Skip to content

Event type 'received_first_token' is never fired #564

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nhumblot opened this issue Jun 5, 2019 · 1 comment
Closed

Event type 'received_first_token' is never fired #564

nhumblot opened this issue Jun 5, 2019 · 1 comment
Labels
bug For tagging faulty or unexpected behavior.

Comments

@nhumblot
Copy link
Contributor

nhumblot commented Jun 5, 2019
edited
Loading

Hello,

On master branch, projects\lib\src\events.ts references a received_first_token event type.

By searching into the code, it looks like there is no place where this event is fired.

Should this event type be removed or should it be implemented?

Personally, I think it can be a useful addition, especially for preserving state.

If it needs to be implemented, what would be the business rule to implement? I'm not sure about that.

By looking at the OpenId Connect specification, the id_token is required in a successful implicit flow response, the access_token is not returned if response_type value used is id_token.

We can set oidc to false and not use OpenId Connect, then only an access_token is received.

For the password flow, we never receive an id_token but we receive an access_token.

Maybe we could go with this?

Feature: received_first_token

Scenario: trigger one received_first_token event when an access_token is received with oidc mode off
    Given no id_token and no access_token is present in the OAuthStorage
    And oidc is false
    And requestAccessToken is true
    And there is an access_token is the hash fragment
    And there is a valid nonce in state
    When tryLogin
    Then one 'received_first_token' event is triggered

Scenario: trigger one received_first_token event when an id_token is received using implicit flow
    Given no id_token and no access_token is present in the OAuthStorage
    And oidc is true
    And requestAccessToken is false
    And there is an id_token is the hash fragment
    And there is a valid nonce in state
    When tryLogin
    Then one 'received_first_token' event is triggered

Scenario: trigger one received_first_token event when an access_token and an id_token are received using implicit flow
    Given no id_token and no access_token is present in the OAuthStorage
    And oidc is true
    And requestAccessToken is true
    And there is an access_token is the hash fragment
    And there is an id_token is the hash fragment
    And there is a valid nonce in state
    When tryLogin
    Then one 'received_first_token' event is triggered

Scenario: trigger one received_first_token event when access_token is received using password flow
    Given no id_token and no access_token is present in the OAuthStorage
    And a userName
    And a password
    When token is fetched successfully using password flow with userName and password
    Then one 'received_first_token' event is triggered

Whatever solution is chosen (remove or implement), I'm volunteer to work on the chosen solution if allowed. 🙂

Kind regards.
@jeroenheijmans jeroenheijmans added the bug For tagging faulty or unexpected behavior. label Aug 4, 2019
@manfredsteyer
Copy link
Owner

Thanks for pointing us to this. I've removed the event, b/c a consumer can create sth like this very easily using RxJS with filter(...) and first().

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manfredsteyer @jeroenheijmans @nhumblot