ngx-authentication-oidc v0.0.17

Angular OIDC Authentication

ngx-authentication-oidc is a full fledged authentication solution for Angular using OIDC

Features

The following OIDC features are supported:

• Automatic provider discovery using OIDC Discovery
• Login using Authorization Code Flow, Implicit Flow and Hybrid Flow including PKCE
• Automatic token updates using Refresh Tokens or silent login
• Client initiated logout
• Session Management
• Client Authentication using client_secret_post

The following parts are not supported as they are not typically used for a Single-Page-Application client

• Signed or encrypted Authentication Requests using JWTs
• Initiating Login from a Third Party
• Form Post Response
• Dynamic Client Registration

• Front- and Back-Channel Logout

Additionally this library features:

• Automatic logout after an inactivity timeout
• Automatic session detection at startup using silent logins
• Automatic access token injection for well defined domains
• Pre-Configured AuthGuards

The library aims to have a simple yet complete interface for those features consisting of and a comprehensive configuration using meaningful default values.

Among others, this library is tested with Keycloak, Google Identity and Azure AD

Installation

The library can be installed using

npm i angular-oauth2-oidc --save

You then have to add the AuthenticationModule to your own application

import { BrowserModule } from '@angular/platform-browser';
import { AuthenticationModule } from 'ngx-authentication-oidc';

const config = {
  //minimal configuration
  clientId: 'sample-application',
  provider: 'http://localhost:8080/auth/realms/Test-Application',
};

@NgModule({
  imports: [
    HttpClientModule,
    AuthenticationModule.forRoot(config),
    // etc...
  ],
  declarations: [
    AppComponent,
    // etc...
  ],
  bootstrap: [AppComponent],
})
export class AppModule {}

After installation, the library is automatically started and the configured initialization code is executed as soon as the application is started, there is nothing else to do. If you however want to interact with the authentication module in any way, you can inject an instance of AuthService into your angular application.

Note: The library uses the base URI of the application as redirectURI. Do not configure any redirects on the URL '/', otherwise the library will not work properly

Examples

The following examples are provided:

• keycloak-sample: Simple integration using Keycloak
• azure-sample: Simple integration using Azure AD
• google-sample: Simple integration using Google
• TODO: Full Config Example
• TODO: [Self-Issued OpenID Provider (Chapter 7) (https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued)

Documentation

Configuration

TODO: OauthConfig.

Initializer

TODO: Initializer

Login Options

TODO: LoginOptions

AuthService

TODO: AuthService

SessionService

TODO: SessionService

Silent Login

TODO:

Testing

TODO: Testing TODO: Testing TODO: Testing

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests and documentation as appropriate.

License

MIT