UNPKG

angular-simple-oidc

Version:

Angular Library implementing Open Id Connect specification. Code Flow, Refresh Tokens, Session Management, Discovery Document.

github.com/leonardochaia/angular-simple-oidc

leonardochaia/angular-simple-oidc

48 lines (47 loc) 2.91 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
import { DecodedIdentityToken } from '../models'; /** * its iss Claim Value MUST be the same as in the ID Token issued when the original authentication occurred, * its sub Claim Value MUST be the same as in the ID Token issued when the original authentication occurred, * its iat Claim MUST represent the time that the new ID Token is issued, * its aud Claim Value MUST be the same as in the ID Token issued when the original authentication occurred, * if the ID Token contains an auth_time Claim, its value MUST represent the time * of the original authentication - not the time that the new ID token is issued, * its azp Claim Value MUST be the same as in the ID Token issued when the original authentication occurred; * if no azp Claim was present in the original ID Token, one MUST NOT be present in the new ID Token, and * otherwise, the same rules apply as apply when issuing an ID Token at the time of the original authentication. */ export declare class RefreshTokenValidationService { /** * Perform validations according to * 12.2. Successful Refresh Response * https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens */ validateIdToken(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * its iss Claim Value MUST be the same as in the ID Token issued when the original authentication occurred */ validateIssuer(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * its sub Claim Value MUST be the same as in the ID Token issued when the original authentication occurred, */ validateSubject(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * its iat Claim MUST represent the time that the new ID Token is issued, */ validateIssuedAt(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * its aud Claim Value MUST be the same as in the ID Token issued when the original authentication occurred, */ validateAudience(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * if the ID Token contains an auth_time Claim, its value MUST represent * the time of the original authentication - not the time that the new ID token is issued, */ validateAuthTime(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; /** * its azp Claim Value MUST be the same as in the ID Token issued when the original authentication occurred; * if no azp Claim was present in the original ID Token, one MUST NOT be present in the new ID Token, and * otherwise, the same rules apply as apply when issuing an ID Token at the time of the original authentication. */ validateAuthorizedParty(originalIdToken: DecodedIdentityToken, newIdToken: DecodedIdentityToken): void; }