@axa-fr/oidc-client 7.26.6 → 7.26.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -0
- package/dist/index.js +658 -633
- package/dist/index.umd.cjs +2 -2
- package/dist/initWorker.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/initWorker.ts +71 -24
- package/src/version.ts +1 -1
package/README.md
CHANGED
|
@@ -122,6 +122,13 @@ trustedDomains.config_with_dpop = {
|
|
|
122
122
|
|
|
123
123
|
// Setting allowMultiTabLogin to true will enable storing login-specific parameters (state, nonce, code verifier)
|
|
124
124
|
// separately for each tab. This will prevent errors when logins are initiated from multiple tabs.
|
|
125
|
+
// IMPORTANT: When allowMultiTabLogin is true, you MUST use the OIDC fetch provided by
|
|
126
|
+
// oidcClient.fetchWithTokens(fetch) for API requests. The service worker embeds a tab-specific
|
|
127
|
+
// token placeholder in the Authorization header, which it then replaces with the real access token.
|
|
128
|
+
// Using a plain fetch or axios without the OIDC fetch wrapper will result in requests being sent
|
|
129
|
+
// without an Authorization header (401 errors), because the service worker cannot determine which
|
|
130
|
+
// tab's token to inject without the placeholder.
|
|
131
|
+
// Example with axios: configure it to use the OIDC fetch as its adapter or use the OIDC fetch directly.
|
|
125
132
|
trustedDomains.config_multi_tab_login = {
|
|
126
133
|
domains: ['https://demo.duendesoftware.com'],
|
|
127
134
|
allowMultiTabLogin: true,
|