ng2-oauth2
This package provides a Oauth2 and OpenId Connect implicit flow module for Angular2.
This is a work in progress !!
It has been largely ispired from :
- oauth-ng
- angular2-oauth2
- ng2-translate for packaging
Usage example
Into main.ts:
;...;
Into your main application component:
; { thisoauth2service; }
Into your authentication component (I use it in my navbar):
;; ... @ implements OnInit OnDestroy public profile = {}; public loggedin = false; // Injects the service into the component {} { // Suscribe to interesting events Oauth2ServiceAuthorized; Oauth2ServiceLoggedOut; Oauth2ServiceProfile; // At load, tries to login (If contains fragments with "access_token") thisoAuthService; } { Oauth2ServiceLoggedIn; Oauth2ServiceProfile; Oauth2ServiceAuthorized; } { thisoAuthService; } { thisoAuthService; }
Initialization parameters
Param | type | default | Usage |
---|---|---|---|
site | string | undefined |
Oauth / OpenId Connect site |
redirectUri | string | undefined |
Uri for redirection after login |
authorizePath | string | '/oauth/authorize' | authorize endpoint |
tokenPath | string | '/oauth/token' | token endpoint |
destroyTokenPath | string | undefined |
token destruction endpoint (called with header 'Authorization: Bearer %access_token%') |
responseType | string | 'token' | oauth response type ('token id_token' for OpenId Connect) |
storage | Storage | sessionStorage |
Storage for token, OIDC configuration. Can be sessionStorage or localStorage |
profileUri | string | undefined |
endpoint to get user Profile in JSON format |
generateState | boolean | false | generate or not a state param for request |
useNonce | boolean | false | generate or not a nonce param for request (mandatory for OpenId Connect) |
issuer | string | undefined |
Server where to get OpenIdConnect configuration |
wellKnown | bool | false | use OpenId Connect .well-known/configuration endpoint to get informations about the server |
logOutPath | string | undefined |
If set, user will be redirected to this url to logout the Oauth server |
state | string | undefined |
set the state to this value in the oauth request |
nonce | string | undefined |
set the nonce to this value in the oauth request |
Observable events
Events are triggered through static objects of service.
For instance:
// Emit eventOauth2ServiceProfile; // Subscribe to eventOauth2ServiceProfile
Event | Observed object | Description |
---|---|---|
Login | {} |
Triggered when user calls the "login()" function |
Logout | {} |
Triggered when user calls the "logout()" function |
LoggedIn | {token: tokenObject} |
Triggered when user successfully logs in |
Authorized | {token: tokenObject} |
Triggered when user is authenticated (from session or hash parameters) |
LoginError | {} |
Triggered when user login fails |
LoggedOut | {} |
Triggered when user is not authenticated (no hash parameters, no session data) |
TokenExpired | {} |
Triggered when the user token is expired |
TokenDestroyed | {} |
Triggered when the user token is destroyed |
TokenDestroyError | {error: errorName, error_description: errorDescriptionString } |
Triggered when the user token destruction fails |
Profile | {profile: profileObject} |
Triggered when the user profile is set from the profileUri |
ProfileError | {error: errorName, error_description: errorDescriptionString } |
Triggered when the user profile fails |
OIDCConfig | {config: configObject} |
Triggered when the OIDC config is set from the server |
OIDCKeys | {config: configObject} |
Triggered when the OIDC keys are set from the server |
OIDCConfigError | {error: errorName, error_description: errorDescriptionString } |
Triggered when the OIDC config fails |
OIDCKeysError | {error: errorName, error_description: errorDescriptionString } |
Triggered when the OIDC keys fails |