How to avoid calling .well-known/configuration twice ?

[Meliodas18]

Hi,

I need help, perhaps I've done something wrong.

Describe
I have tried to use this library and I have found that it is calling twice the endpoint for fetching the configuration.

Reproduce
My first component is :

init(): void {
    this.oauthService.loadDocument();
    this.oauthService.initCodeFlow();
}

First it fetches the configuration + public key via jwks url.
Then it calls the authorization server and the authorization server is redirecting me to the second component (see below).

My second component (exposed by my redirect-url) is :

login(): void {
    this.oauthService.tryLogin();
}

And it doesn't work, because I need to do a loadDocument first in this function.

My question is: Do I need to call twice the endpoint for configuration ? Is there a way to avoid that ?

Thanks

[jeroenheijmans]

You need to load the discovery document once per loading of your application.

Since initCodeFlow will perform a redirect cycle (as per the spec) you will go to the auth server and get sent back to your own app. It will (should) then load the disco document again, indeed.

In my apps I try a silentRefresh before forcing a user to log in (via a guard or a call in initialization). But it has its problems nowadays because of stricter browser cookie rules, so it might not apply to your situation.

On a side note, you could have caching on your disco document if you feel it slows things down a lot.

Hope that helps!