How to get Refresh Token with windowTarget: "_self".
atmike opened this issue · comments
Description
I want to use this Library with windowTarget: "_self". At the Moment I can login and logout with Azure B2C and Azure AD.
I'm doing this by using responseType: "token" to get the Token via URL.
My Problem is, that I'm not able to get a refresh token from the AD's. The redirect URL only contains the access_token but no refresh_token.
I already tried to us the responseType: Code and than try to use the Code to get the access and refresh token. But here I do not have the code_verifier that is generated with in the Library to verify the code =>
let pkceCodeVerifier = generateRandom(withLength: 64)
Can any one tell how I can manage this?
Capacitor version:
In my test app I'm running without Capacitor
Library version:
4.0.0
OAuth Provider:
Azure B2C & Azure AD
Your Plugin Configuration
{
getAzureInternalOAuth2Options(): OAuth2AuthenticateOptions {
var tenantId = "6273e691-1111-2222-3333-e5267d5da3a6";
var appId = "283a2967-1111-2222-3333-b249c0d72231";
var redirectUrlWeb = "http://localhost:4200";
return {
appId: appId,
authorizationBaseUrl: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`,
scope: "https://graph.microsoft.com/User.Read",
accessTokenEndpoint: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`,
resourceUrl: "https://graph.microsoft.com/v1.0/me/",
responseType: "token",
pkceEnabled: true,
logsEnabled: true,
web: {
redirectUrl: redirectUrlWeb,
windowTarget: "_self",
windowOptions: "height=600,left=0,top=0",
},
android: {
redirectUrl: "msauth://{package-name}/{url-encoded-signature-hash}"
},
ios: {
pkceEnabled: true,
redirectUrl: "msauth.{package-name}://auth"
}
};
}
getAzureB2COAuth2Options(): OAuth2AuthenticateOptions {
var tenantId = "NameOfTheTenant";
var appId = "066ed81b-0000-1111-2222-e5a54bc76fac";
var redirectUrlWeb = "http://localhost:4200";
var policyName: string = "B2C_1_susi";
return {
appId: appId,
responseType: "token",
authorizationBaseUrl: `https://${tenantId}.b2clogin.com/${tenantId}.onmicrosoft.com/${policyName}/oauth2/v2.0/authorize`,
accessTokenEndpoint: '',
scope: `https://${tenantId}.onmicrosoft.com/tasks-armawin`,
resourceUrl: "https://graph.microsoft.com/v1.0/me/",
pkceEnabled: true,
logsEnabled: true,
web: {
redirectUrl: redirectUrlWeb,
windowTarget: "_self",
windowOptions: "height=600,left=0,top=0"
},
android: {
redirectUrl: "msauth://{package-name}/{url-encoded-signature-hash}"
},
ios: {
pkceEnabled: true, // workaround for bug #111
redirectUrl: "msauth.{package-name}://auth"
}
};
}
}
Affected Platform(s):
add the moment I'm testing only in Web
- Web
- Browser: Chrome /Firefox/...
@moberwasserlechner
Can tell me if there is a way to get to pkceCodeVerifier value? without this value I can do anything to refresh the token in a silent way.
Please give me a short answer.
I have given up to use the plugin in the same window :(