-
Notifications
You must be signed in to change notification settings - Fork 240
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example of using 0Auth provider such as Google #23
Comments
Ah interesting. I think there are a few different ways you could approach this. Here's a couple of spitballing ideas that might work. I think some of these might be useful not just in an OAuth approach but also any token system where you want to refresh manually on the client instead of letting it expire and redirecting the user back to login. Push token refresh to actions One approach would be to make the tokens/refresh completely hidden from the authentication/authorization wrapper. Essentially the flow would be to store the user data from the OAuth request in the store after making the OAuth request and for the AuthWrapper to use this as the decision point for allowing users. Then you write a job to refresh the tokens when they expire, using redux-thunk middleware & setTimeout or a more elegant solution might include redux-saga. This approach has the benefit of your auth wrapper having no knowledge about an OAuth provider and making it easy to swap out authentication mechanisms (or support both user/pass and OAuth in the same app). Recheck token validity in onEnter Recheck token validity in HOC |
Thanks @mjrussell. Currently attempting the 2nd option so will feedback any hurdles I potentially encounter. |
@BenjaminRCooper I was curious on how your attempt went? What was the final solutiont that you ended up with? |
Hey guys! Just wanted to chime in with something that may or may not be helpful. I was just trying to solve the issue of how to hook up a react app to do authentication properly with my own open ID connect provider (based on the IdentityServer project). While trying to figure this out I stumbled across a nice little redux wrapper for the oidc-client-js library. The library I am using is the redux-oidc library. It wraps the complexities of using the oidc-client-js library and adds a redux middleware to handle the authentication, as well as provide some components to handle the callback. The oidc-client-js library does a lot of the heavy lifting for handling session management, where to store tokens, etc and the redux-oidc library bridges the gap with redux. Long story short, I was having issues with ensuring the user was logged in on page refreshes prior to making api requests and I came across your wonderful library! The redux-oidc library needed a few tweaks to be able to take advantage of your async user info loading (which is required due to the design of the oidc-client-js library) and I was able to work with the author of the library to get a PR submitted to allow better integration between both of your libraries. Just wanted to give you a heads up in case it helps any of your users out! I created a fork of the original author's example app to show the integration between the two libraries, which actually uses google as the open id connect provider. It shows using the redux-oidc middleware to handle the authentication and redux-auth-wrapper to ensure the user is logged in and the user's info is loaded prior to loading a component. The example repo can be found here: https://github.com/jbellmore31g/redux-oidc-example Hope this helps, thanks a bunch for your team's work on this library, it is great! |
@jbellmore31g |
Wondering how this would work with an 0Auth provider and how you would do things such as handle refresh tokens etc.
Just wondered if you had any thoughts or examples.
The text was updated successfully, but these errors were encountered: