UNPKG

@axa-fr/oidc-client-service-worker

Version:

OpenID Connect & OAuth authentication service worker

github.com/AxaFrance/oidc-client

AxaFrance/oidc-client

32 lines (27 loc) 1.59 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
// Add bellow trusted domains, access tokens will automatically injected to be send to // trusted domain can also be a path like https://www.myapi.com/users, // then all subroute like https://www.myapi.com/useers/1 will be authorized to send access_token to. // Domains used by OIDC server must be also declared here const trustedDomains = { default: ['https://demo.duendesoftware.com', 'https://kdhttps.auth0.com'], config_classic: ['https://demo.duendesoftware.com'], config_without_silent_login: ['https://demo.duendesoftware.com'], config_without_refresh_token: ['https://demo.duendesoftware.com'], config_without_refresh_token_silent_login: ['https://demo.duendesoftware.com'], config_google: ['https://oauth2.googleapis.com', 'https://openidconnect.googleapis.com'], config_with_hash: ['https://demo.duendesoftware.com'], }; // Service worker will continue to give access token to the JavaScript client // Ideal to hide refresh token from client JavaScript, but to retrieve access_token for some // scenarios which require it. For example, to send it via websocket connection. trustedDomains.config_show_access_token = { domains: ['https://demo.duendesoftware.com'], showAccessToken: true, // convertAllRequestsToCorsExceptNavigate: false, // setAccessTokenToNavigateRequests: true, }; // This example defines domains used by OIDC server separately from domains to which access tokens will be injected. trustedDomains.config_separate_oidc_access_token_domains = { oidcDomains: ['https://demo.duendesoftware.com'], accessTokenDomains: ['https://myapi'], };