[Request]: Synchronous way to load user data about oidc-client-js HOT 9 CLOSED

To follow up on this: I guess in order to load an already existing user, the store used by the UserManager should be localStorage. I've tried instantiating the UserManager like this:

const mgr = new UserManager({ /* ... */, userStore: window.localStorage});

This throws the following error:

Uncaught TypeError: this._userStore.get is not a function

How do I instantiate the manager correctly?

from oidc-client-js.

The userStore needs to implement this "interface": https://github.com/IdentityModel/oidc-client-js/blob/dev/src/WebStorageStateStore.js

If you want localStorage for it, then do this:

new UserManager({ /* ... */, userStore: new WebStorageStateStore({store:window.localStorage})})

from oidc-client-js.

As for the API being async, the idea was to allow any store (including indexedDb) thus the async API. Now that the API is async, it's hard to automatically try to load the user from the ctor. I guess we could try... but also we then have the possibility of the user being in 2 places -- storage and in-mem.

I'm happy to spend some more time thinking about it... thoughts?

from oidc-client-js.

For the instantiation I would prefer an API where you just have to pass in the store like I've tried above and then in the UserManager constructor have something like this:

if (userStore) {
    // check the passed in variable
    this._userStore = (userStore === window.localStorage || userStore === window.sessionStorage) ? new WebStorageStateStore({store:userStore}) : userStore;
} else {
    // the default
    this._userStore = new WebStorageStateStore({store: window.sessionStorage});
}

This makes it easier to use the API because I don't have to import WebStorageStateStore when trying to use the two standard storage types and still gives me the possibility to implement my own storage if I desire.

As for the asynchronous nature of the API: In order to be able to load an existing user in the first place, the UserManager needs to use local storage because it is the only synchronous way to load existing data in JavaScript (as far as I am aware at least). So it would be sufficient to have a function like loadUserSync() which returns the stored user when the user store is set to local storage and null if it isn't. When using the library I can then do someting like this:

const mgr = new UserManager({ userStore: localStorage });

const user = mgr.loadUserSync();

if (!user || user.expired) {
   // let the token callback manage the global variable
   mgr.redirectForLogin();
} else {
   // or set it here
   global.user = user;
}

I would then have to take care of updating the user objects returned from either the asnyc API or sync API myself.

from oidc-client-js.

This is starting to feel messy to me, with such type checking and special casing.

from oidc-client-js.

I guess this is a matter of perspective - I find implementing an interface for simply using local storage or session storage messy on the client side.

As for the asynchronous problem - I myself have found a way to keep the async nature of this in check, but only because I am currently using local storage whose interactions are synchronous. I guess someone using other ways of loading data might feel the delay, but I see no other way around it other then my suggestion, JavaScript simply doesn't support anything better than this...

from oidc-client-js.

Also, just a FYI - I changed the default for user storage to be session (from local) because of security and user personal info concerns. I'd suggest thinking about persistent user info for your user's data and if that's really the right thing for your app/users/requirements.

from oidc-client-js.

I find implementing an interface for simply using local storage or session storage messy on the client side.

Well, it's localStorage, sessionStorage, or indexedDb -- so that's why an abstraction was needed that's also async.

For the user, I felt it made more sense for the consuming app to manage the in-mem variable since the framework would have a hard time knowing when the store was updated. We don't want the two values out of sync.

from oidc-client-js.

Everything works fine for me when using the current approach. I'm closing this since it isn't really an issue for me anymore and I understand your thoughts behind it as well as the reasoning for the current API being the way it is. Thank you for your thoughts!

from oidc-client-js.