"No state in response" error with OIDC_CLIENT and angularJS

Asked 21/8, 2016 at 23:53 Answered 28/11, 2018 at 17:56

I am trying to replace the old oidc-token-manager with oidc-client in my angular app, but I keep getting this error "No state in response", I have look at brockallen sample to learn how to use it, but not luck so far. Here is what I have in my service.

var config = {
                client_id: "myClient"
                , redirect_uri: "http://127.0.0.1:51899/callback.html"
                , response_type: "id_token token"
                , scope: "openid profile test"
                , authority: "https://localhost:44369"
            };
            var mgr = new Oidc.UserManager(config);

and similar thing on my callback page.

This is what I have in my mainController

var tokenManager = {
            mgr: {}
        };
        tokenManager.mgr = oidc.tokenManager();
        startSigninMainWindow(tokenManager);

        function startSigninMainWindow(tokenManager) {
            tokenManager.mgr.signinRedirectCallback().then(function (user) {
                var data = user.state.some;
            }, function (err) {
                console.log(err); // err:'No state in response'
            });
        }

Could any body tell me what I am doing wrong? Thanks. PS: BTW, I don't even get to see the login screen in the Identity Server any more

Kickapoo answered 21/8, 2016 at 23:53 Comment(4)

Enable logging and see where the error comes from. – Trixie 22/8, 2016 at 13:20

I have logging enabled, but it doesn't say much. UserManager.signingRedirectCalback, RedirectNavigator.url , _signingEnd, OidcClient.processingSigningResponse, UrlUtility.parseUrlFragment this is all the information in the logging. – Kickapoo 22/8, 2016 at 16:24

Did you ever resolve this - am having the exact same issue – Kehoe 2/3, 2017 at 10:30

With angular 5.2.8 I had the same issue. I put the line: window.location.hash = decodeURIComponent(window.location.hash); before calling signinRedirectCallback on UserManager. Give it a try. This is a breaking change in Angular 5.2.8 that they started to encode the hash. But I do not really understand the details. – Tempting 22/3, 2018 at 23:15

In my case, there was garbage in the Local Storage. Open the chrome debugger "Application" tab and clear all the Local and Session storage. Then reload the app.

NOTE: as a developer you need to know that oidc-client uses session/local storage for a cache. It does not refresh the cache if, for example, you change the configuration of your token. You must manually clear the storage.

Belter answered 28/11, 2018 at 17:56 Comment(1)

This was a small piece in a very long puzzle, but thank you for pointing me to the Local and Session storage. Just to help answer the actual question, it turned out that my Client was sending a "state" param (And it's value was a key to lookup a state object in Local storage), but my Server was not sending the "state" back. And so, "No state in response". – Abib 26/3, 2020 at 15:51

In my case, someone was calling the /login callback route directly from the UI code. The /login route should only be called by the SSO server (Identity Provider, whatever you call it) and never by the UI itself. So in our authGuard we replaced this.router.navigate(['/login']); with this.userManager.signinRedirect(); and it cleared right up.

Classified answered 10/8, 2018 at 1:40 Comment(0)

Recommended topics

Hot tags