Comments (9)
To follow up on this: I guess in order to load an already existing user, the store used by the UserManager
should be localStorage
. I've tried instantiating the UserManager
like this:
const mgr = new UserManager({ /* ... */, userStore: window.localStorage});
This throws the following error:
Uncaught TypeError: this._userStore.get is not a function
How do I instantiate the manager correctly?
from oidc-client-js.
The userStore
needs to implement this "interface": https://github.com/IdentityModel/oidc-client-js/blob/dev/src/WebStorageStateStore.js
If you want localStorage for it, then do this:
new UserManager({ /* ... */, userStore: new WebStorageStateStore({store:window.localStorage})})
from oidc-client-js.
As for the API being async, the idea was to allow any store (including indexedDb) thus the async API. Now that the API is async, it's hard to automatically try to load the user from the ctor. I guess we could try... but also we then have the possibility of the user being in 2 places -- storage and in-mem.
I'm happy to spend some more time thinking about it... thoughts?
from oidc-client-js.
For the instantiation I would prefer an API where you just have to pass in the store like I've tried above and then in the UserManager
constructor have something like this:
if (userStore) {
// check the passed in variable
this._userStore = (userStore === window.localStorage || userStore === window.sessionStorage) ? new WebStorageStateStore({store:userStore}) : userStore;
} else {
// the default
this._userStore = new WebStorageStateStore({store: window.sessionStorage});
}
This makes it easier to use the API because I don't have to import WebStorageStateStore
when trying to use the two standard storage types and still gives me the possibility to implement my own storage if I desire.
As for the asynchronous nature of the API: In order to be able to load an existing user in the first place, the UserManager
needs to use local storage because it is the only synchronous way to load existing data in JavaScript (as far as I am aware at least). So it would be sufficient to have a function like loadUserSync()
which returns the stored user when the user store is set to local storage and null
if it isn't. When using the library I can then do someting like this:
const mgr = new UserManager({ userStore: localStorage });
const user = mgr.loadUserSync();
if (!user || user.expired) {
// let the token callback manage the global variable
mgr.redirectForLogin();
} else {
// or set it here
global.user = user;
}
I would then have to take care of updating the user objects returned from either the asnyc API or sync API myself.
from oidc-client-js.
This is starting to feel messy to me, with such type checking and special casing.
from oidc-client-js.
I guess this is a matter of perspective - I find implementing an interface for simply using local storage or session storage messy on the client side.
As for the asynchronous problem - I myself have found a way to keep the async nature of this in check, but only because I am currently using local storage whose interactions are synchronous. I guess someone using other ways of loading data might feel the delay, but I see no other way around it other then my suggestion, JavaScript simply doesn't support anything better than this...
from oidc-client-js.
Also, just a FYI - I changed the default for user storage to be session (from local) because of security and user personal info concerns. I'd suggest thinking about persistent user info for your user's data and if that's really the right thing for your app/users/requirements.
from oidc-client-js.
I find implementing an interface for simply using local storage or session storage messy on the client side.
Well, it's localStorage, sessionStorage, or indexedDb -- so that's why an abstraction was needed that's also async.
For the user, I felt it made more sense for the consuming app to manage the in-mem variable since the framework would have a hard time knowing when the store was updated. We don't want the two values out of sync.
from oidc-client-js.
Everything works fine for me when using the current approach. I'm closing this since it isn't really an issue for me anymore and I understand your thoughts behind it as well as the reasoning for the current API being the way it is. Thank you for your thoughts!
from oidc-client-js.
Related Issues (20)
- Add usePkce flag to allow authorization_code flow without PKCE HOT 4
- Redirect the user back after a signout followed by a signin? HOT 1
- Support for Code Flow PKCE with Refresh tokens HOT 12
- UserManager.signinRedirect() returns a resolved promise even when the redirection isn't finalized HOT 2
- Latest version appears vulnerable to CVE-2021-30246 HOT 8
- Default storage mechanism not working HOT 2
- Call oauth token endpoint with http GET instead of POST HOT 1
- Claims with uri as a key returned as array HOT 3
- index.d.ts - Type definitions fΓΌr Global class are missing HOT 1
- Metadata: How to handle key rotation by AD admin HOT 3
- Possibility to use with SAML 2.0 Bearer Profile HOT 1
- Issue with B2C when an accessToken AND idToken is present - accessToken does not contain userinfo_endpoint
- Cookies deleted but the tokens are still in Local Storage HOT 4
- Logout with POST method instead of GET HOT 2
- Path `id_token_hint` is longer than the maximum allowed length (50). HOT 3
- Slient renew openid-configuration is being canceled
- Help needed on , STS logout then silent renew force to sign in
- Looking for a new maintainer HOT 3
- Bearer token type casing? HOT 2
- login_required error in web browser console when calling `signinRedirectCallback`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oidc-client-js.