fix(oidc): refresh silent signin scope=null (release) (#1503)

Author: guillaume-chervet

packages/oidc-client/src/keepSession.ts

@@ -30,7 +30,12 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => {
         oidc.tokens = tokens;
         const getLoginParams = serviceWorker.getLoginParams(oidc.configurationName);
         // @ts-ignore
-        oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras);
+        oidc.timeoutId = autoRenewTokens(
+          oidc,
+          oidc.tokens.expiresAt,
+          getLoginParams.extras,
+          getLoginParams.scope,
+        );
         const sessionState = await serviceWorker.getSessionStateAsync();
         // @ts-ignore
         await oidc.startCheckSessionAsync(
@@ -64,7 +69,12 @@ export const tryKeepSessionAsync = async (oidc: Oidc) => {
         oidc.tokens = setTokens(tokens, null, configuration.token_renew_mode);
         const getLoginParams = session.getLoginParams();
         // @ts-ignore
-        oidc.timeoutId = autoRenewTokens(oidc, oidc.tokens.expiresAt, getLoginParams.extras);
+        oidc.timeoutId = autoRenewTokens(
+          oidc,
+          oidc.tokens.expiresAt,
+          getLoginParams.extras,
+          getLoginParams.scope,
+        );
         const sessionState = await session.getSessionStateAsync();
         // @ts-ignore
         await oidc.startCheckSessionAsync(

packages/oidc-client/src/login.ts

@@ -63,14 +63,14 @@ export const defaultLoginAsync =
         );
         let storage;
         if (serviceWorker) {
-          serviceWorker.setLoginParams({ callbackPath: url, extras: originExtras });
+          serviceWorker.setLoginParams({ callbackPath: url, extras: originExtras, scope: scope });
           await serviceWorker.initAsync(oidcServerConfiguration, 'loginAsync', configuration);
           await serviceWorker.setNonceAsync(nonce);
           serviceWorker.startKeepAliveServiceWorker();
           storage = serviceWorker;
         } else {
           const session = initSession(configurationName, configuration.storage ?? sessionStorage);
-          session.setLoginParams({ callbackPath: url, extras: originExtras });
+          session.setLoginParams({ callbackPath: url, extras: originExtras, scope: scope });
           await session.setNonceAsync(nonce);
           storage = session;
         }
@@ -139,24 +139,24 @@ export const loginCallbackAsync =
         storage = session;
       }
 
-      const params = getParseQueryStringFromLocation(href);
-
-      if (params.error || params.error_description) {
-        throw new Error(`Error from OIDC server: ${params.error} - ${params.error_description}`);
+      if (queryParams.error || queryParams.error_description) {
+        throw new Error(
+          `Error from OIDC server: ${queryParams.error} - ${queryParams.error_description}`,
+        );
       }
 
-      if (params.iss && params.iss !== oidcServerConfiguration.issuer) {
+      if (queryParams.iss && queryParams.iss !== oidcServerConfiguration.issuer) {
         console.error();
         throw new Error(
-          `Issuer not valid (expected: ${oidcServerConfiguration.issuer}, received: ${params.iss})`,
+          `Issuer not valid (expected: ${oidcServerConfiguration.issuer}, received: ${queryParams.iss})`,
         );
       }
-      if (params.state && params.state !== state) {
-        throw new Error(`State not valid (expected: ${state}, received: ${params.state})`);
+      if (queryParams.state && queryParams.state !== state) {
+        throw new Error(`State not valid (expected: ${state}, received: ${queryParams.state})`);
       }
 
       const data = {
-        code: params.code,
+        code: queryParams.code,
         grant_type: 'authorization_code',
         client_id: configuration.client_id,
         redirect_uri: redirectUri,
@@ -269,6 +269,8 @@ export const loginCallbackAsync =
         tokens: formattedTokens,
         state: 'request.state',
         callbackPath: loginParams.callbackPath,
+        scope: queryParams.scope,
+        extras: loginParams.extras,
       };
     } catch (exception) {
       console.error(exception);

packages/oidc-client/src/oidc.ts

@@ -73,12 +73,15 @@ export type LoginCallback = {
 
 export type InternalLoginCallback = {
   callbackPath: string;
+  state: string;
   parsedTokens: Tokens;
+  scope: string;
+  extras: StringMap;
 };
 
 const loginCallbackWithAutoTokensRenewAsync = async (oidc): Promise<LoginCallback> => {
-  const { parsedTokens, callbackPath } = await oidc.loginCallbackAsync();
-  oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.expiresAt);
+  const { parsedTokens, callbackPath, extras, scope } = await oidc.loginCallbackAsync();
+  oidc.timeoutId = autoRenewTokens(oidc, parsedTokens.expiresAt, extras, scope);
   return { callbackPath };
 };
 
@@ -355,7 +358,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
         await this.userInfoAsync();
       }
       // @ts-ignore
-      return { parsedTokens, state: response.state, callbackPath: response.callbackPath };
+      return {
+        parsedTokens,
+        state: response.state,
+        callbackPath: response.callbackPath,
+        scope: response.scope,
+        extras: response.extras,
+      };
     };
     this.loginCallbackPromise = loginCallbackLocalAsync();
     return this.loginCallbackPromise.finally(() => {
@@ -427,6 +436,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
     }
     timer.clearTimeout(this.timeoutId);
     // @ts-ignore
+
     this.renewTokensPromise = renewTokensAndStartTimerAsync(this, true, extras, scope);
     return this.renewTokensPromise.finally(() => {
       this.renewTokensPromise = null;

packages/oidc-client/src/silentLogin.ts

@@ -25,7 +25,6 @@ export const _silentLoginAsync =
     if (!configuration.silent_redirect_uri || !configuration.silent_login_uri) {
       return Promise.resolve(null);
     }
-
     try {
       publishEvent(eventNames.silentLoginAsync_begin, {});
       let queries = '';