@axa-fr/react-oidc 6.11.4-alpha2 → 6.12.0

package/src/oidc/vanilla/oidc.ts

@@ -1,5 +1,6 @@
 import {
     AuthorizationNotifier,
+    AuthorizationRequest,
     AuthorizationServiceConfiguration,
     BaseTokenRequestHandler,
     DefaultCrypto,
@@ -11,26 +12,31 @@ import {
 } from '@openid/appauth';
 import { AuthorizationServiceConfigurationJson } from '@openid/appauth/src/authorization_service_configuration';
 
-import { startCheckSessionAsync as defaultStartCheckSessionAsync } from './checkSession';
+import { getFromCache, setCache } from './cache';
 import { CheckSessionIFrame } from './checkSessionIFrame';
-import { eventNames } from './events';
 import { initSession } from './initSession';
 import { initWorkerAsync, sleepAsync } from './initWorker';
-import { defaultLoginAsync, defaultSilentLoginAsync2 } from './login';
 import { MemoryStorageBackend } from './memoryStorageBackend';
 import { HashQueryStringUtils, NoHashQueryStringUtils } from './noHashQueryStringUtils';
 import {
     computeTimeLeft,
     isTokensOidcValid,
+    isTokensValid,
     setTokens, TokenRenewMode,
     Tokens,
 } from './parseTokens';
-import { fetchFromIssuer, performRevocationRequestAsync, performTokenRequestAsync, TOKEN_TYPE } from './requests';
+import { performRevocationRequestAsync, performTokenRequestAsync, TOKEN_TYPE } from './requests';
 import { getParseQueryStringFromLocation } from './route-utils';
-import defaultSilentLoginAsync from './silentLogin';
 import timer from './timer';
-import { AuthorityConfiguration, OidcConfiguration, StringMap } from './types';
-import { userInfoAsync } from './user';
+
+const randomString = function(length) {
+    let text = '';
+    const possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+    for (let i = 0; i < length; i++) {
+        text += possible.charAt(Math.floor(Math.random() * possible.length));
+    }
+    return text;
+};
 
 export interface OidcAuthorizationServiceConfigurationJson extends AuthorizationServiceConfigurationJson{
     check_session_iframe?: string;
@@ -52,6 +58,41 @@ export class OidcAuthorizationServiceConfiguration extends AuthorizationServiceC
     }
 }
 
+export interface StringMap {
+    [key: string]: string;
+}
+
+export interface AuthorityConfiguration {
+    authorization_endpoint: string;
+    token_endpoint: string;
+    revocation_endpoint: string;
+    end_session_endpoint?: string;
+    userinfo_endpoint?: string;
+    check_session_iframe?:string;
+    issuer:string;
+}
+
+ export type OidcConfiguration = {
+     client_id: string;
+     redirect_uri: string;
+     silent_redirect_uri?:string;
+     silent_login_uri?:string;
+     silent_login_timeout?:number;
+     scope: string;
+     authority: string;
+     authority_time_cache_wellknowurl_in_second?: number;
+     authority_configuration?: AuthorityConfiguration;
+     refresh_time_before_tokens_expiration_in_second?: number;
+     token_request_timeout?: number;
+     service_worker_relative_url?:string;
+     service_worker_only?:boolean;
+     extras?:StringMap;
+     token_request_extras?:StringMap;
+     storage?: Storage;
+     monitor_session?: boolean;
+     token_renew_mode?: string;
+};
+
 const oidcDatabase = {};
 const oidcFactory = (configuration: OidcConfiguration, name = 'default') => {
     if (oidcDatabase[name]) {
@@ -79,9 +120,9 @@ async function renewTokensAndStartTimerAsync(oidc, refreshToken, forceRefresh =
     const updateTokens = (tokens) => { oidc.tokens = tokens; };
     const { tokens, status } = await oidc.synchroniseTokensAsync(refreshToken, 0, forceRefresh, extras, updateTokens);
 
-    const serviceWorker = await initWorkerAsync(oidc.configuration.service_worker_relative_url, oidc.configurationName);
+    const serviceWorker = await initWorkerAsync(oidc.configuration.service_worker_relative_url, oidc.configurationName, oidc.configuration.redirect_uri);
     if (!serviceWorker) {
-        const session = initSession(oidc.configurationName, oidc.configuration.storage);
+        const session = initSession(oidc.configurationName, oidc.configuration.redirect_uri, oidc.configuration.storage);
         await session.setTokens(oidc.tokens);
     }
 
@@ -105,17 +146,105 @@ const autoRenewTokens = (oidc, refreshToken, expiresAt, extras:StringMap = null)
     }, 1000);
 };
 
+const userInfoAsync = async (oidc) => {
+    if (oidc.userInfo != null) {
+        return oidc.userInfo;
+    }
+    if (!oidc.tokens) {
+        return null;
+    }
+    const accessToken = oidc.tokens.accessToken;
+    if (!accessToken) {
+        return null;
+    }
+
+    // We wait the synchronisation before making a request
+    while (oidc.tokens && !isTokensValid(oidc.tokens)) {
+        await sleepAsync(200);
+    }
+
+   const oidcServerConfiguration = await oidc.initAsync(oidc.configuration.authority, oidc.configuration.authority_configuration);
+   const url = oidcServerConfiguration.userInfoEndpoint;
+   const fetchUserInfo = async (accessToken) => {
+       const res = await fetch(url, {
+           headers: {
+               authorization: `Bearer ${accessToken}`,
+           },
+       });
+
+       if (res.status !== 200) {
+           return null;
+       }
+
+       return res.json();
+   };
+   const userInfo = await fetchUserInfo(accessToken);
+   oidc.userInfo = userInfo;
+   return userInfo;
+};
+
+const eventNames = {
+    service_worker_not_supported_by_browser: 'service_worker_not_supported_by_browser',
+    token_aquired: 'token_aquired',
+    logout_from_another_tab: 'logout_from_another_tab',
+    logout_from_same_tab: 'logout_from_same_tab',
+    token_renewed: 'token_renewed',
+    token_timer: 'token_timer',
+    loginAsync_begin: 'loginAsync_begin',
+    loginAsync_error: 'loginAsync_error',
+    loginCallbackAsync_begin: 'loginCallbackAsync_begin',
+    loginCallbackAsync_end: 'loginCallbackAsync_end',
+    loginCallbackAsync_error: 'loginCallbackAsync_error',
+    refreshTokensAsync_begin: 'refreshTokensAsync_begin',
+    refreshTokensAsync: 'refreshTokensAsync',
+    refreshTokensAsync_end: 'refreshTokensAsync_end',
+    refreshTokensAsync_error: 'refreshTokensAsync_error',
+    refreshTokensAsync_silent_error: 'refreshTokensAsync_silent_error',
+    tryKeepExistingSessionAsync_begin: 'tryKeepExistingSessionAsync_begin',
+    tryKeepExistingSessionAsync_end: 'tryKeepExistingSessionAsync_end',
+    tryKeepExistingSessionAsync_error: 'tryKeepExistingSessionAsync_error',
+    silentLoginAsync_begin: 'silentLoginAsync_begin',
+    silentLoginAsync: 'silentLoginAsync',
+    silentLoginAsync_end: 'silentLoginAsync_end',
+    silentLoginAsync_error: 'silentLoginAsync_error',
+    syncTokensAsync_begin: 'syncTokensAsync_begin',
+    syncTokensAsync_end: 'syncTokensAsync_end',
+    syncTokensAsync_error: 'syncTokensAsync_error',
+};
+
 const getRandomInt = (max) => {
     return Math.floor(Math.random() * max);
 };
 
+const oneHourSecond = 60 * 60;
+const fetchFromIssuer = async (openIdIssuerUrl: string, timeCacheSecond = oneHourSecond, storage = window.sessionStorage):
+    Promise<OidcAuthorizationServiceConfiguration> => {
+    const fullUrl = `${openIdIssuerUrl}/.well-known/openid-configuration`;
+
+    const localStorageKey = `oidc.server:${openIdIssuerUrl}`;
+    const data = getFromCache(localStorageKey, storage, timeCacheSecond);
+    if (data) {
+        return new OidcAuthorizationServiceConfiguration(data);
+    }
+    const response = await fetch(fullUrl);
+
+    if (response.status !== 200) {
+        return null;
+    }
+
+    const result = await response.json();
+
+    setCache(localStorageKey, result, storage);
+    return new OidcAuthorizationServiceConfiguration(result);
+};
+
 export class Oidc {
     public configuration: OidcConfiguration;
     public userInfo: null;
     public tokens?: Tokens;
     public events: Array<any>;
     private timeoutId: NodeJS.Timeout;
-    public configurationName: string;
+    private configurationName: string;
     private checkSessionIFrame: CheckSessionIFrame;
     constructor(configuration:OidcConfiguration, configurationName = 'default') {
       let silent_login_uri = configuration.silent_login_uri;
@@ -206,7 +335,96 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
     }
 
     async silentLoginAsync(extras:StringMap = null, state:string = null, scope:string = null) {
-        return defaultSilentLoginAsync(this.configurationName, this.configuration, this.publishEvent.bind(this))(extras, state, scope);
+        if (!this.configuration.silent_redirect_uri || !this.configuration.silent_login_uri) {
+            return Promise.resolve(null);
+        }
+
+        try {
+            this.publishEvent(eventNames.silentLoginAsync_begin, {});
+            const configuration = this.configuration;
+            let queries = '';
+
+            if (state) {
+                if (extras == null) {
+                    extras = {};
+                }
+                extras.state = state;
+            }
+
+            if (scope) {
+                if (extras == null) {
+                    extras = {};
+                }
+                extras.scope = scope;
+            }
+
+            if (extras != null) {
+                for (const [key, value] of Object.entries(extras)) {
+                    if (queries === '') {
+                      queries = `?${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+                    } else {
+                        queries += `&${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+                    }
+                }
+            }
+            const link = configuration.silent_login_uri + queries;
+            const idx = link.indexOf('/', link.indexOf('//') + 2);
+            const iFrameOrigin = link.substr(0, idx);
+            const iframe = document.createElement('iframe');
+            iframe.width = '0px';
+            iframe.height = '0px';
+
+            iframe.id = `${this.configurationName}_oidc_iframe`;
+            iframe.setAttribute('src', link);
+            document.body.appendChild(iframe);
+            return new Promise((resolve, reject) => {
+                try {
+                    let isResolved = false;
+                    window.onmessage = (e: MessageEvent<any>) => {
+                        if (e.origin === iFrameOrigin &&
+                            e.source === iframe.contentWindow
+                        ) {
+                            const key = `${this.configurationName}_oidc_tokens:`;
+                            const key_error = `${this.configurationName}_oidc_error:`;
+                            const data = e.data;
+                            if (data && typeof (data) === 'string') {
+                                if (!isResolved) {
+                                    if (data.startsWith(key)) {
+                                        const result = JSON.parse(e.data.replace(key, ''));
+                                        this.publishEvent(eventNames.silentLoginAsync_end, {});
+                                        iframe.remove();
+                                        isResolved = true;
+                                        resolve(result);
+                                    } else if (data.startsWith(key_error)) {
+                                        const result = JSON.parse(e.data.replace(key_error, ''));
+                                        this.publishEvent(eventNames.silentLoginAsync_error, result);
+                                        iframe.remove();
+                                        isResolved = true;
+                                        reject(new Error('oidc_' + result.error));
+                                    }
+                                }
+                            }
+                        }
+                    };
+                    const silentSigninTimeout = configuration.silent_login_timeout;
+                    setTimeout(() => {
+                        if (!isResolved) {
+                            this.publishEvent(eventNames.silentLoginAsync_error, { reason: 'timeout' });
+                            iframe.remove();
+                            isResolved = true;
+                            reject(new Error('timeout'));
+                        }
+                    }, silentSigninTimeout);
+                } catch (e) {
+                    iframe.remove();
+                    this.publishEvent(eventNames.silentLoginAsync_error, e);
+                    reject(e);
+                }
+            });
+        } catch (e) {
+            this.publishEvent(eventNames.silentLoginAsync_error, e);
+            throw e;
+        }
     }
 
     initPromise = null;
@@ -227,7 +445,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
                 });
             }
 
-            const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName);
+            const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName, this.configuration.redirect_uri);
             const storage = serviceWorker ? window.localStorage : null;
             return await fetchFromIssuer(authority, this.configuration.authority_time_cache_wellknowurl_in_second ?? 60 * 60, storage);
         };
@@ -252,7 +470,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
             try {
                 const configuration = this.configuration;
                 const oidcServerConfiguration = await this.initAsync(configuration.authority, configuration.authority_configuration);
-                serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName);
+                serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName, configuration.redirect_uri);
                 if (serviceWorker) {
                     const { tokens } = await serviceWorker.initAsync(oidcServerConfiguration, 'tryKeepExistingSessionAsync', configuration);
                     if (tokens) {
@@ -280,7 +498,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
                             message: 'service worker is not supported by this browser',
                         });
                     }
-                    const session = initSession(this.configurationName, configuration.storage ?? sessionStorage);
+                    const session = initSession(this.configurationName, configuration.redirect_uri, configuration.storage ?? sessionStorage);
                     const { tokens } = await session.initAsync();
                     if (tokens) {
                         // @ts-ignore
@@ -319,26 +537,146 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
         });
     }
 
-    async startCheckSessionAsync(checkSessionIFrameUri, clientId, sessionState, isSilentSignin = false) {
-        const getCurrentTokens = () => this.tokens;
-        this.checkSessionIFrame = await defaultStartCheckSessionAsync(oidcDatabase, this.configuration, this.checkSessionIFrame, this.silentLoginAsync.bind(this), getCurrentTokens)(checkSessionIFrameUri, clientId, sessionState, isSilentSignin);
-    }
-
     loginPromise: Promise<void> = null;
     async loginAsync(callbackPath:string = undefined, extras:StringMap = null, isSilentSignin = false, scope:string = undefined, silentLoginOnly = false) {
         if (this.loginPromise !== null) {
             return this.loginPromise;
         }
-        if (silentLoginOnly) {
-            return defaultSilentLoginAsync2(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this)(extras, scope);
-        }
-        this.loginPromise = defaultLoginAsync(window, this.configurationName, this.configuration, this.silentLoginAsync.bind(this), this.publishEvent.bind(this), this.initAsync.bind(this))(callbackPath, extras, isSilentSignin, scope);
+        const loginLocalAsync = async () => {
+                const location = window.location;
+                const url = callbackPath || location.pathname + (location.search || '') + (location.hash || '');
+                const configuration = this.configuration;
+            let state;
+            if (extras && 'state' in extras) {
+                state = extras.state;
+                delete extras.state;
+            }
+                if (silentLoginOnly) {
+                    try {
+                        const extraFinal = extras ?? configuration.extras ?? {};
+                        const silentResult = await this.silentLoginAsync({
+                            ...extraFinal,
+                            prompt: 'none',
+                        }, state, scope);
+
+                        if (silentResult) {
+                            this.tokens = silentResult.tokens;
+                            this.publishEvent(eventNames.token_aquired, {});
+                            // @ts-ignore
+                            this.timeoutId = autoRenewTokens(this, this.tokens.refreshToken, this.tokens.expiresAt, extras);
+                            return {};
+                        }
+                    } catch (e) {
+                        return e;
+                    }
+                }
+            this.publishEvent(eventNames.loginAsync_begin, {});
+
+            try {
+                const redirectUri = isSilentSignin ? configuration.silent_redirect_uri : configuration.redirect_uri;
+                if (!scope) {
+                    scope = configuration.scope;
+                }
+
+                const extraFinal = extras ?? configuration.extras ?? {};
+                if (!extraFinal.nonce) {
+                    extraFinal.nonce = randomString(12);
+                }
+                const nonce = { nonce: extraFinal.nonce };
+                const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName, this.configuration.redirect_uri);
+                const oidcServerConfiguration = await this.initAsync(configuration.authority, configuration.authority_configuration);
+                let storage;
+                if (serviceWorker) {
+                    serviceWorker.setLoginParams(this.configurationName, redirectUri, { callbackPath: url, extras, state });
+                    serviceWorker.startKeepAliveServiceWorker();
+                    await serviceWorker.initAsync(oidcServerConfiguration, 'loginAsync', configuration);
+                    await serviceWorker.setNonceAsync(nonce);
+                    storage = new MemoryStorageBackend(serviceWorker.saveItemsAsync, {});
+                    await storage.setItem('dummy', {});
+                } else {
+                    const session = initSession(this.configurationName, redirectUri);
+                    session.setLoginParams(this.configurationName, redirectUri, { callbackPath: url, extras, state });
+                    await session.setNonceAsync(nonce);
+                    storage = new MemoryStorageBackend(session.saveItemsAsync, {});
+                }
+
+                // @ts-ignore
+                const queryStringUtil = redirectUri.includes('#') ? new HashQueryStringUtils() : new NoHashQueryStringUtils();
+                const authorizationHandler = new RedirectRequestHandler(storage, queryStringUtil, window.location, new DefaultCrypto());
+                const authRequest = new AuthorizationRequest({
+                    client_id: configuration.client_id,
+                    redirect_uri: redirectUri,
+                    scope,
+                    response_type: AuthorizationRequest.RESPONSE_TYPE_CODE,
+                    state,
+                    extras: extraFinal,
+                });
+                authorizationHandler.performAuthorizationRequest(oidcServerConfiguration, authRequest);
+            } catch (exception) {
+                this.publishEvent(eventNames.loginAsync_error, exception);
+                throw exception;
+            }
+        };
+        this.loginPromise = loginLocalAsync();
         return this.loginPromise.then(result => {
             this.loginPromise = null;
             return result;
         });
     }
 
+    async startCheckSessionAsync(checkSessionIFrameUri, clientId, sessionState, isSilentSignin = false) {
+        return new Promise<void>((resolve, reject): void => {
+            if (this.configuration.silent_login_uri && this.configuration.silent_redirect_uri && this.configuration.monitor_session && checkSessionIFrameUri && sessionState && !isSilentSignin) {
+                const checkSessionCallback = () => {
+                    this.checkSessionIFrame.stop();
+
+                    if (this.tokens === null) {
+                        return;
+                    }
+                    // @ts-ignore
+                    const idToken = this.tokens.idToken;
+                    // @ts-ignore
+                    const idTokenPayload = this.tokens.idTokenPayload;
+                    this.silentLoginAsync({
+                        prompt: 'none',
+                        id_token_hint: idToken,
+                        scope: 'openid',
+                    }).then((silentSigninResponse) => {
+                        const iFrameIdTokenPayload = silentSigninResponse.tokens.idTokenPayload;
+                        if (idTokenPayload.sub === iFrameIdTokenPayload.sub) {
+                            const sessionState = silentSigninResponse.sessionState;
+                            this.checkSessionIFrame.start(silentSigninResponse.sessionState);
+                            if (idTokenPayload.sid === iFrameIdTokenPayload.sid) {
+                                console.debug('SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:', sessionState);
+                            } else {
+                                console.debug('SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:', sessionState);
+                            }
+                        } else {
+                            console.debug('SessionMonitor._callback: Different subject signed into OP:', iFrameIdTokenPayload.sub);
+                        }
+                    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+                    }).catch(async (e) => {
+                        // eslint-disable-next-line @typescript-eslint/no-unused-vars
+                        for (const [key, oidc] of Object.entries(oidcDatabase)) {
+                            // @ts-ignore
+                            await oidc.logoutOtherTabAsync(this.configuration.client_id, idTokenPayload.sub);
+                        }
+                    });
+                };
+
+                this.checkSessionIFrame = new CheckSessionIFrame(checkSessionCallback, clientId, checkSessionIFrameUri);
+                this.checkSessionIFrame.load().then(() => {
+                    this.checkSessionIFrame.start(sessionState);
+                    resolve();
+                }).catch((e) => {
+                    reject(e);
+                });
+            } else {
+                resolve();
+            }
+        });
+    }
+
     loginCallbackPromise : Promise<any> = null;
     async loginCallbackAsync(isSilenSignin = false) {
         if (this.loginCallbackPromise !== null) {
@@ -351,9 +689,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
             const parsedTokens = response.tokens;
             // @ts-ignore
             this.tokens = response.tokens;
-            const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName);
+            const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName, this.configuration.redirect_uri);
             if (!serviceWorker) {
-                const session = initSession(this.configurationName, this.configuration.storage);
+                const session = initSession(this.configurationName, this.configuration.redirect_uri, this.configuration.storage);
                 session.setTokens(parsedTokens);
             }
             this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
@@ -378,10 +716,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
             const oidcServerConfiguration = await this.initAsync(authority, configuration.authority_configuration);
             const queryParams = getParseQueryStringFromLocation(window.location.href);
             const sessionState = queryParams.session_state;
-            const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName);
+            const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName, configuration.redirect_uri);
             let storage = null;
             let nonceData = null;
-            let getLoginParams = null;
             if (serviceWorker) {
                 serviceWorker.startKeepAliveServiceWorker();
                 await serviceWorker.initAsync(oidcServerConfiguration, 'loginCallbackAsync', configuration);
@@ -394,14 +731,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
                 await storage.removeItem('dummy');
                 await serviceWorker.setSessionStateAsync(sessionState);
                 nonceData = await serviceWorker.getNonceAsync();
-                getLoginParams = serviceWorker.getLoginParams(this.configurationName);
             } else {
-                const session = initSession(this.configurationName);
+                const session = initSession(this.configurationName, redirectUri);
                 session.setSessionState(sessionState);
                 const items = await session.loadItemsAsync();
                 storage = new MemoryStorageBackend(session.saveItemsAsync, items);
                 nonceData = await session.getNonceAsync();
-                getLoginParams = session.getLoginParams(this.configurationName);
             }
 
             return new Promise((resolve, reject) => {
@@ -426,28 +761,21 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
                         return;
                     }
 
-                    const extras = {};
+                    let extras = null;
                     if (request && request.internal) {
-                        // @ts-ignore
+                        extras = {};
                         extras.code_verifier = request.internal.code_verifier;
                         if (configuration.token_request_extras) {
                             for (const [key, value] of Object.entries(configuration.token_request_extras)) {
                                 extras[key] = value;
                             }
                         }
-                        if (getLoginParams && getLoginParams.extras) {
-                            for (const [key, value] of Object.entries(getLoginParams.extras)) {
-                                if (key.endsWith(':token_request')) {
-                                    extras[key.replace(':token_request', '')] = value;
-                                }
-                            }
-                        }
                     }
 
                     const tokenRequest = new TokenRequest({
                         client_id: clientId,
-                        redirect_uri: redirectUri, // @ts-ignore
-                        grant_type: extras.grant_type ?? GRANT_TYPE_AUTHORIZATION_CODE,
+                        redirect_uri: redirectUri,
+                        grant_type: GRANT_TYPE_AUTHORIZATION_CODE,
                         code: response.code,
                         refresh_token: undefined,
                         extras,
@@ -467,11 +795,11 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
                                 let formattedTokens = null;
                                 if (serviceWorker) {
                                     const { tokens } = await serviceWorker.initAsync(oidcServerConfiguration, 'syncTokensAsync', configuration);
-                                    loginParams = serviceWorker.getLoginParams(this.configurationName);
+                                    loginParams = serviceWorker.getLoginParams(this.configurationName, redirectUri);
                                     formattedTokens = tokens;
                                 } else {
-                                    const session = initSession(this.configurationName, configuration.storage);
-                                    loginParams = session.getLoginParams(this.configurationName);
+                                    const session = initSession(this.configurationName, redirectUri, configuration.storage);
+                                    loginParams = session.getLoginParams(this.configurationName, redirectUri);
                                     formattedTokens = setTokens(tokenResponse, null, configuration.token_renew_mode);
                                 }
                                 if (!isTokensOidcValid(formattedTokens, nonceData.nonce, oidcServerConfiguration)) {
@@ -540,12 +868,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
         const localsilentLoginAsync = async () => {
             try {
                 let loginParams = null;
-                const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName);
+                const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, this.configurationName, configuration.redirect_uri);
                 if (serviceWorker) {
-                    loginParams = serviceWorker.getLoginParams(this.configurationName);
+                    loginParams = serviceWorker.getLoginParams(this.configurationName, configuration.redirect_uri);
                 } else {
-                    const session = initSession(this.configurationName, configuration.storage);
-                    loginParams = session.getLoginParams(this.configurationName);
+                    const session = initSession(this.configurationName, configuration.redirect_uri, configuration.storage);
+                    loginParams = session.getLoginParams(this.configurationName, configuration.redirect_uri);
                 }
                 const silent_token_response = await this.silentLoginAsync({
                     ...loginParams.extras,
@@ -657,7 +985,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
         }
         let nonce = nullNonce;
         const oidcServerConfiguration = await this.initAsync(configuration.authority, configuration.authority_configuration);
-        const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, configurationName);
+        const serviceWorker = await initWorkerAsync(configuration.service_worker_relative_url, configurationName, configuration.redirect_uri);
         if (serviceWorker) {
             const { status, tokens } = await serviceWorker.initAsync(oidcServerConfiguration, 'syncTokensAsync', configuration);
             if (status === 'LOGGED_OUT') {
@@ -674,7 +1002,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
             }
             nonce = await serviceWorker.getNonceAsync();
         } else {
-            const session = initSession(configurationName, configuration.storage ?? sessionStorage);
+            const session = initSession(configurationName, configuration.redirect_uri, configuration.storage ?? sessionStorage);
             const { tokens, status } = await session.initAsync();
             if (!tokens) {
                 return { tokens: null, status: 'LOGOUT_FROM_ANOTHER_TAB', nonce: nullNonce };
@@ -736,9 +1064,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
          if (this.checkSessionIFrame) {
              this.checkSessionIFrame.stop();
          }
-         const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName);
+         const serviceWorker = await initWorkerAsync(this.configuration.service_worker_relative_url, this.configurationName, this.configuration.redirect_uri);
          if (!serviceWorker) {
-             const session = initSession(this.configurationName, this.configuration.storage);
+             const session = initSession(this.configurationName, this.configuration.redirect_uri, this.configuration.storage);
              await session.clearAsync(status);
          } else {
              await serviceWorker.clearAsync(status);

package/src/oidc/vanilla/requests.ts

@@ -1,29 +1,5 @@
-import { getFromCache, setCache } from './cache';
-import { OidcAuthorizationServiceConfiguration } from './oidc';
 import { parseOriginalTokens } from './parseTokens';
 
-const oneHourSecond = 60 * 60;
-export const fetchFromIssuer = async (openIdIssuerUrl: string, timeCacheSecond = oneHourSecond, storage = window.sessionStorage):
-    Promise<OidcAuthorizationServiceConfiguration> => {
-    const fullUrl = `${openIdIssuerUrl}/.well-known/openid-configuration`;
-
-    const localStorageKey = `oidc.server:${openIdIssuerUrl}`;
-    const data = getFromCache(localStorageKey, storage, timeCacheSecond);
-    if (data) {
-        return new OidcAuthorizationServiceConfiguration(data);
-    }
-    const response = await fetch(fullUrl);
-
-    if (response.status !== 200) {
-        return null;
-    }
-
-    const result = await response.json();
-
-    setCache(localStorageKey, result, storage);
-    return new OidcAuthorizationServiceConfiguration(result);
-};
-
 const internalFetch = async (url, headers, numberRetry = 0, timeoutMs = 10000) => {
     let response;
     try {

package/src/oidc/vanilla/route-utils.ts

@@ -72,7 +72,7 @@ const parseQueryString = (queryString:string) => {
     // Convert the array of strings into an object
     for (i = 0, l = queries.length; i < l; i++) {
         temp = queries[i].split('=');
-        params[decodeURIComponent(temp[0])] = temp[1];
+        params[temp[0]] = temp[1];
     }
 
     return params;

package/src/oidc/vanilla/vanillaOidc.ts

@@ -1,6 +1,5 @@
-import { LoginCallback, Oidc } from './oidc';
+import { LoginCallback, Oidc, OidcConfiguration, StringMap } from './oidc';
 import { getValidTokenAsync, Tokens, ValidToken } from './parseTokens';
-import { OidcConfiguration, StringMap } from './types';
 
 export interface EventSubscriber {
     (name: string, data:any);