Recently I was reading OIDC documentation for browser based aplications and I found that one of the recomendation is to use service worker (you can see it here). I'm quite fresh to service workers but I know that it is possible to intercept fetch, so it is possible to add access token to each external api request. The problem is how should I safely store token? Can I just cache it caling const cache = await caches.open("my-cahce"); and then just add token to the cache?
OIDC and service worker
512 Views Asked by Mateusz At
1
There are 1 best solutions below
Related Questions in OAUTH-2.0
- Not getting refresh token with google oauth2
- SoundCloud Authentication Consistently Returns 401 invalid_grant For Some Users
- How can I share Azure Active Directory authentication between server side and client script?
- OAuth2 and API Json request not working with jQuery Call
- Flask-Restful, oauth, and Salesforce
- Bearer token in MVC controller to access Web API
- Revoking OAuth tokens in Mule
- how to signup user using google-plus integradation in web?
- Need to run getAuthToken twice before receiving access token, why?
- chrome.identity.getAuthToken and refresh token?
- dropbox api authentication (Error: [400] 'invalid_client')
- Retrieve Google Sites's Domain Index feed using OAuth 2.0 with Service Account
- hello.js: Is it possible to set the provider's settings dynamically?
- How to share developer account at LinkedIn
- Linkedin Unsupported POST target
Related Questions in OPENID-CONNECT
- OpenID Connect Account linking
- Authentication with OAuth and JWT but without OpenID Connect
- How to retrieve an OpenID Connect Identity Token from a cookie
- Windows Live Open ID Connect/Oauth 2.0 How to use for SSO with Apache mod_auth_openidc
- Get the user's email address from Azure AD via OpenID Connect
- Validate an Access Token at the Resource Server and Respond Accordingly
- Google OAuth: What do the various fields in id_token stand for?
- Role based Authorization on WebApi Controllers in IdentityServer4?
- Does OpenID Connect support resource sharing
- Manual accesstoken generation using OpenIdConnect Server (ASOS)
- Failing Okta OAuth2 token validation in AspNetCore
- OpenID Connect Standard: Authorized Party azp Contradiction
- Storage of OAuth access tokens in Javascript clients (e.g. Angular)
- Implementing SSO using OpenID Connect and usage of tokens
- Azure AD OpenIDConnect + ASP.NET Core - Authenticate and Extra Permissions/Token?
Related Questions in SERVICE-WORKER
- Encrypting with Crypto Node.js and decrypt with window.crypto in Service-Worker
- Service worker does not load mp3 files
- How to register service workers to a redirected script URL
- HTML5 Push Notifications - examples of other ways to push
- ServiceWorker and Push Notification Payload
- Send Push Notification to everyone with Service Worker
- Polymer auto-register method on platinum-sw-register element
- How can I configure Polymer's platinum-sw-* to NOT cache one URL path?
- Programmatically update service worker if update() is not available
- Service Workers from an iframe for Chrome GCM notifications for web
- Cannot install service worker in Chrome
- Service Worker throws uncaught errors when the server is down
- How to handle fetch events from the very beginning using a Service Worker?
- Server worker being registered twice
- Right place for response parsing in PWA?
Related Questions in BROWSER-BASED
- Is there a django app that provides a file chooser for the files on the server?
- browser based xslt wysiwyg editor
- Options to harden access to anonymous APIs
- Online PHP/HTML/JS/CSS editor
- OIDC and service worker
- browser based IDE's?
- HTML5 and RTSP to develop a browser based web conference app
- Testing tools and guide for non-technical person
- Visual Studio Project Template for a Browser-based Desktop Application
- UFT with Browser based Application
- Real time location tracking - windows program or browser based?
- Free online UML tool
- "Bad request" is shown when try to startup "Kaazing Simple Chat App"
- How to get USB devices List from Browser
- Browser based application with possible future as web application
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The service worker is isolated from the page and you can store a token inside it in a variable or in a closure - this is safe.