Client Side OAUTH with Token Refresh #82
Conversation
| @@ -531,6 +535,7 @@ | |||
| const _host = "<%= host %>"; | |||
| const _fabricApiUrl = "<%= fabricApiUrl %>"; | |||
| const _firebaseConfig = <%- firebaseConfig %>; | |||
| const _oauth_config = <%- oauthConfig %>; | |||
There was a problem hiding this comment.
We are not using it anywhere on the client side, are we?
The same goes for _token?
There was a problem hiding this comment.
We need to authConfig to initialize the oicd instance.
There was a problem hiding this comment.
Oh yeah, I saw the _oauth_config usage. We need to remove only the _token.
| } | ||
| req.session.token = accessToken |
There was a problem hiding this comment.
If the token is being accessed using oidc:
const _token = (await window.UserManager.getUser())?.access_tokenWe probably no longer need to maintain the session on our side.
| } | ||
| req.session.token = accessToken |
There was a problem hiding this comment.
If the token is being accessed using oidc:
const _token = (await window.UserManager.getUser())?.access_tokenWe probably no longer need to maintain the session on our side.
There was a problem hiding this comment.
Or do we? I am thinking... ..we need to check this.
There was a problem hiding this comment.
Yes, we shouldn't
There was a problem hiding this comment.
Can we remove it then, please?
Execute the OAUTH authentication via the client side using https://github.com/authts/oidc-client-ts
The same lib is suggested in the SDK documentation.