Basic example of how the angular-oauth2-oidc library works together with an AuthGuard
This repository shows a basic Angular CLI application with thelibrary and Angular AuthGuards.
Browser vendors are implementing increasingly strict rules around cookies. This is increasingly problematic for SPA's with their Identity Server on a third-party domain. Most notably problems occur if the "silent refresh via an iframe" technique is used.
This repository uses that technique currently, starting with a
noprompt, hoping cookies get sent along to so the IDS can see if a user is logged in.
localhost, which talks to
demo.identityserver.io(another domain!), and use it in Safari: you will notice that the silent refresh technique already fails!
For further thoughts, see issue #40.
⚠ To see the Implicit Flow refer to thebranch (which might be getting outdated, since Code Flow is now the recommended flow).
localStoragefor storing tokens (use at your own risk!)
Most interesting features can be found in the core module.
This repository has been scaffolded with the Angular 5 CLI, then later upgraded to newer versions of the Angular CLI. To use the repository:
npm installto get the dependencies
ng serve --opento get it running on http://localhost:4200
This connects to the demo IdentityServer4 instance also used in the library's examples. The credentials and ways of logging in are disclosed on the login page itself (as it's only a demo server).
You could also connect to your own IdentityServer by changing
auth-config.ts. Note that your server must whitelist both
http://localhost:4200/silent-refresh.htmlfor this to work.
This repository demonstrates features using https://demo.identityserver.io (IdentityServer4). There are various other server side solutions available, each with their own intricacies. This codebase does not keep track itself of the specifics for each other server side solution. Instead, we recommend you look for specific guidance for other solutions elsewhere. Here are some potential starting points you could consider:
Feel free to open an issue and PR if you want to add additional pieces of guidance to this section.
The application is supposed to look somewhat like this: