Getting silent_refresh_timeout right after "Content Security Policy" violation for "frame-ancestors 'none'" about sample-angular-oauth2-oidc-with-auth-guards HOT 5 CLOSED

Silent refresh is a mechanism that relies on loading your Identity Server's pages in an (hidden) iframe. The error message suggests that your chosen type of OpenID server does not support that. Not really something that we can change in the code of this sample repository to help with that, I'm afraid.

from sample-angular-oauth2-oidc-with-auth-guards.

Hmm that's strange because I just updated on a new version of a Identity Server 4 and I got this errors. On the old version of IDP was all good..

from sample-angular-oauth2-oidc-with-auth-guards.

Hmm if the upgrade of your IDS started this thing, I recommend asking on their related community or support forum.

Either here or there, to be able to help, folks would need you to provide a way to reproduce your situation. Just code of the a config file might not be enough.

As for this repo: it's just a sample implementation, and mostly just one person (me) answering all questions. If you think there's a bug in the sample I'm happy to help, but my time might be too limited for more situational implementation issues. Hope that makes sense?

from sample-angular-oauth2-oidc-with-auth-guards.

So can may be I can use Refresh Tokens instead a Silent Refresh? This will work with your implementation? Thanks for the answers.

from sample-angular-oauth2-oidc-with-auth-guards.

Haven't recently tried it but with minor adjustments it should also work with refresh tokens, assuming your IDS supports them. If you run into trouble (that's not related to a bug in this repo's code, but implementation wise), I recommend trying something like Stack Overflow or the support forums of your IDS. Good luck!

from sample-angular-oauth2-oidc-with-auth-guards.