fix(portal-self-service): run checkAuth() at startup to end the login redirect loop (refs #67)
All checks were successful
CI / lint (pull_request) Successful in 1m6s
CI / build (pull_request) Successful in 53s
CI / unit (pull_request) Successful in 1m3s
CI / frontend (pull_request) Successful in 1m56s
CI / mutation (pull_request) Successful in 3m55s
CI / verify-stack (pull_request) Successful in 4m34s
All checks were successful
CI / lint (pull_request) Successful in 1m6s
CI / build (pull_request) Successful in 53s
CI / unit (pull_request) Successful in 1m3s
CI / frontend (pull_request) Successful in 1m56s
CI / mutation (pull_request) Successful in 3m55s
CI / verify-stack (pull_request) Successful in 4m34s
Without an app-init auth check, the DigiD callback (?code=…) was never processed, so the guard kept seeing 'not authenticated' and re-triggered login — an infinite redirect loop. Add withAppInitializerAuthCheck() so checkAuth() runs before the router and guard, establishing the session on the callback. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,5 +1,10 @@
|
|||||||
import { EnvironmentProviders, makeEnvironmentProviders } from '@angular/core';
|
import { EnvironmentProviders, makeEnvironmentProviders } from '@angular/core';
|
||||||
import { authInterceptor, LogLevel, provideAuth } from 'angular-auth-oidc-client';
|
import {
|
||||||
|
authInterceptor,
|
||||||
|
LogLevel,
|
||||||
|
provideAuth,
|
||||||
|
withAppInitializerAuthCheck,
|
||||||
|
} from 'angular-auth-oidc-client';
|
||||||
import { AuthService } from './auth.service';
|
import { AuthService } from './auth.service';
|
||||||
import { DigiadAuthService } from './digid-auth.service';
|
import { DigiadAuthService } from './digid-auth.service';
|
||||||
|
|
||||||
@@ -19,7 +24,8 @@ export interface DigiadAuthOptions {
|
|||||||
*/
|
*/
|
||||||
export function provideDigiadAuth(options: DigiadAuthOptions): EnvironmentProviders {
|
export function provideDigiadAuth(options: DigiadAuthOptions): EnvironmentProviders {
|
||||||
return makeEnvironmentProviders([
|
return makeEnvironmentProviders([
|
||||||
provideAuth({
|
provideAuth(
|
||||||
|
{
|
||||||
config: {
|
config: {
|
||||||
authority: options.authority,
|
authority: options.authority,
|
||||||
redirectUrl: options.redirectUrl,
|
redirectUrl: options.redirectUrl,
|
||||||
@@ -32,7 +38,11 @@ export function provideDigiadAuth(options: DigiadAuthOptions): EnvironmentProvid
|
|||||||
secureRoutes: [options.secureApiOrigin],
|
secureRoutes: [options.secureApiOrigin],
|
||||||
logLevel: LogLevel.Warn,
|
logLevel: LogLevel.Warn,
|
||||||
},
|
},
|
||||||
}),
|
},
|
||||||
|
// Run checkAuth() at startup so the DigiD callback (?code=…) is processed before the router
|
||||||
|
// and guard run — without it the guard sees "not authenticated" and re-triggers login (loop).
|
||||||
|
withAppInitializerAuthCheck(),
|
||||||
|
),
|
||||||
{ provide: AuthService, useClass: DigiadAuthService },
|
{ provide: AuthService, useClass: DigiadAuthService },
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user