UNPKG

angular-simple-oidc

Version:

Angular Library implementing Open Id Connect specification. Code Flow, Refresh Tokens, Session Management, Discovery Document.

github.com/leonardochaia/angular-simple-oidc

leonardochaia/angular-simple-oidc

117 lines (116 loc) 3.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
export interface DecodedIdentityToken { iss: string; azp?: string; aud: string | string[]; exp: number; nbf: number; nonce: string; iat: number; at_hash: string; sid: string; sub: string; auth_time: number; idp: string; amr: string | string[]; [claimType: string]: string | number | string[]; } export interface IdentityTokenHeader { alg: string; kid: string; } export interface TokenRequestResult { accessToken?: string; accessTokenExpiresIn?: number; accessTokenExpiresAt?: number; idToken?: string; decodedIdToken?: DecodedIdentityToken; error?: string; refreshToken?: string; } export declare enum TokenStorageKeys { Nonce = "simple.oidc.nonce", State = "simple.oidc.state", CodeVerifier = "simple.oidc.code-verifier", AuthorizationCode = "simple.oidc.authorization-code", SessionState = "simple.oidc.session-state", OriginalIdentityToken = "simple.oidc.original-identity-token", IdentityToken = "simple.oidc.identity-token", IdentityTokenDecoded = "simple.oidc.identity-token-decoded", AccessToken = "simple.oidc.access-token", RefreshToken = "simple.oidc.refresh-token", AccessTokenExpiration = "simple.oidc.access-token-expiration", PreRedirectUrl = "simple.oidc.pre-redirect-url" } export interface LocalState { nonce: string; state: string; codeVerifier: string; authorizationCode: string; identityToken: string; originalIdentityToken: string; decodedIdentityToken: DecodedIdentityToken; accessToken: string; accessTokenExpiration: number; refreshToken: string; preRedirectUrl: string; sessionState?: string; } export interface TokenValidationConfig { /** * Disable token IAT validation. * Helps prevents timezone errors */ disableIdTokenIATValidation?: boolean; /** * Offset allowed if IAT is enabled * in seconds */ idTokenIATOffsetAllowed?: number; } export interface DiscoveryDocument { issuer: string; jwks_uri: string; authorization_endpoint: string; token_endpoint: string; userinfo_endpoint: string; end_session_endpoint: string; check_session_iframe: string; revocation_endpoint: string; introspection_endpoint: string; frontchannel_logout_supported: boolean; frontchannel_logout_session_supported: boolean; scopes_supported: string[]; claims_supported: string[]; response_types_supported: string[]; response_modes_supported: string[]; grant_types_supported: string[]; subject_types_supported: string[]; id_token_signing_alg_values_supported: string[]; code_challenge_methods_supported: string[]; token_endpoint_auth_methods_supported: string[]; [key: string]: string | string[] | boolean; } export interface JWTKey { kty: string; use: string; kid: string; x5t?: string; e: string; n: string; x5c?: string[]; } export interface JWTKeys { keys: JWTKey[]; } export interface CreateAuthorizeUrlParams { clientId: string; scope: string; redirectUri: string; prompt?: string; loginHint?: string; uiLocales?: string; acrValues?: string; responseType: 'code' | 'token' | 'id_token token'; idTokenHint?: string; display?: string; }