ngx-authentication-oidc v0.0.17
Angular OIDC Authentication
ngx-authentication-oidc is a full fledged authentication solution for Angular using OIDC
Features
The following OIDC features are supported:
- Automatic provider discovery using OIDC Discovery
- Login using Authorization Code Flow, Implicit Flow and Hybrid Flow including PKCE
- Automatic token updates using Refresh Tokens or silent login
- Client initiated logout
- Session Management
- Client Authentication using client_secret_post
The following parts are not supported as they are not typically used for a Single-Page-Application client
- Signed or encrypted Authentication Requests using JWTs
- Initiating Login from a Third Party
- Form Post Response
- Dynamic Client Registration
Additionally this library features:
- Automatic logout after an inactivity timeout
- Automatic session detection at startup using silent logins
- Automatic access token injection for well defined domains
- Pre-Configured AuthGuards
The library aims to have a simple yet complete interface for those features consisting of and a comprehensive configuration using meaningful default values.
Among others, this library is tested with Keycloak, Google Identity and Azure AD
Installation
The library can be installed using
npm i angular-oauth2-oidc --save
You then have to add the AuthenticationModule to your own application
import { BrowserModule } from '@angular/platform-browser';
import { AuthenticationModule } from 'ngx-authentication-oidc';
const config = {
//minimal configuration
clientId: 'sample-application',
provider: 'http://localhost:8080/auth/realms/Test-Application',
};
@NgModule({
imports: [
HttpClientModule,
AuthenticationModule.forRoot(config),
// etc...
],
declarations: [
AppComponent,
// etc...
],
bootstrap: [AppComponent],
})
export class AppModule {}
After installation, the library is automatically started and the configured initialization code is executed as soon as the application is started, there is nothing else to do. If you however want to interact with the authentication module in any way, you can inject an instance of AuthService into your angular application.
Note: The library uses the base URI of the application as redirectURI. Do not configure any redirects on the URL '/', otherwise the library will not work properly
Examples
The following examples are provided:
- keycloak-sample: Simple integration using Keycloak
- azure-sample: Simple integration using Azure AD
- google-sample: Simple integration using Google
- TODO: Full Config Example
- TODO: [Self-Issued OpenID Provider (Chapter 7) (https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued)
Documentation
Configuration
TODO: OauthConfig.
Initializer
TODO: Initializer
Login Options
TODO: LoginOptions
AuthService
TODO: AuthService
SessionService
TODO: SessionService
Silent Login
TODO:
Testing
TODO: Testing TODO: Testing TODO: Testing
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests and documentation as appropriate.