View in #ohif on Slack
@Shir: Hello,
I’ve observed a behavior in my application where, when using the OIDC configuration with Keycloak and automaticSilentRenew: true, the user state isn’t updated upon token refresh. This leads to authorization headers being sent with the old token, rather than the newly refreshed one.
Upon inspecting the code, I noticed in OpenIdConnectRoutes.tsx that in the redirect_uri route logic, there’s a call to userAuthenticationService.setUser(user). However, a similar call seems to be absent during the token refresh process.
To address this, I’ve implemented an event handler to ensure the user state is updated upon token renewal:
useEffect(() => {
const userLoadedHandler = user => {
console.log('New user loaded (or token renewed):', user);
userAuthenticationService.setUser(user);
};
userManager.events.addUserLoaded(userLoadedHandler);
// Cleanup on component unmount.
return () => {
userManager.events.removeUserLoaded(userLoadedHandler);
};
}, []);
Did I perhaps overlook something in my configuration, or is this user state update during silent renewal not present in the current codebase?
Thanks for your guidance!
@Alireza_Sedghi: which event is it?
@Shir: Im sorry I’m not sure what you refer to?
@Alireza_Sedghi: what event did you add
@Shir: In OpenIdConnectRoutes.tsx, I’ve set up an event listener using userManager.events.addUserLoaded(userLoadedHandler). This listens for the addUserLoaded event from the OIDC client. This specific event fires whenever a new user object is loaded, such as after a token refresh.
@Alireza_Sedghi: Hmm sounds correct, do you want to create a PR?
@Shir: Sure will do. thanks.