MCPcopy
hub / github.com/authts/oidc-client-ts / signinSilent

Method signinSilent

src/UserManager.ts:312–368  ·  view source on GitHub ↗

* Trigger a silent request (via refresh token or an iframe) to the authorization endpoint. * * @returns A promise that contains the authenticated `User`.

(args: SigninSilentArgs = {})

Source from the content-addressed store, hash-verified

310 * @returns A promise that contains the authenticated `User`.
311 */
312 public async signinSilent(args: SigninSilentArgs = {}): Promise<User | null> {
313 const logger = this._logger.create("signinSilent");
314 const {
315 silentRequestTimeoutInSeconds,
316 ...requestArgs
317 } = args;
318 // first determine if we have a refresh token, or need to use iframe
319 let user = await this._loadUser();
320 // use refresh token unless forceIframeAuth is explicitly true
321 if (!args.forceIframeAuth && user?.refresh_token) {
322 logger.debug("using refresh token");
323 const state = new RefreshState(user as Required<User>);
324 return await this._useRefreshToken({
325 state,
326 redirect_uri: requestArgs.redirect_uri,
327 resource: requestArgs.resource,
328 extraTokenParams: requestArgs.extraTokenParams,
329 timeoutInSeconds: silentRequestTimeoutInSeconds,
330 });
331 }
332
333 let dpopJkt: string | undefined;
334 if (this.settings.dpop?.bind_authorization_code) {
335 dpopJkt = await this.generateDPoPJkt(this.settings.dpop);
336 }
337
338 const url = this.settings.silent_redirect_uri;
339 if (!url) {
340 logger.throw(new Error("No silent_redirect_uri configured"));
341 }
342
343 let verifySub: string | undefined;
344 if (user && this.settings.validateSubOnSilentRenew) {
345 logger.debug("subject prior to silent renew:", user.profile.sub);
346 verifySub = user.profile.sub;
347 }
348
349 const handle = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds });
350 user = await this._signin({
351 request_type: "si:s",
352 redirect_uri: url,
353 prompt: "none",
354 id_token_hint: this.settings.includeIdTokenInSilentRenew ? user?.id_token : undefined,
355 dpopJkt,
356 ...requestArgs,
357 }, handle, verifySub);
358 if (user) {
359 if (user.profile?.sub) {
360 logger.info("success, signed in subject", user.profile.sub);
361 }
362 else {
363 logger.info("no subject");
364 }
365 }
366
367 return user;
368 }
369

Callers 5

sample.jsFile · 0.80
iframeSigninFunction · 0.80
iframeSigninFunction · 0.80
SilentRenewServiceClass · 0.80

Calls 9

_loadUserMethod · 0.95
_useRefreshTokenMethod · 0.95
generateDPoPJktMethod · 0.95
_signinMethod · 0.95
throwMethod · 0.80
debugMethod · 0.65
prepareMethod · 0.65
infoMethod · 0.65
createMethod · 0.45

Tested by

no test coverage detected