You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
In the oauth-service.ts the fetchAndProcessToken method throws token_refresh_error when running into an error.
Stackblitz example
Not applicable
To Reproduce
Not applicable
Expected behavior
I would expect to get a token_refresh_error when the token refresh fails, and I would expect to get a token_error when there's an error getting the token initially.
The issue we're running into is that when the Id server doesn't return a token at all, we cannot differenciate between a token error and a refresh token error. When the id server doesn't return a token, we want to display a 401 page, meaning the user cannot access the service and has to be stopped. If it's just a token refresh error, the user can be put back into the login flow. If this distinction cannot be made, we have to sent the user to the 401 in any of those cases. This is annoying for the user as he loses his current working url and gets presented with a 401 page he has to back navigate from (in the best case).
Desktop (please complete the following information):
not applicable
Additional context
I will provide a pull request with this bug report. Please let me know if there is a good reason for throwing a token_refresh_error in the initial code flow request.
The text was updated successfully, but these errors were encountered:
Describe the bug
In the oauth-service.ts the fetchAndProcessToken method throws token_refresh_error when running into an error.
Stackblitz example
Not applicable
To Reproduce
Not applicable
Expected behavior
I would expect to get a token_refresh_error when the token refresh fails, and I would expect to get a token_error when there's an error getting the token initially.
The issue we're running into is that when the Id server doesn't return a token at all, we cannot differenciate between a token error and a refresh token error. When the id server doesn't return a token, we want to display a 401 page, meaning the user cannot access the service and has to be stopped. If it's just a token refresh error, the user can be put back into the login flow. If this distinction cannot be made, we have to sent the user to the 401 in any of those cases. This is annoying for the user as he loses his current working url and gets presented with a 401 page he has to back navigate from (in the best case).
Desktop (please complete the following information):
not applicable
Additional context
I will provide a pull request with this bug report. Please let me know if there is a good reason for throwing a token_refresh_error in the initial code flow request.
The text was updated successfully, but these errors were encountered: