Missing Access Token when I refresh

maurivilar · May 20, 2019, 10:11pm

The login works well, but when i refresh the page it logouts.

I added in Auth0 Configuration: http://localhost:4200 on Allowed Web Origins

export class AppComponent implements OnInit {
 
  
  constructor(public auth: AuthService) {
    auth.handleAuthentication();
  }

  ngOnInit() {
    if (this.auth.isAuthenticated()) {
      this.auth.renewTokens();
    }
  }

}

It does not show any error message. I´ve put console.log in the functions of renew token or logout and it does not enter.

 public renewTokens(): void {
    console.log("adios3");
    this.auth0.checkSession({}, (err, authResult) => {
      if (authResult && authResult.accessToken && authResult.idToken) {
        this.localLogin(authResult);
      } else if (err) {
        alert(`Could not get a new token (${err.error}: ${err.error_description}).`);
        this.logout();
      }
    });
  }

  public logout(): void {
    // Remove tokens and expiry time
    console.log("adios1");
    this._accessToken = '';
    this._idToken = '';
    this._expiresAt = 0;
    
    this.auth0.logout({
      returnTo: window.location.origin
    });
  }

  public isAuthenticated(): boolean {
    console.log("adios4");
    // Check whether the current time is past the
    // access token's expiry time
    return this._accessToken && Date.now() < this._expiresAt;
  }

James.Morrison · May 21, 2019, 2:48pm

Good morning @maurivilar! This may be the result of how you are storing your access token. When you get a moment can you reproduce this workflow for me while capturing a HAR file for us and direct message it over to me along with your tenant name? Please be sure to select “Preserve log” to catch redirects and scrub the file of user passwords before passing it over, thanks in advance!

James.Morrison · May 29, 2019, 8:54pm

I wanted to follow up @maurivilar and spent sometime looking over the HAR file with our team. It appears you are using Google Developer keys which should not be used in your application. Dev keys should only be used for testing initial authentication workflow on an application. Due to this being a frequently challenged face, I will move in crafting a FAQ about this subject to help out future adventurers who run across this hurdle. Please update your keys for Google (It’s free) and let us know if you are still running into any issues, thanks!

https://auth0.com/docs/connections/social/google#1-set-up-your-app-in-google

James.Morrison · June 13, 2019, 12:54am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.