What happens if the OIDC server is down, or if the server indicates that your client configuration is not valid?
By default, , when there is an error with the OIDC initialization your website will load with the user unauthenticated.
This allows the user to access parts of the application that do not require authentication. When the user clicks on the login button (triggering the login() function), a browser alert is displayed, indicating that authentication is currently unavailable, and no further action is taken.
You can customize this behavior. An initializationError object is present on the OIDC object if an error occurred.
import { createOidc } from"oidc-spa";constoidc=awaitcreateOidc(...);if( !oidc.isUserLoggedIn ){// If the used is logged in we had no initialization error.return;}if( oidc.initializationError ){// initializationError.type can be either:// - "server down"// - "bad configuration"// - "unknown" console.log(oidc.initializationError.type);consthandleLoginClick= ()=> {if( oidc.initializationError ){alert(`Can't login now, try again later ${oidc.initializationError.message}`);return; }oidc.login(...); };}
Please note that due to browser security policies, it is impossible to distinguish whether the network is very slow or down, or if the OIDC server has rejected the configuration.
Consequently, one might encounter an error of type "bad configuration" on a slow 3G network, for example.
However, the timeout duration is automatically adjusted based on the speed of the internet connection of the user, which should prevent this issue from occurring.