Kicks me out a second after logging in about sample-angular-oauth2-oidc-with-auth-guards HOT 5 CLOSED

(But lots of thanks for this nice sample application, it's very useful for learning and understanding :) )

from sample-angular-oauth2-oidc-with-auth-guards.

Update/Solved:

This seems to be caused by uBlock Origin in my Firefox. I'll try to find out some more details about it.

from sample-angular-oauth2-oidc-with-auth-guards.

Thanks for sharing the root cause, that might help others find this issue and a solution!

I'll close the issue but feel free to add any other details for others to find.

from sample-angular-oauth2-oidc-with-auth-guards.

Hi,

I could not find out what uBlock Origin blocks exactly to break this mechanism, but it's easy reproducible that it does. It does not show anything blocked in the overview and the network request protocol.

I also noticed that enabling the "Enhanced Tacking Protection" in Firefox also breaks the silent refresh in the same way.

It seems to me that this refresh mechanism with the hidden iframe is likely to be blocked by anti tracking tools, so this mechanism is not very safe to use as it might not work for many users? Do you have any opinion on that?

Regards,
Sven

from sample-angular-oauth2-oidc-with-auth-guards.

Glad to hear the sample is useful!

The third party cookie blockades are certainly something that messes with the iframe-based silent refresh mechanism. You can read my "SPA Necromancy" blogpost for extensive details, or a smaller version in the repo's readme.

from sample-angular-oauth2-oidc-with-auth-guards.