ReactiveX enhanced OIDC and OAuth2 protocol support for browser-based JavaScript applications.

Go to file

lonelyhentxi 1785df25e2 feat: init		2025-01-30 20:02:28 +08:00
.github	build: update deps	2025-01-17 05:04:26 +08:00
.vscode	feat: init and fork some code from angular-auth-oidc-client	2025-01-17 04:24:12 +08:00
src	feat: init	2025-01-30 20:02:28 +08:00
tests	build: update deps	2025-01-17 05:04:26 +08:00
tests-examples	build: update deps	2025-01-17 05:04:26 +08:00
.editorconfig	feat: init and fork some code from angular-auth-oidc-client	2025-01-17 04:24:12 +08:00
.gitignore	build: update deps	2025-01-17 05:04:26 +08:00
biome.jsonc	feat: init	2025-01-30 20:02:28 +08:00
lefthook.yml	feat: init and fork some code from angular-auth-oidc-client	2025-01-17 04:24:12 +08:00
LICENSE	Initial commit	2025-01-16 04:31:02 +08:00
license-banner.txt	feat: init and fork some code from angular-auth-oidc-client	2025-01-17 04:24:12 +08:00
package-lock.json	feat: init	2025-01-30 20:02:28 +08:00
package.json	feat: init	2025-01-30 20:02:28 +08:00
playwright.config.ts	build: update deps	2025-01-17 05:04:26 +08:00
pnpm-lock.yaml	feat: init	2025-01-30 20:02:28 +08:00
README.md	feat: init	2025-01-30 20:02:28 +08:00
rslib.config.ts	feat: init and fork some code from angular-auth-oidc-client	2025-01-17 04:24:12 +08:00
tsconfig.json	feat: init	2025-01-30 20:02:28 +08:00
tsconfig.lib.json	feat: init	2025-01-30 20:02:28 +08:00
tsconfig.spec.json	feat: init	2025-01-30 20:02:28 +08:00

README.md

Angular Lib for OpenID Connect & OAuth2

TODO

Secure your Angular app using the latest standards for OpenID Connect & OAuth2. Provides support for token refresh, all modern OIDC Identity Providers and more.

Acknowledgements

This library is certified by OpenID Foundation. (RP Implicit and Config RP)

Features

Code samples for most of the common use cases
Supports schematics via ng add support
Supports all modern OIDC identity providers
Supports OpenID Connect Code Flow with PKCE
Supports Code Flow PKCE with Refresh tokens
Supports OpenID Connect Implicit Flow
Supports OpenID Connect Session Management 1.0
Supports RFC7009 - OAuth 2.0 Token Revocation
Supports RFC7636 - Proof Key for Code Exchange (PKCE)
Supports OAuth 2.0 Pushed authorisation requests (PAR) draft
Semantic releases
Github actions
Modern coding guidelines with prettier, husky
Up to date documentation
Implements OIDC validation as specified, complete client side validation for REQUIRED features
Supports authentication using redirect or popup

Installation

Ng Add

You can use the schematics and ng add the library.

ng add oidc-client-rx

And answer the questions. A module will be created which encapsulates your configuration.

Npm / Yarn

Navigate to the level of your package.json and type

 npm install oidc-client-rx

or with yarn

 yarn add oidc-client-rx

Documentation

Read the docs here

Samples

Explore the Samples here

Quickstart

For the example of the Code Flow. For further examples please check the Samples Section.

If you have done the installation with the schematics, these modules and files should be available already!

Configuration

Import the AuthModule in your module.

import { NgModule } from '@angular/core';
import { AuthModule, LogLevel } from 'oidc-client-rx';
// ...

@NgModule({
  // ...
  imports: [
    // ...
    AuthModule.forRoot({
      config: {
        authority: '<your authority address here>',
        redirectUrl: window.location.origin,
        postLogoutRedirectUri: window.location.origin,
        clientId: '<your clientId>',
        scope: 'openid profile email offline_access',
        responseType: 'code',
        silentRenew: true,
        useRefreshToken: true,
        logLevel: LogLevel.Debug,
      },
    }),
  ],
  // ...
})
export class AppModule {}

And call the method checkAuth() from your app.component.ts. The method checkAuth() is needed to process the redirect from your Security Token Service and set the correct states. This method must be used to ensure the correct functioning of the library.

import { Component, OnInit, inject } from '@angular/core';
import { OidcSecurityService } from 'oidc-client-rx';

@Component({
  /*...*/
})
export class AppComponent implements OnInit {
  private readonly oidcSecurityService = inject(OidcSecurityService);

  ngOnInit() {
    this.oidcSecurityService
      .checkAuth()
      .subscribe((loginResponse: LoginResponse) => {
        const { isAuthenticated, userData, accessToken, idToken, configId } =
          loginResponse;

        /*...*/
      });
  }

  login() {
    this.oidcSecurityService.authorize();
  }

  logout() {
    this.oidcSecurityService
      .logoff()
      .subscribe((result) => console.log(result));
  }
}

Using the access token

You can get the access token by calling the method getAccessToken() on the OidcSecurityService

const token = this.oidcSecurityService.getAccessToken().subscribe(...);

And then you can use it in the HttpHeaders

import { HttpHeaders } from '@ngify/http';

const token = this.oidcSecurityServices.getAccessToken().subscribe((token) => {
  const httpOptions = {
    headers: new HttpHeaders({
      Authorization: 'Bearer ' + token,
    }),
  };
});

You can use the built in interceptor to add the accesstokens to your request

AuthModule.forRoot({
  config: {
    // ...
    secureRoutes: ['https://my-secure-url.com/', 'https://my-second-secure-url.com/'],
  },
}),

 providers: [
    { provide: HTTP_INTERCEPTORS, useClass: AuthInterceptor, multi: true },
  ],