UNPKG

angular-auth-oidc-client

Version:

Angular Lib for OpenID Connect & OAuth2

github.com/damienbod/angular-auth-oidc-client

damienbod/angular-auth-oidc-client

292 lines (291 loc) 13.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
import { Observable } from 'rxjs'; import { AuthOptions, LogoutAuthOptions } from './auth-options'; import { AuthenticatedResult } from './auth-state/auth-result'; import { AuthWellKnownEndpoints } from './config/auth-well-known/auth-well-known-endpoints'; import { OpenIdConfiguration } from './config/openid-configuration'; import { AuthResult } from './flows/callback-context'; import { LoginResponse } from './login/login-response'; import { PopupOptions } from './login/popup/popup-options'; import { UserDataResult } from './user-data/userdata-result'; import * as i0 from "@angular/core"; export declare class OidcSecurityService { private readonly checkSessionService; private readonly checkAuthService; private readonly userService; private readonly tokenHelperService; private readonly configurationService; private readonly authStateService; private readonly flowsDataService; private readonly callbackService; private readonly logoffRevocationService; private readonly loginService; private readonly refreshSessionService; private readonly urlService; private readonly authWellKnownService; /** * Provides information about the user after they have logged in. * * @returns Returns an object containing either the user data directly (single config) or * the user data per config in case you are running with multiple configs */ get userData$(): Observable<UserDataResult>; /** * Provides information about the user after they have logged in. * * @returns Returns an object containing either the user data directly (single config) or * the user data per config in case you are running with multiple configs */ userData: import("@angular/core").Signal<UserDataResult>; /** * Emits each time an authorization event occurs. * * @returns Returns an object containing if you are authenticated or not. * Single Config: true if config is authenticated, false if not. * Multiple Configs: true is all configs are authenticated, false if only one of them is not * * The `allConfigsAuthenticated` property contains the auth information _per config_. */ get isAuthenticated$(): Observable<AuthenticatedResult>; /** * Emits each time an authorization event occurs. * * @returns Returns an object containing if you are authenticated or not. * Single Config: true if config is authenticated, false if not. * Multiple Configs: true is all configs are authenticated, false if only one of them is not * * The `allConfigsAuthenticated` property contains the auth information _per config_. */ authenticated: import("@angular/core").Signal<AuthenticatedResult>; /** * Emits each time the server sends a CheckSession event and the value changed. This property will always return * true. */ get checkSessionChanged$(): Observable<boolean>; /** * Emits on a Security Token Service callback. The observable will never contain a value. */ get stsCallback$(): Observable<void>; preloadAuthWellKnownDocument(configId?: string): Observable<AuthWellKnownEndpoints>; /** * Returns the currently active OpenID configurations. * * @returns an array of OpenIdConfigurations. */ getConfigurations(): OpenIdConfiguration[]; /** * Returns a single active OpenIdConfiguration. * * @param configId The configId to identify the config. If not passed, the first one is being returned */ getConfiguration(configId?: string): Observable<OpenIdConfiguration | null>; /** * Returns the userData for a configuration * * @param configId The configId to identify the config. If not passed, the first one is being used */ getUserData(configId?: string): Observable<any>; /** * Starts the complete setup flow for one configuration. Calling will start the entire authentication flow, and the returned observable * will denote whether the user was successfully authenticated including the user data, the access token, the configId and * an error message in case an error happened * * @param url The URL to perform the authorization on the behalf of. * @param configId The configId to perform the authorization on the behalf of. If not passed, the first configs will be taken * * @returns An object `LoginResponse` containing all information about the login */ checkAuth(url?: string, configId?: string): Observable<LoginResponse>; /** * Starts the complete setup flow for multiple configurations. * Calling will start the entire authentication flow, and the returned observable * will denote whether the user was successfully authenticated including the user data, the access token, the configId and * an error message in case an error happened in an array for each config which was provided * * @param url The URL to perform the authorization on the behalf of. * * @returns An array of `LoginResponse` objects containing all information about the logins */ checkAuthMultiple(url?: string): Observable<LoginResponse[]>; /** * Provides information about the current authenticated state * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns A boolean whether the config is authenticated or not. */ isAuthenticated(configId?: string): Observable<boolean>; /** * Checks the server for an authenticated session using the iframe silent renew if not locally authenticated. */ checkAuthIncludingServer(configId?: string): Observable<LoginResponse>; /** * Returns the access token for the login scenario. * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns A string with the access token. */ getAccessToken(configId?: string): Observable<string>; /** * Returns the ID token for the sign-in. * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns A string with the id token. */ getIdToken(configId?: string): Observable<string>; /** * Returns the refresh token, if present, for the sign-in. * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns A string with the refresh token. */ getRefreshToken(configId?: string): Observable<string>; /** * Returns the authentication result, if present, for the sign-in. * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns A object with the authentication result */ getAuthenticationResult(configId?: string): Observable<AuthResult | null>; /** * Returns the payload from the ID token. * * @param encode Set to true if the payload is base64 encoded * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns The payload from the id token. */ getPayloadFromIdToken(encode?: boolean, configId?: string): Observable<any>; /** * Returns the payload from the access token. * * @param encode Set to true if the payload is base64 encoded * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns The payload from the access token. */ getPayloadFromAccessToken(encode?: boolean, configId?: string): Observable<any>; /** * Sets a custom state for the authorize request. * * @param state The state to set. * @param configId The configId to check the information for. If not passed, the first configs will be taken */ setState(state: string, configId?: string): Observable<boolean>; /** * Gets the state value used for the authorize request. * * @param configId The configId to check the information for. If not passed, the first configs will be taken * * @returns The state value used for the authorize request. */ getState(configId?: string): Observable<string>; /** * Redirects the user to the Security Token Service to begin the authentication process. * * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * @param authOptions The custom options for the the authentication request. */ authorize(configId?: string, authOptions?: AuthOptions): void; /** * Opens the Security Token Service in a new window to begin the authentication process. * * @param authOptions The custom options for the authentication request. * @param popupOptions The configuration for the popup window. * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns An `Observable<LoginResponse>` containing all information about the login */ authorizeWithPopUp(authOptions?: AuthOptions, popupOptions?: PopupOptions, configId?: string): Observable<LoginResponse>; /** * Manually refreshes the session. * * @param customParams Custom parameters to pass to the refresh request. * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns An `Observable<LoginResponse>` containing all information about the login */ forceRefreshSession(customParams?: { [key: string]: string | number | boolean; }, configId?: string): Observable<LoginResponse>; /** * Revokes the refresh token (if present) and the access token on the server and then performs the logoff operation. * The refresh token and and the access token are revoked on the server. If the refresh token does not exist * only the access token is revoked. Then the logout run. * * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * @param logoutAuthOptions The custom options for the request. * * @returns An observable when the action is finished */ logoffAndRevokeTokens(configId?: string, logoutAuthOptions?: LogoutAuthOptions): Observable<any>; /** * Logs out on the server and the local client. If the server state has changed, confirmed via check session, * then only a local logout is performed. * * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * @param logoutAuthOptions with custom parameters and/or an custom url handler */ logoff(configId?: string, logoutAuthOptions?: LogoutAuthOptions): Observable<unknown>; /** * Logs the user out of the application without logging them out of the server. * Use this method if you have _one_ config enabled. * * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken */ logoffLocal(configId?: string): void; /** * Logs the user out of the application for all configs without logging them out of the server. * Use this method if you have _multiple_ configs enabled. */ logoffLocalMultiple(): void; /** * Revokes an access token on the Security Token Service. This is only required in the code flow with refresh tokens. If no token is * provided, then the token from the storage is revoked. You can pass any token to revoke. * https://tools.ietf.org/html/rfc7009 * * @param accessToken The access token to revoke. * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns An observable when the action is finished */ revokeAccessToken(accessToken?: any, configId?: string): Observable<any>; /** * Revokes a refresh token on the Security Token Service. This is only required in the code flow with refresh tokens. If no token is * provided, then the token from the storage is revoked. You can pass any token to revoke. * https://tools.ietf.org/html/rfc7009 * * @param refreshToken The access token to revoke. * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns An observable when the action is finished */ revokeRefreshToken(refreshToken?: any, configId?: string): Observable<any>; /** * Creates the end session URL which can be used to implement an alternate server logout. * * @param customParams * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns A string with the end session url or null */ getEndSessionUrl(customParams?: { [p: string]: string | number | boolean; }, configId?: string): Observable<string | null>; /** * Creates the authorize URL based on your flow * * @param customParams * @param configId The configId to perform the action in behalf of. If not passed, the first configs will be taken * * @returns A string with the authorize URL or null */ getAuthorizeUrl(customParams?: { [p: string]: string | number | boolean; }, configId?: string): Observable<string | null>; static ɵfac: i0.ɵɵFactoryDeclaration<OidcSecurityService, never>; static ɵprov: i0.ɵɵInjectableDeclaration<OidcSecurityService>; }