Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

oauth2-oidc-w3id

qhuangq60MIT8.0.3TypeScript support: included

oauth2-oidc-w3id is an OAuth2 and OpenId Connect (OIDC) client for Angular. The library is a Github fork of manfredsteyer/angular-oauth2-oidc.

readme

oauth2-oidc-w3id

oauth2-oidc-w3id is an OAuth2 and OpenId Connect (OIDC) client for Angular. The library is a Github fork of manfredsteyer/angular-oauth2-oidc.

This library extends to support:

  • Emits fetch id token event fetch_token before request to /token endpoint

Installing

npm i oauth2-oidc-w3id --save

Configuring for Code Flow

import { AuthConfig } from 'angular-oauth2-oidc';

export const authConfig: AuthConfig = {
  ...
  responseType: 'code',
  // config support PKCE or not 
  disablePKCE: true
  ...
}

Subscribe fetch token event:

constructor(private oauthService: OAuthService) {
    this.oauthService.configure(authConf);
    this.oauthService.tokenValidationHandler = new JwksValidationHandler();

    this.oauthService.events.pipe(
        map((event: OAuthEvent) => event.type)
    ).subscribe(type => {
        if (type === 'fetch_token') {
            // do something before requet token endpoint
        }
    });
}

More Documentation (!)

See the original project documentation for more information about this library.

changelog

Change Log

Lates features

See Release Notes

New Features in Version 2.1

  • New Config API (the original one is still supported)
  • New convenience methods in OAuthService to streamline default tasks:
    • setupAutomaticSilentRefresh()
    • loadDiscoveryDocumentAndTryLogin()
  • Single Sign out through Session Status Change Notification according to the OpenID Connect Session Management specs. This means, you can be notified when the user logs out using at the login provider.
  • Possibility to define the ValidationHandler, the Config as well as the OAuthStorage via DI
  • Better structured documentation

New Features in Version 2

  • Token Refresh for Implicit Flow by implementing "silent refresh"
  • Validating the signature of the received id_token
  • Providing Events via the observable events.
  • The event token_expires can be used together with a silent refresh to automatically refresh a token when/ before it expires (see also property timeoutFactor).

Breaking Changes in Version 2

  • The property oidc defaults to true.
  • If you are just using oauth2, you have to set oidc to false. Otherwise, the validation of the user profile will fail!
  • By default, sessionStorage is used. To use localStorage call method setStorage
  • Demands using https as OIDC and OAuth2 relay on it. This rule can be relaxed using the property requireHttps, e. g. for local testing.
  • Demands that every url provided by the discovery document starts with the issuer's url. This can be relaxed by using the property strictDiscoveryDocumentValidation.