and nothing loads in the page.

--app.ts

config.map([

{route: ['', 'login'], name: 'login', settings: { icon: 'home' }, moduleId: PLATFORM.moduleName('./login'), nav: true, title: 'Home'},
{route: 'profile', name: 'profile', settings: { icon: 'education', auth: true}, moduleId: PLATFORM.moduleName('./profile'), nav: true, title: 'Profile'},

]);
this.openIdConnect.configure(config);
this.config = config;
this.router = router;

-->pipeline step:
config.addPipelineStep('authorize', AuthorizeStep);

-->run method from AuthorizeStep:
async run(navigationInstruction, next) : Promise{

// currently active route config
let currentRoute = navigationInstruction.config;

// settings object will be preserved during navigation
let loginRequired = currentRoute.settings && currentRoute.settings.auth === true;

let user =  await this.openIdConnect.userManager.getUser();
  if (typeof user === undefined || user === null)
      {  
       this.isAuthenticated = false;  
      }
      else
        {
        this.isAuthenticated = true;
        }
if (this.isAuthenticated === false && loginRequired === true) {
  return next.cancel( this.openIdConnect.userManager.signinRedirect());   
}   
return next(this.isAuthenticated);

}

Could please help me to solve this. Tried to move the login page out from app configrouter and in the main.ts set the root to login.

if(app == null || app.user == null)
{

aurelia.start().then(() => aurelia.setRoot(PLATFORM.moduleName('login')));
}
else
{

aurelia.start().then(() => aurelia.setRoot(PLATFORM.moduleName('app')));
}

But this approach loads the login page always and after signin and redirect it loads login page 3 times and clicking login 3 times before it goes to my actual profile page which is added as my login redirect.

const oidcConfig: OpenIdConnectConfiguration = {
loginRedirectModuleId: PLATFORM.moduleName("./profile"),

works in debug mode.

not in production.

@EisenbergEffect

I'm not great with Aurelia but I'm trying to figure out where the "callback" html page is in this example? I've been reading the code, but haven't build the project yet.
But I assume that this is implicit flow so at startup this app will redirect the user to the authority's login page. Then the authority redirects back to the "callback" page which should redirect back to the main app entry point page. But I don't see a callback page in this sample.

I really like this plugin.

However, the one thing that is not so good is that there is two complete downloads of Aurelia. First when the user starts the app, and then again, after the user logs in.

If the "Resource Owner Workflow" were used, then aurelia would get the username/password directly from the user and pass that to the server which would authenticate and pass it back. Then there is no redirect to an external site, and no second load.

I think this would be a huge improvement.

I am trying to get this going now for a site I am working on.

Or maybe there is a way to detect in main whether or not the user is logged in, and if not, then the user is immediately forwarded before Aurelia bootstraps.

How can I generate a nonce with this plugin as part of the redirect? My identity provider requires one for the implicit flow.

The first two commands run successfully.

$ git clone https://github.com/shaunluttin/aurelia-open-id-connect.git
$ cd aurelia-open-id-connect/demo

Then I try to npm install and I get the following error:

User@DESKTOP MINGW64 /c/code/aurelia-open-id-connect/demo (master)
$ npm install -y
npm ERR! addLocal Could not install C:\_forks\cli
npm ERR! Windows_NT 10.0.14393
npm ERR! argv "C:\\Program Files\\nodejs\\node.exe" "C:\\Users\\User\\AppData\\Roaming\\npm\\node_modules\\npm\\bin\\npm-cli.js" "install" "-y"
npm ERR! node v4.4.7
npm ERR! npm  v3.10.5
npm ERR! path C:\_forks\cli
npm ERR! code ENOENT
npm ERR! errno -4058
npm ERR! syscall open

npm ERR! enoent ENOENT: no such file or directory, open 'C:\_forks\cli'
npm ERR! enoent ENOENT: no such file or directory, open 'C:\_forks\cli'
npm ERR! enoent This is most likely not a problem with npm itself
npm ERR! enoent and is related to npm not being able to find a file.
npm ERR! enoent

npm ERR! Please include the following file with any support request:
npm ERR!     C:\code\aurelia-open-id-connect\demo\npm-debug.log

I then try to run npm run and get the following error:

$ npm run demo

> [email protected] demo C:\code\aurelia-open-id-connect\demo
> au run --watch --env dev

Invalid Command: run

I've been trying to work out if this is possible, I want the following behaviour

• User is not logged in
• Requests app.com/person/1
• App redirects them to login
• They login on id server
• After login they're returned to app.com/person/1

Currently I've only been able to return to them to loginRedirectRoute which is typically the 'home' screen for the app.

We already started this feature, but had problems including the value converter resource. The history of that work is related to this file: src/open-id-connect-role-filter.ts

Right now, there are unused or improperly categorized (dev, peer, normal) dependencies in package.json.

In Aurelia CLI the following files don't get packed in vendor-bundle.js

When I open the network tab I see these files that don't get opened from vendor-bundle:

http://localhost:9000/node_modules/aurelia-open-id-connect/dist/amd/open-id-connect-user-block.js
http://localhost:9000/node_modules/aurelia-open-id-connect/dist/amd/open-id-connect-role-filter.js
http://localhost:9000/node_modules/aurelia-open-id-connect/dist/amd/open-id-connect-user-block.html

This is in my aurelia.json

{
            "name": "aurelia-open-id-connect",
            "path": "../node_modules/aurelia-open-id-connect/dist/amd",
            "main": "index"
          },
          "oidc-client"

Click login in Google Chrome. The page correctly navigates to the authorization server, and also throws this error:

ERROR [app-router] TypeError: Cannot read property 'trim' of undefined
    at relativeToFile (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:15464:25)
    at TemplatingRouteLoader.loadRoute (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:26871:52)
    at loadComponent (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:17147:24)
    at loadRoute (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:17120:12)
    at https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:17084:14
    at Array.map (native)
    at loadNewRoute (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:17083:31)
    at LoadRouteStep.run (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:17075:14)
    at next (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:15820:20)
    at iterate (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:16841:14)
    at processDeactivatable (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:16844:12)
    at CanDeactivatePreviousStep.run (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:16776:14)
    at next (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:15820:20)
    at https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:16269:16
    at tryCatcher (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:3394:23)
    at Promise._settlePromiseFromHandler (https://zamboni-app.azurewebsites.net/scripts/vendor-bundle.js:2594:31)
error @ vendor-bundle.js:13714
log @ vendor-bundle.js:14014
error @ vendor-bundle.js:14047
processResult @ vendor-bundle.js:17452
(anonymous) @ vendor-bundle.js:17405
tryCatcher @ vendor-bundle.js:3394
Promise._settlePromiseFromHandler @ vendor-bundle.js:2594
Promise._settlePromise @ vendor-bundle.js:2651
Promise._settlePromise0 @ vendor-bundle.js:2696
Promise._settlePromises @ vendor-bundle.js:2775
(anonymous) @ vendor-bundle.js:153

Currently, we only support the Aurelia-CLI. We probably will need to list our global resources in package.json to support Webpack.

Hi there, and thank you for this plugin.

Although I am getting compilation errors when running the cloned demo, I am able to get it to connect ot my token server and make api calls :)

Just wondering; is it possible to use the plugin and forward the application to the token server when the application starts?

Thanks again

Right now, the end user has to sign in once per browser window/tab, because the tokens are in session storage instead of local storage.

See: IdentityModel/oidc-client-js#49
See also: IdentityModel/oidc-client-js#116

Hi! First, thanks for this plugin, it works great!

In our new app we only allows authenticated users. That is, we dont need a login button. If the user is not logged in, the app should imediatly redirect to the STS (Identityserver).

What are the recommended way of doing this?

This is what we want to achive:

• As fast/early as possible, check for a already logged in user (Any helper methods for this?)
• If user is not logged in - redirect to STS
• If user is logged in - continue booting the app

Are there any build in functionality in the plugin to help with this?

After login/ logout the user ends up at a url that is not very nice. I added this in app.js, to remove the url

eventAggregator.subscribe('router:navigation:complete', response => {
            if (response.instruction.fragment.indexOf(oidcConfig.redirect_route) > -1) {
                history.pushState({}, "Welcome back", "");
            }
        });

But it would be a great enhancement if the app autoredirects to the correct url, or make it optional.

Everything is working except the redirect after logging in.

Here is my partial config.

export const oidcConfig = {
    loginRedirectModuleId: "**appmain**",
    logoutRedirectModuleId: "home",
    userManagerSettings: {
        // number of seconds in advance of access token expiry
        // to raise the access token expiring event
        accessTokenExpiringNotificationTime: 1,
        authority: environment.openidConfig.urls.authority,
        automaticSilentRenew: false, // true,
        //interval in milliseconds to check the user's session
        checkSessionInterval: 10000,
        client_id: environment.openidConfig.client_id,
        filterProtocolClaims: true,
        loadUserInfo: false,
        post_logout_redirect_uri: `${environment.openidConfig.urls.host}/signout-oidc`,
        redirect_uri: `${environment.openidConfig.urls.host}/signin-oidc`,

After signing in i get redirected correctly to
http://localhost:9000/signin-oidc#id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImEzck1VZ01Gdjl0UGNsTGE2eUYzekFrZnF1RSIsImtpZCI6ImEzck1VZ01Gdjl0UGNsTGE2eUYzekFrZnF1RSJ9.eyJpc3MiOiJodH.....

Aurelia gives me this error in on the appMain route.

Steps to reproduce:

1. git clone [email protected]:shaunluttin/aurelia-open-id-connect-demos.git
2. cd aurelia-app
3. npm install
4. npm run demo
5. Open a web browser to localhost:9000
6. Click log in and log in at the OpenID Connect provider.
7. Confirm that the redirect is to localhost:9000/private
8. Refresh the page.

Actual behavior:

The page refreshes to http://localhost:9000/signin-oidc#id_token=eyJ0eX....AiOiJ

Expected behavior:

The page refreshes to http://localhost:9000/private

I'm running into an an issue with webpack, it doesn't look like it's importing the HTML template too as it can't find open-id-connect-user-block, any ideas how to adjust the config?

After successful login/ logout, it might be nicer to redirect the user to the module designated in the configuration. Just a nice to have, or is it already possible?

• https://github.com/shaunluttin/aurelia-open-id-connect/blob/master/src/open-id-connect-routing.ts#L27-L59
• https://github.com/shaunluttin/aurelia-open-id-connect/blob/master/src/open-id-connect-navigation-strategies.ts#L15-L23

The problem with the logout route is that anybody can embed a hidden iframe pointing to this route, which would force a victim to log out without realizing it.

If you do that in a loop, this may result in a DOS as the victim would be permanently logged out.

Thank you @pinpointtownes

There is an error with circular dependencies that occurs when we change the order of imports. Fix this.

1. What are the added values of this add-in?
2. Can we not use that oidc library directly on top of Aurelia?

I ran into a possible issue but have a solution... I want dropped this into a production environment but in that case I don't deploy the whole folder, just the index.html an assets and the scripts folder.

Based on the instructions this means that some of the resources are missing, looking at the filepaths it's looking for them in the src folder so I adjusted the project.json to include all the resources explicitly (not sure if there is an easier way to do it.)

{
  "name": "aurelia-open-id-connect",
  "path": "../node_modules/aurelia-open-id-connect/dist/amd",
  "main": "index",
  "resources": [
    "open-id-connect-user-block.html",
    "open-id-connect-user-block.js",
    "open-id-connect-role-filter.js",
    "open-id-connect-authorize-step.js",
    "open-id-connect-configuration.js",
    "open-id-connect-logger.js",
    "open-id-connect-roles.js",
    "open-id-connect-routing.js",
    "open-id-connect.js"
  ]
},

I've been tracing this error all week and havent made much progress so I'm hoping you'll see something I dont. After a login redirect, the following happens:

1. Auth server redirects back to /signin-oidc as expected.
2. My root component begins to load (app.ts)
3. OpenIdConnectNavigationStrategies.signInRedirectCallback navigation strategy begins.
4. Within the aurelia router, something explodes. I believe it is on this line in evaluateNavigationStrategy. I see that instruction.config.moduleId is undefined.
5. The error below is thrown.
6. The page refreshes to redirect route specified in OpenIdConnectConfiguration.loginRedirectRoute.

ERROR [app-router] TypeError: Cannot read property 'trim' of undefined
ERROR [app-router] Router navigation failed, and no previous location or fallbackRoute could be restored.

So even though an error is thrown, things seem to be working as expected. Is this a known issue or is this a problem on my end?

I have attempted to clone your plugin to troubleshoot further but get the following error whenever I npm link to this project. This is new for me so I may not be doing it right. I am going to keep trying so if you have any insight into how you run the plugin locally to test within a consuming app I'd appreciate it. I think I've guessed the steps to build, run, and test but if you could document those as well it would be a huge help.

Error: Can't figure out a normalized module name for ./open-id-connect-user-block, please call PLATFORM.moduleName() somewhere to help.
    at Compilation.compilation.plugin.modules (C:\Code\myproject\node_modules\aurelia-webpack-plugin\dist\PreserveModuleNamePlugin.js:44:31)

Currently, the developer tools lists only JS files.

Ultimately, we would like to list the TypeScript files too and be able to step through these TypeScript files in the Chrome debugger:

1. application source files
2. library source files (i.e. from aurelia-open-id-connect)

Sorry to post this here but I currently don't know where to put this as close to this project as possible.

I have a default typescript/.NetCore Aurelia application and are running into the issue that the user-block, user-debug and navigation-filter files cannot be found. I followed the instructions on how to set it up, everything transpiles. But I cannot seem to find the reason why it would not find the files. I hope it is not .NetCore related.

http://localhost:9000/node_modules/aurelia-open-id-connect/dist/amd/open-id-connect-user-block.js 404

Would be great if you would have a hint for me about where I could look to solve this problem.

Best regards