UNPKG

@tryauth/tryauth-client-ts

Version:

TypeScript library for OAuth2 Authentication

github.com/tryauth/tryauth-client-ts

tryauth/tryauth-client-ts

190 lines (141 loc) 7.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
# tryauth-client-ts [![NPM version][npm-image]][npm-url] ## Index - [Install](#install) - [Implicit Flow](#implicit-flow) - [Authorization Code Flow](#authorization-code-flow) - [Check](#check) [npm-image]: https://img.shields.io/npm/v/@tryauth/tryauth-client-ts.svg?style=flat-square [npm-url]: https://www.npmjs.com/package/@tryauth/tryauth-client-ts ## Install From [npm](https://npmjs.org): ```sh npm install @tryauth/tryauth-client-ts ``` After installing the `tryauth-client-ts` module using [npm](https://npmjs.org), you'll need to import it using: ``` import TryAuth from '@tryauth/tryauth-client-ts'; ``` ## Implicit Flow Provides support for `implicit` authentication flow. ### Initialize The `Authorize` will redirect to the Issuer Endpoint than the user can login. ```js const tryAuth: TryAuth = new TryAuth(); tryAuth.Authorize({ ClientId: '<contact us to get a trial ClientId>', IssuerEndpoint: '<contact us to get a trial Issuer Endpoint>', ResponseType: 'token id_token', // return id_token and access_token in querystring Scopes: 'openid email' // RedirectUri: '' it's not required, window.location it's the default value }); ``` **Parameters** | Option|Type|Description| | :---------------------------- | ----------------- | ---------- | | `ClientId`| string (required) | The Client ID found on your Application settings page. | `IssuerEndpoint`| string (required) | Your TryAuth account domain such as `'example.tryauth.com'` or `'example.tryauth.com'`. | `ResponseType`| string (required) | Response type for all authentication requests. Only supports `token id_token`. | `Scopes`| string (required) | The default scopes used for all authorization requests. | `RedirectUri` | string | The URL where TryAuth will call back to with the result of a successful or failed authentication. ## Check Allows to acquire a new token and/or access token for a user who has already authenticated against TryAuth for your domain. If the user is not authenticated, you will receive an error. ```js const tryAuth: TryAuth = new TryAuth(); const tryAuthAuthorizationResponse = await tryAuth.CheckAuthorize(); console.log('AccessToken=' + tryAuthAuthorizationResponse.AccessToken); console.log('IdToken=' + tryAuthAuthorizationResponse.IdToken); console.log('ExpiresAt=' + tryAuthAuthorizationResponse.ExpiresAt); console.log('Email=' + tryAuthAuthorizationResponse.Email); console.log('Error=' + tryAuthAuthorizationResponse.Error); ``` ## Authorization Code Flow Provides support for `authorization_code` authentication flow with PKCE (Proof Key for Code Exchange). ### Initialize The `GetAuthorizationCode` function will redirect to the Issuer Endpoint than the user can login. After login the response callback URL will store the `code` in the browser's local storage. ```js const tryAuth: TryAuth = new TryAuth(); tryAuth.GetAuthorizationCode({ ClientId: '<contact us to get a trial ClientId>', IssuerEndpoint: '<contact us to get a trial Issuer Endpoint>', ResponseType: 'code', Scopes: 'openid email profile offline_access', // RedirectUri: '' it's not required, window.location it's the default value }); ``` **Parameters** | Option|Type|Description| | :---------------------------- | ----------------- | ---------- | | `ClientId`| string (required) | The Client ID found on your Application settings page. | `IssuerEndpoint`| string (required) | Your TryAuth account domain such as `'example.tryauth.com'` or `'example.tryauth.com'`. | `ResponseType`| string (required) | Response type for all authentication requests. Only supports `code`. | `Scopes`| string (required) | The default scopes used for all authorization requests. Enable refresh token adding `offline_access` scope. | `RedirectUri` | string | The URL where TryAuth will call back to with the result of a successful or failed authentication. ### Get Access Token, Id Token and optional Refresh Token code After you login and the `code` already is stored in the browser's local storage you can get the `access_token`, `id_token`, `refresh_token` (optional, dependes on the `offline_access` scope) using the `GetSilentAuthorizationCodeToken` function. > The `code` only can be used one time. ```js const tryAuth: TryAuth = new TryAuth(); const tryAuthAuthorizationCodeTokenResponse = tryAuth.GetSilentAuthorizationCodeToken({ ClientId: '<contact us to get a trial ClientId>', ClientSecret: '<contact us to get a trial ClientSecret>', IssuerEndpoint: '<contact us to get a trial Issuer Endpoint>', ResponseType: 'code' }); ``` **Parameters** | Option|Type|Description| | :---------------------------- | ----------------- | ---------- | | `ClientId`| string (required) | The Client ID found on your Application settings page. | `ClientSecret`| string (required) | The Client Secret found on your Application settings page. | `IssuerEndpoint`| string (required) | Your TryAuth account domain such as `'example.tryauth.com'` or `'example.tryauth.com'`. | `ResponseType`| string (required) | Response type for all authentication requests. Only supports `code`. **Return** The `tryAuthAuthorizationCodeTokenResponse` object contains some properties like: | Property| | :---------------------------- | |AccessToken| |IdToken| |RefreshToken| |TokenType| |Error| ### Renew the Access Token using Refresh Token If you choose to receive the Refresh Token using the `offline_access` scope, you can renew your Access Token using the `GetAuthorizationCodeRefreshToken` function. ```js const tryAuth: TryAuth = new TryAuth(); const tryAuthAuthorizationCodeTokenResponse = tryAuth.GetAuthorizationCodeRefreshToken({ ClientId: '<contact us to get a trial ClientId>', ClientSecret: '<contact us to get a trial ClientSecret>', IssuerEndpoint: '<contact us to get a trial Issuer Endpoint>', RefreshToken: '<the refresh token code you receive in the function above>' }); ``` **Parameters** | Option|Type|Description| | :---------------------------- | ----------------- | ---------- | | `ClientId`| string (required) | The Client ID found on your Application settings page. | `ClientSecret`| string (required) | The Client Secret found on your Application settings page. | `IssuerEndpoint`| string (required) | Your TryAuth account domain such as `'example.tryauth.com'` or `'example.tryauth.com'`. | `RefreshToken`| string (required) | The refresh token code you receive in the function above. **Return** The `tryAuthAuthorizationCodeTokenResponse` object is the same of `GetSilentAuthorizationCodeToken` function above. ### Logout For logout use the `LogoutEndSessionAuthorizationCode` function. ```js const tryAuth: TryAuth = new TryAuth(); tryAuth.LogoutEndSessionAuthorizationCode({ ResponseType: 'code', IssuerEndpoint: '<contact us to get a trial Issuer Endpoint>', RedirectUri: '<after logout the url return>', IdToken: '<id_token>', State: 'the state in url' }); ``` **Parameters** | Option|Type|Description| | :---------------------------- | ----------------- | ---------- | | `ResponseType`| string (required) | `code` | `IssuerEndpoint`| string (required) | Your TryAuth account domain such as `'example.tryauth.com'` or `'example.tryauth.com'`. | `RedirectUri`| string (required) | After logout TryAuth will redirect to this URL. | `IdToken`| string (required) | The `id_token` you receive when you get the token. | `State`| string (required) | After log in the state will be in the URL.