Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuthService hasValidAccessToken always returns true even if the access token expires #1266

Closed
MUsman1992 opened this issue Oct 4, 2022 · 4 comments
Closed

OAuthService hasValidAccessToken always returns true even if the access token expires #1266

MUsman1992 opened this issue Oct 4, 2022 · 4 comments
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.

Comments

@MUsman1992
Copy link

Describe the bug
I am calling the OAuthService hasValidAccessToken method in the Angular but this mehod returns true even after the access token expires. I have also attached the code:

import { Injectable } from '@angular/core';
import { ActivatedRouteSnapshot, CanActivate, CanActivateChild, CanLoad, Route, RouterStateSnapshot, UrlSegment } from '@angular/router';
import { OAuthService } from 'angular-oauth2-oidc';

@Injectable({
  providedIn: 'root'
})
export class HasValidTokenGuard implements CanLoad, CanActivate, CanActivateChild {
  constructor(
    private authService: OAuthService,
  ) { }

  canLoad(route: Route, segments: UrlSegment[]) {
    return this.hasValidToken();
  }

  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
    return this.hasValidToken();
  }

  canActivateChild(_route: ActivatedRouteSnapshot, _state: RouterStateSnapshot): boolean {
    console.log("inside canActivateChild method of HasValidTokenGuard ... ");
    console.log(this.authService.hasValidAccessToken());
    return this.authService.hasValidAccessToken();
  }

  private hasValidToken(): boolean {
    return this.authService.hasValidAccessToken();
  }


}

Expected behavior
hasValidAccessToken should return false and the Angular application should not naviagate to the URL.

Actual behavior
hasValidAccessToken always returns true even if the code expires and the Angular application naviagates to the URL.
@jeroenheijmans jeroenheijmans added bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more. labels Oct 4, 2022
@jeroenheijmans
Copy link
Collaborator

Could this be a duplicate of #1214 and/or #1135?

@MUsman1992
Copy link
Author

Hi @jeroenheijmans Well, the above issues you have mentioned seem like this issue but what I have noticed is that tokens never expire. For my tokens, the expiry time is 5 minutes and even after 5 minutes, OAuthService hasValidAccessToken was returning true always so in my case tokens never expired.

@manfredsteyer
Copy link
Owner

This might be b/c of the default value for the clockSkew

@manfredsteyer
Copy link
Owner

Feel free to reopen this issue if I'm wrong here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manfredsteyer @jeroenheijmans @MUsman1992