0.3.1 • Published 9 months ago

pkce-spa v0.3.1

Weekly downloads
-
License
ISC
Repository
github
Last release
9 months ago

pkce-spa

An authentication session manager for OpenID Connect using PKCE.

The session manager will keep the user's session permanently active until they either explicitly logout, or the authentication server denies a refresh attempt.

Features

  • Automatic token refresh
  • Cross-tab session syncronisation
  • Exposes access_token as an event listener
  • Zero dependencies

Install

$ npm install pkce-spa

Usage

import { Session } from "pkce-spa";

const session = new Session({ ...config });

session.onChange((accessToken) => {
  // Start the redirect flow if there isn't an active session
  if (accessToken === null) session.login();
});

React usage

const Token = createContext();

function TokenProvider({ children }) {
  const [token, setToken] = useState(null);
  useEffect(() => session.onChange(setToken), []); // Will clean up effect automatically

  return <Token.Provider value={token}>{children}</Token.Provider>;
}

See examples for more usage examples.

OpenID Connect provider settings

  • Must have authorization_code and refresh_token grant types enabled
  • Must have token endpoint authentication method set to none
  • Must have refresh token rotation turned on
@infinitebrahmanuniverse/nolb-pk@everything-registry/sub-chunk-2442
0.3.1

9 months ago

0.3.0

2 years ago

0.2.0

3 years ago

0.1.1

3 years ago

0.1.0

3 years ago