Twinfinity Authentication makes it possible to authenticate towards Twinfinity.
Twinfinity Session is a high level API to authenticate users towards Twinfinity.
OpenID Connect Client is a lower level API to authenticate towards Twinfinity.
Neither Twinfinity Session nor OpenID Connect Client instances should be stored in such a way that they are easily accessed if possible. An instance of either can be used to make requests towards Twinfinity with the logged in users identity, so some care needs to be taken.
For the typical use case, when using @twinfinity/authentication with @twinfinity/core, the following pattern is suggested.
async function initializeBimApi() {
// Establish a Twinfinity session
const session = await TwinfinitySession({
clientId: '<client-id>', // Client id is given by Twinfinity
openIdProviderUrl: '<idp-url>'
});
// Add a listener that will notify you when the session is terminated. The session should
// typically be automatically refreshed, but it is possible for it to break
session.registerOnSessionTerminatedCallback(async () => {
// Let the user know that the session has been terminated, perhaps through a modal window
const modal = await showSessionTerminatedModal();
// This will re-establish the session by redirecting the browser the same way as {@link establish} does.
modal.button.onClick(async () => await session.reEstablish());
});
// Restore the original url from before the authentication flow began.
session.recoveredApplicationState.restoreOriginalUrl();
// Get the user's id_token
const identityToken = await session.getIdentityToken();
await showUserInfo(identityToken);
// Use the session to create an authenticated BimApi instance
return await BimApi.create('viewer', '<api-url>', {
session
});
}
window.onload(async () => {
const bimApi = await initializeBimApi();
// do stuff...
})