[BUG] Silent renew does not work when mobile app is in background

[Badisi]

Is there an existing issue for this?

• I have searched the existing issues

Library version

latest

Description

Originally asked by @ms-emp

Does silent renew run when the app is in the background?

[Badisi]

No, silent renew is not running while the app is in background.

This is an OS limitation, especially on iOS where setTimeout and setInterval (which are used for silent renew) are paused.
You can find more detailed explanation here: https://capacitorjs.com/docs/v2/apis/background-task#background-task-guidelines

[Badisi]

From @ms-emp,

Thanks for your response,

So do you have any idea how I can implement to retrieve the user's session when the user reopens the app without redirecting to login? it looks like retrieveUserSession is only being used on desktop (see here)

Thanks again for your help

[Badisi]

RetrieveUserSession is only used on desktop as it triggers a silent renew with iframe.
On mobile the silent renew is made with refresh token.

But anyway, the piece of code you are referring to is only executed during the app launch.
I used to have a listener (there) that was listening for access token expiration to do just what you asked (ie. if access token expires during background, then when the app is brought back to foreground, an expired event was triggered and I would try a renew if the refresh token was still valid).

But I remember removing this piece of code because it should now be handled by the oidc-client-ts library that I'm using.

I might need to make some tests to investigate it

[ms-emp]

@Badisi Thanks for opening this issue.

I think a good feature would be to add an option to use Biometric authentication when the app is brought back to the foreground before we do a silent renew, and if it fails, then redirect back to login, like Ionic is doing with Auth Connect and Identity Vault. see here

[Badisi]

After investigation, everything seems to work as expected.

Scenario tested:

1. App is in foreground -> user logs in
2. App is put into background
3. Access token expires while in background
4. App is brought back to foreground after a while
5. A silent renew is automatically triggered
   a. session is still active => new tokens are delivered
   b. session is closed => user is logged out

---

@ms-emp, were you facing a particular issue here?

[ms-emp]

@Badisi

You are right, it works as expected with no issues.

Thanks

[Badisi]

@ms-emp, thanks for testing that out 😉

In case of 5.b there were an issue though, where the user was in fact logged out, but not kicked off the app if login_required was true (cf #38). This has been fixed and will be released in the next releases.

Regarding the Biometric authentication, this is also something I had in mind and will be investigating later on. I created a discussion for that here : #39

[Badisi]

Closed as non reproducible