Open Closed

Angular UI Bug: Error Refreshing Token, Wrong State/Nonce #2988


0
jackmcelhinney created
  • ABP Framework version: v5.0.1
  • UI type: Angular (Authorization Code Flow)
  • DB provider: EF Core
  • Identity Server Separated (Angular): yes

Occasionally when visiting the app after the credentials expire, we get Error refreshing token in the console. The app then immediately navigates to the login page. After entering credentials, verifying with two factor, and redirecting to the Angular home page, the user is still not logged in. They click login again and must enter credentials and two factor again, and then they are logged in.

Here is the console throughout this flow when this happens:

Any suggestions for a workaround for this?


5 Answer(s)
  • 0
    gterdem created
    Support Team

    Can you give information about the AccessTokenLifetime and the refresh token AbsoluteRefreshTokenLifetime?

    Also if it's on public, can you create/share a demo user for us that we can test on your environment?

  • 0
    jackmcelhinney created

    Our app is not currently public, but I've included the information below. Let me know if there's anything else that could be helpful.

    IdentityTokenLifetime: 300
    AccessTokenLifetime: 3600
    AuthorizationCodeLifetime: 300
    AbsoluteRefreshTokenLifetime: 608400
    SlidingRefreshTokenLifetime: 304200
    

    Here is our environment.ts in case that helps as well:

  • 0
    gterdem created
    Support Team

    I couldn't reproduce this problem on my local testing. It is hard to diagnose if it is about the oauth2 library or the oidc configuration with just the browser console log.

    Since you get access token validation error, it may be related to the configuration skipIssuerCheck: true.

    Can you remove this configuration and see if it works?

  • 0
    jackmcelhinney created

    Thanks for the suggestion. I have removed the skipIssuerCheck: true. I'm still not sure what causes this error to happen so I'll watch it the next few days and will let you know if it happens again.

  • 0
    albert created
    Support Team

    thanks for the feedback. let us know the result after observing it.