You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please provide a link to a minimal reproduction of the bug
No response
Please provide the exception or error you saw
After logging in using a custom Dotnet authorization server that implements Openiddict and using the angular-auth-oidc-client package version 17, I encountered a continuous loop issue during token refresh. The token refresh enters into a loop of calls to connect/token, with each call being canceled and replaced by another call. This loop eventually ends with an "Invalid grant" error. This causes 100% CPU utilization in the authorization server, leading to the application being slow overall.
Operating System: Windows
Angular Version: Version 17
Package Configuration:
authority: ********,
redirectUrl: window.location.origin,
postLogoutRedirectUri: window.location.origin,
clientId: ********,
scope: ********,
responseType: 'code',
silentRenew: true,
renewTimeBeforeTokenExpiresInSeconds: 120,
useRefreshToken: true,
logLevel: LogLevel.Debug,
ignoreNonceAfterRefresh: true,
Server Environment:
Dotnet Version=8.0.0
Microsoft.AspNetCore.OpenApi Version=8.0.0
Microsoft.EntityFrameworkCore.Design Version=8.0.0
Microsoft.AspNetCore.Authentication.Google Version=8.0.0
Microsoft.AspNetCore.Authentication.OpenIdConnect Version=8.0.0
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore Version=8.0.0
Microsoft.AspNetCore.Identity.EntityFrameworkCore Version=8.0.0
Microsoft.AspNetCore.Identity.UI Version=8.0.0
Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation Version=8.0.0
Microsoft.EntityFrameworkCore.SqlServer Version=8.0.0
Microsoft.EntityFrameworkCore.Tools Version=8.0.0
OpenIddict.AspNetCore Version=4.9.0
OpenIddict.EntityFrameworkCore Version=4.9.0
OpenIddict.Quartz Version=4.9.0
Quartz.Extensions.Hosting Version=3.8.0
Steps to reproduce the behavior
1. Log in to the application using the custom Dotnet authorization server.
2. Wait until either the ID token or the access token expires.
3. The application attempts to refresh the token by calling the endpoint connect/token.
4. Observe that after a few successful silent refresh calls, the refresh call starts to fail, leading to a
continuous loop of calls to connect/token.
5. Eventually, the final call fails with an error message stating "Invalid grant."
This error mostly occurs when the application is idle for long time.
Application source code - https://github.com/JoelDennyJoseph/AuthTestApp
A clear and concise description of what you expected to happen.
The token refresh should occur smoothly without entering into a continuous loop, and there should be no "Invalid grant" error.
Additional context
The text was updated successfully, but these errors were encountered:
Version
^17.0.0
Please provide a link to a minimal reproduction of the bug
No response
Please provide the exception or error you saw
Steps to reproduce the behavior
A clear and concise description of what you expected to happen.
Additional context
The text was updated successfully, but these errors were encountered: