Description
Describe the bug
When I already had a successful http request and I set my device to (hibernate | sleep | shutdown) mode then I went back again to the web-app which I didn't close and make another http request, the token that is being sent to the api is not valid always. As a result, I got 401 every time and I have to reload the page to get a valid token from my IDp. Is there a proper way to handle it like via interceptor?
To Reproduce
Steps to reproduce the behavior:
- Go to the web-app and do some http call
- Shutdown or sleep or hibernate your device like an hour or less
- Go back to the web-app and do another http call
- IDp (Azure B2C) in my case returns "token_refresh_error" and as a result, the http request is always 401 unauthorized
Expected behavior
The incoming request after being idle for few hours should be valid and must be renew first before the actual http call since I provided the "allowedUrls" from the forRoot and enabled sendAcessToken.
Desktop (please complete the following information):
- OS: any
- Browser: any
- Version: Latest
Additional context
The provided scope are:
openid b2cClientIdoidc: truestrictDiscoveryDocumentValidation: false
In my APP_INITIALIZER, the steps I have are the ff:
- Load discovery document and tryLogin()
- Check if
hasValidAccessToken. If true, I invokesetupAutomaticSilentRefresh()then resolve the Promise. - When false, I invoke
initCodeFlowthen reject the Promise