Skip to content

How to handle authentication when user is offline using Angular PWA? #545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jalchr opened this issue Apr 19, 2019 · 4 comments
Open

How to handle authentication when user is offline using Angular PWA? #545

jalchr opened this issue Apr 19, 2019 · 4 comments
Labels
feature-request Improvements and additions to the library.

Comments

@jalchr
Copy link

jalchr commented Apr 19, 2019

This question is posted on Stack OverFlow
I have an angular application with PWA. My main concern is to allow the user to use the app while offline without internet connection. The question is: how can I accomplish that with IdentityServer and OIDC ? I'm considering the following solution: Assuming I have a valid "Refresh Token", then as long as the internet connection is offline, I would consider the user as still authenticated. Of course, this means the user has already logged in while "online".
If I have a Refresh Token, then I can assume I have "valid" credentials. As long as I'm still "disconnected" from the internet (which could be for hours) , and there is no way to "reevaluate" the validity, I can assume I'm "OKAY". When connection is back, and before submitting all data changes, I'll use the refresh token to request a new "access token" and resume work normally. The question is, does angular-oauth2-oidc library has any built in support for such functionality, or it just works on "expiry dates" and timers .

Any suggestions for handling "login" while still "offline". For example, Windows OS uses some kind of "local storage" to authentication users, even while they have no internet connection. Any suggestions, appreciated
@jalchr
Copy link
Author

jalchr commented Apr 19, 2019

Once the IdentityServer is unreachable, due to "Offline" or other issues, I noticed the following:
Screen Shot 2019-04-19 at 2 33 08 PM

Tracing back to this line of code:
Screen Shot 2019-04-19 at 2 33 24 PM

Due to the 'src' is unreachable, the iframe creation fails and hence to the whole "silent refresh" process. When back online, the silent refresh process can't detect that by itself.

@jalchr jalchr mentioned this issue May 2, 2019
Closed
@jeroenheijmans
Copy link
Collaborator

This seems like a bug/omission to me. To summarize/paraphrase the bug:

If the app loads while the IDS is unreachable, the setup of silent refresh (e.g. creating the iframe) will fail because the page in the hidden iframe can't be loaded, and the app will never recover from this.

A solution would be for the library to check for load failures in the iframe, and possibly retry (or publish an event about the failure, and allow the user of the library to choose when to retry).

@jalchr
Copy link
Author

jalchr commented May 17, 2019

Yes, a retry mechanism is needed.

@jeroenheijmans jeroenheijmans added the feature-request Improvements and additions to the library. label Aug 4, 2019
@dome4
Copy link

dome4 commented Feb 25, 2021

Have there been any updates on this? Would be a helpful feature 😃

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request Improvements and additions to the library.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jalchr @jeroenheijmans @dome4