angular-oidc-lib v1.0.3

OIDC Angular SDK

A library for application built on angular 2 and above. Is used to integrate with identity server for authentication and authorization.

Features:

• anuglar library
• unit tests for the library
• a demo application that consumes the library in JIT mode and runs in watch mode
• an integration app that consumes the library in JIT and AOT mode and runs e2e tests

Common tasks are present as npm scripts:

• npm start to run a live-reload server with the demo app
• npm run test to test in watch mode, or npm run test:once to only run once
• npm run build to build the library
• npm run lint to lint
• npm run clean to clean
• npm run integration to run the integration e2e tests
• npm install ./relative/path/to/lib after npm run build to test locally in another app

If you need to debug the integration app, please check ./integration/README.md. Before running integration test, need to make sure CIDP server is running and contains client oidc settings (clientId, scope, etc).

What's in the OIDC Angular SDK?

The OIDC Angular SDK contains a similar structure to the Quickstart lib.

Consequently, there are many different files in the project. Focus on the following TypeScript (.ts) files in the /src folder.

src/
├── demo/
|  └── app/
|     ├── app.component.ts
|     └── app.module.ts
└── lib/
   ├── index.ts
   └── src/
      ├── component/
      |  └── lib.component.ts
      |  └── lib.service.ts
      |  └── module.ts

Files outside src/ concern building, deploying, and testing app. They include configuration files and external dependencies.

Files inside src/lib/ "belong" to library, while src/demo/ contains a demo application that loads your library.

Libraries do not run by themselves, so it's very useful to have this "demo" app while developing to see how your library would look like to consumers.

When you run npm start, the demo application is served.

The build step

You can build the library by running npm run build. This will generate a dist/ directory with all the entry points described above.

All the logic for creating the build can be found in ./build.js. It consists of roughly 5 steps:

• Compile with the AOT Compiler (AOT compiler or ngc) for ES5 and ES2015.
• Inline html and css inside the generated JavaScript files.
• Copy typings, metatada, html and css.
• Create each bundle using Rollup.
• Copy LICENSE, package.json and README.md files

Testing

The OIDC Angular SDK includes a directory called integration containing a standalone app that consumes your built library in both AOT and JIT modes, with end-to-end tests to verify it works.

To run the integration tests, do npm run integration:jit and npm run integration:aot which does the following:

• Build your library.
• Enter the integration app's directory.
• Install dependencies.
• Build the app in AOT mode.
• Test the app in AOT mode.
• Test the app in JIT mode.

Running integration tests gives you greater confidence that your library is properly built.

In addition to integration tests, you can also run unit tests in watch mode via npm run test, or single-run via npm run test:once.

Appendix: Supporting AOT

AOT plays an important role in optimizing Angular applications. It's therefore important that third party libraries be published in a format compatible with AOT compilation. Otherwise it will not be possible to include the library in an AOT compiled application.

Appendix: Supporting JIT

AOT compiled code is the preferred format for production builds, but due to the long compilation time it may not be practical to use AOT during development.

Using in the angular application

Import the module and services in your module. Set the ClientOidcSettings properties to match the server configuration. Also configure logging. Available log levels:

• NONE
• ERROR
• WARN
• INFO

• DEBUG

import { NgModule } from '@angular/core';

import { OidcModule, ClientOidcSettings, OidcService, Log } from 'angular-oidc-lib';

@NgModule({
    imports: [
        ...
        OidcModule
    ],
    ...
})

export class AppModule {
  constructor(private oidcService: OidcService) {
    Log.level = Log.DEBUG;
    let oidcSettings = new ClientOidcSettings(
      'http://localhost:5200', // authority url
      'spa_client', // client id
      'id_token token', // response type
      'openid profile', // scope
      'profile', //post login redirect  route name
      'home' // post logout redirect route name,
      'unauthorized' // route name in case of any CIDP error. Error message is attached to errMsg query string. The route should be       registerd as unauthorized/:errMsg
    );
    oidcService.Init(oidcSettings);
  }

Create the login, logout component and use the oidcService

  import { Subscription } from 'rxjs/Subscription';
  import { OidcService, OidcUser,ClientOidcSettings } from 'angular-oidc-lib';
  subscription: Subscription;
  user:OidcUser;
  constructor(public oidcService: OidcService) {    }

  ngOnInit() {
        ngOnInit() {
        this.user = this.oidcService.user;
        this.subscription = this.oidcService.onUserDataLoaded.subscribe((user: OidcUser) => {
          this.user = user;
        });
      }
  }

  signIn() {
    this.oidcService.signin();
  }

  signOut() {
    this.oidcService.signout();
  }

In the http services, add the token to the header using the oidcService.user. OidcService.user provides details about identity and access tokens.

private setHeaders() {
        this.headers = new Headers();
        this.headers.append('Content-Type', 'application/json');
        this.headers.append('Accept', 'application/json');

        let token = this.oidcService.user.accessToken;
        if (token !== '') {
            let tokenValue = 'Bearer ' + token;
            this.headers.append('Authorization', tokenValue);
        }
    }