Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No given access token from getUserSession on automatic refresh #84

Open
Siilwyn opened this issue Oct 29, 2024 · 4 comments
Open

No given access token from getUserSession on automatic refresh #84

Siilwyn opened this issue Oct 29, 2024 · 4 comments
Labels
question Further information is requested waiting for feedback

Comments

@Siilwyn
Copy link

Siilwyn commented Oct 29, 2024
edited
Loading

Using getUserSession with exposeAccessToken: true configured server-side to fetch the current session: When the session is refreshed the returned session data is missing the access token.

It seems that the function returns early before exposing the access token:

nuxt-oidc-auth/src/runtime/server/utils/session.ts

Lines 159 to 162 in 1c41ec6

if (providerSessionConfigs[provider].automaticRefresh) {
await refreshUserSession(event)
return userSession
}

Tried two workarounds which both have issues, not sure if I'm missing something:

  1. If there is no access token, wait for a second & call getUserSession which seems to work inconsistently.
  2. Manually refresh the token with refreshUserSession, this seems to return the previous access token.

Using Auth0 with authenticationScheme: "body"
@Flou21
Copy link

Flou21 commented Nov 10, 2024

i have the same problem with keycloak, would be really good if someone could fix it

Flou21 added a commit to Flou21/nuxt-oidc-auth that referenced this issue Nov 11, 2024
@Flou21
expose tokens on refresh
0425da5 
fixes itpropro#84
@Flou21 Flou21 mentioned this issue Nov 11, 2024
Closed
@itpropro
Copy link
Owner

itpropro commented Jan 6, 2025

I was not able to reproduce this with the example Auth0 config from the docs and beta3. Can you please provide a reproduction or full config?

@itpropro itpropro added question Further information is requested waiting for feedback labels Jan 6, 2025
@arajkovic22
Copy link

arajkovic22 commented Jan 17, 2025
edited
Loading

I've got the same issue with Zitadel provider. Also automaticRefresh is not wroking for me but I managed to make a custom refresh logic within app.vue onBeforeMount
<script setup lang="ts"> const { user, refresh, fetch, logout } = useOidcAuth(); onBeforeMount(() => { const currentTime = Math.floor(Date.now() / 1000); console.log(user.value?.accessToken); console.log(JSON.stringify(user.value)); console.log( Expire at: ${user.value?.expireAt}, Current time: ${currentTime}`
);
if (user.value?.expireAt! <= currentTime) {
if (user.value?.canRefresh) {
console.warn('Token expired, refreshing!');
refresh();
} else {
console.warn('Token expired and can not be refreshed, logging out!');
logout();
}
} else {
console.log('Token is still valid');
}

fetch();
});
</script>`
But the issue is that even tho timestamps are updated I do not get accesToken in my user object again.
for example:
console log for access token is undefined
While other logs are
Expire at: 1737119169, Current time: 1737105782
app.vue:27 Token is still valid
I can not provide whole user.value here because data is sensitive.
P.S. using version 1.0.0v3beta

@itpropro
Copy link
Owner

Although I was not 100% able to reproduce your issues, but a lot of session and refresh related things were fixed with beta 4, please try that and give some feedback on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested waiting for feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

expose tokens on refresh Flou21/nuxt-oidc-auth
4 participants
@Siilwyn @itpropro @Flou21 @arajkovic22