OpenID Code Flow with PKCE, Code Flow with refresh tokens, OpenID Connect Implicit Flow
This library is certified by OpenID Foundation. (RP Implicit and Config RP)
- Supports OpenID Connect Code Flow with PKCE
- Supports Code Flow PKCE with Refresh tokens
- Supports Revocation Endpoint
- Support for current best practice
- Implements OIDC validation as specified, complete client side validation for REQUIRED features
- Supports OpenID Connect Implicit Flow
- OpenID Connect Session Management 1.0
- OAuth 2.0 Pushed authorisation requests (PAR) draft
- Samples for most of the common use cases
You can use the schematics and ng add the library.
ng add angular-auth-oidc-client
And answer the questions. A module will be created which encapsulates your configuration.
Navigate to the level of your package.json and type
npm install angular-auth-oidc-clientor with yarn
yarn add angular-auth-oidc-client-
- Code Flow with PKCE Using a configuration from an http source and silent renew
- Code Flow PKCE with Refresh tokens
- Code Flow PKCE Auto login
- Code Flow with PKCE basic with silent renew
- Code flow with popup
- Code flow with pushed authorization request
- Azure B2C Code Flow PKCE with silent renew
- Azure AD Code Flow PKCE with silent renew
- Implicit Flow with silent renew (Not recommended)
- Implicit Flow google (Not recommended)
- Code flow with a lazy loaded module
For the example of the Code Flow. For further examples please check the Samples Section
NOTE If you have done the installation with the schematics, these modules and files should be available already!!!
If the schematics did not do this already: Import the module and services in your module.
import { HttpClientModule } from '@angular/common/http';
import { APP_INITIALIZER, NgModule } from '@angular/core';
import { AuthModule, LogLevel, OidcConfigService } from 'angular-auth-oidc-client';
// ...
export function configureAuth(oidcConfigService: OidcConfigService) {
return () =>
oidcConfigService.withConfig({
stsServer: '<your sts address here>',
redirectUrl: window.location.origin,
postLogoutRedirectUri: window.location.origin,
clientId: 'angularClient',
scope: 'openid profile email',
responseType: 'code',
silentRenew: true,
silentRenewUrl: `${window.location.origin}/silent-renew.html`,
logLevel: LogLevel.Debug,
});
}
@NgModule({
// ...
imports: [
// ...
AuthModule.forRoot(),
],
providers: [
OidcConfigService,
{
provide: APP_INITIALIZER,
useFactory: configureAuth,
deps: [OidcConfigService],
multi: true,
},
],
// ...
})
export class AppModule {}And call the method checkAuth() from your app.component.ts. The method checkAuth() is needed to process the redirect from your sts and set the correct states. This method must be used to ensure the correct functioning of the library.
import { Component, OnDestroy, OnInit } from '@angular/core';
import { OidcClientNotification, OidcSecurityService, PublicConfiguration } from 'angular-auth-oidc-client';
import { Observable } from 'rxjs';
@Component({
/**/
})
export class AppComponent implements OnInit {
constructor(public oidcSecurityService: OidcSecurityService) {}
ngOnInit() {
this.oidcSecurityService.checkAuth().subscribe((auth) => console.log('is authenticated', auth));
}
login() {
this.oidcSecurityService.authorize();
}
logout() {
this.oidcSecurityService.logoff();
}
}You can get the access token by calling the method getToken() on the OidcSecurityService
const token = this.oidcSecurityService.getToken();And then you can use it in the HttpHeaders
import { HttpHeaders } from '@angular/common/http';
const token = this.oidcSecurityServices.getToken();
const httpOptions = {
headers: new HttpHeaders({
Authorization: 'Bearer ' + token,
}),
};MIT
if you need information about version 10 please search here
https://github.com/damienbod/angular-auth-oidc-client/tree/version-10