angular-oauth2-oidc

  • Version 17.0.2
  • Published
  • 957 kB
  • 1 dependency
  • MIT license

Install

npm i angular-oauth2-oidc
yarn add angular-oauth2-oidc
pnpm add angular-oauth2-oidc

Overview

Support for OAuth 2 and OpenId Connect (OIDC) in Angular. Already prepared for the upcoming OAuth 2.1.

Index

Variables

Functions

Classes

Interfaces

Type Aliases

Variables

variable AUTH_CONFIG

const AUTH_CONFIG: InjectionToken<AuthConfig>;

    Functions

    function provideOAuthClient

    provideOAuthClient: (
    config?: OAuthModuleConfig,
    validationHandlerClass?: typeof NullValidationHandler
    ) => EnvironmentProviders;

      Classes

      class AbstractValidationHandler

      abstract class AbstractValidationHandler implements ValidationHandler {}
      • This abstract implementation of ValidationHandler already implements the method validateAtHash. However, to make use of it, you have to override the method calcHash.

      method calcHash

      protected abstract calcHash: (
      valueToHash: string,
      algorithm: string
      ) => Promise<string>;
      • Calculates the hash for the passed value by using the passed hash algorithm.

        Parameter valueToHash

        Parameter algorithm

      method inferHashAlgorithm

      protected inferHashAlgorithm: (jwtHeader: object) => string;
      • Infers the name of the hash algorithm to use from the alg field of an id_token.

        Parameter jwtHeader

        the id_token's parsed header

      method validateAtHash

      validateAtHash: (params: ValidationParams) => Promise<boolean>;
      • Validates the at_hash in an id_token against the received access_token.

      method validateSignature

      abstract validateSignature: (validationParams: ValidationParams) => Promise<any>;
      • Validates the signature of an id_token.

      class AuthConfig

      class AuthConfig {}

        constructor

        constructor(json?: Partial<AuthConfig>);

          property checkOrigin

          checkOrigin?: boolean;
          • Blocks other origins requesting a silent refresh

          property clearHashAfterLogin

          clearHashAfterLogin?: boolean;
          • Defines whether to clear the hash fragment after logging in.

          property clientId

          clientId?: string;
          • The client's id as registered with the auth server

          property clockSkewInSec

          clockSkewInSec?: number;
          • The window of time (in seconds) to allow the current time to deviate when validating id_token's iat and exp values.

          property customQueryParams

          customQueryParams?: {};
          • Map with additional query parameter that are appended to the request when initializing implicit flow.

          property customTokenParameters

          customTokenParameters?: string[];
          • Names of known parameters sent out in the TokenResponse. https://tools.ietf.org/html/rfc6749#section-5.1

          property decreaseExpirationBySec

          decreaseExpirationBySec?: number;
          • Decreases the Expiration time of tokens by this number of seconds

          property disableAtHashCheck

          disableAtHashCheck?: boolean;
          • This property has been introduced to disable at_hash checks and is indented for Identity Provider that does not deliver an at_hash EVEN THOUGH its recommended by the OIDC specs. Of course, when disabling these checks then we are bypassing a security check which means we are more vulnerable.

          property disableIdTokenTimer

          disableIdTokenTimer?: boolean;
          • Allows to disable the timer for the id_token used for token refresh

          property disablePKCE

          disablePKCE?: boolean;
          • Code Flow is by defauld used together with PKCI which is also higly recommented. You can disbale it here by setting this flag to true. https://tools.ietf.org/html/rfc7636#section-1.1

          property dummyClientSecret

          dummyClientSecret?: string;
          • Some auth servers don't allow using password flow w/o a client secret while the standards do not demand for it. In this case, you can set a password here. As this password is exposed to the public it does not bring additional security and is therefore as good as using no password.

          property fallbackAccessTokenExpirationTimeInSec

          fallbackAccessTokenExpirationTimeInSec?: number;
          • According to rfc6749 it is recommended (but not required) that the auth server exposes the access_token's life time in seconds. This is a fallback value for the case this value is not exposed.

          property issuer

          issuer?: string;
          • The issuer's uri.

          property jwks

          jwks?: {};
          • JSON Web Key Set (https://tools.ietf.org/html/rfc7517) with keys used to validate received id_tokens. This is taken out of the disovery document. Can be set manually too.

          property loginUrl

          loginUrl?: string;
          • The auth server's endpoint that allows to log the user in when using implicit flow.

          property logoutUrl

          logoutUrl?: string;
          • The logout url.

          property nonceStateSeparator

          nonceStateSeparator?: string;
          • final state sent to issuer is built as follows: state = nonce + nonceStateSeparator + additional state Default separator is ';' (encoded %3B). In rare cases, this character might be forbidden or inconvenient to use by the issuer so it can be customized.

          property oidc

          oidc?: boolean;
          • Defines whether to use OpenId Connect during implicit flow.

          property openUri

          openUri?: (uri: string) => void;
          • This property allows you to override the method that is used to open the login url, allowing a way for implementations to specify their own method of routing to new urls.

          property options

          options?: any;

            property postLogoutRedirectUri

            postLogoutRedirectUri?: string;
            • An optional second redirectUri where the auth server redirects the user to after logging out.

            property preserveRequestedRoute

            preserveRequestedRoute?: boolean;
            • Set this to true to preserve the requested route including query parameters after code flow login. This setting enables deep linking for the code flow.

            property redirectUri

            redirectUri?: string;
            • The client's redirectUri as registered with the auth server

            property redirectUriAsPostLogoutRedirectUriFallback

            redirectUriAsPostLogoutRedirectUriFallback?: boolean;
            • Defines whether to use 'redirectUri' as a replacement of 'postLogoutRedirectUri' if the latter is not set.

            property requestAccessToken

            requestAccessToken?: boolean;
            • Defines whether to request an access token during implicit flow.

            property requireHttps

            requireHttps?: boolean | 'remoteOnly';
            • Defines whether https is required. The default value is remoteOnly which only allows http for localhost, while every other domains need to be used with https.

            property resource

            resource?: string;

              property responseType

              responseType?: string;

                property revocationEndpoint

                revocationEndpoint?: string;
                • Url of the revocation endpoint as defined by OpenId Connect and OAuth 2.

                property rngUrl

                rngUrl?: string;

                  property scope

                  scope?: string;
                  • The requested scopes

                  property sessionCheckIFrameName

                  sessionCheckIFrameName?: string;
                  • Name of the iframe to use for session checks

                  property sessionCheckIFrameUrl

                  sessionCheckIFrameUrl?: string;
                  • Url for the iframe used for session checks

                  property sessionCheckIntervall

                  sessionCheckIntervall?: number;
                  • Interval in msec for checking the session according to http://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification

                  property sessionChecksEnabled

                  sessionChecksEnabled?: boolean;
                  • If true, the lib will try to check whether the user is still logged in on a regular basis as described in http://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification

                  property showDebugInformation

                  showDebugInformation?: boolean;
                  • Defines whether additional debug information should be shown at the console. Note that in certain browsers the verbosity of the console needs to be explicitly set to include Debug level messages.

                  property silentRefreshIFrameName

                  silentRefreshIFrameName?: string;

                    property silentRefreshMessagePrefix

                    silentRefreshMessagePrefix?: string;

                      property silentRefreshRedirectUri

                      silentRefreshRedirectUri?: string;
                      • The redirect uri used when doing silent refresh.

                      property silentRefreshShowIFrame

                      silentRefreshShowIFrame?: boolean;
                      • Set this to true to display the iframe used for silent refresh for debugging.

                      property silentRefreshTimeout

                      silentRefreshTimeout?: number;
                      • Timeout for silent refresh.

                      property skipIssuerCheck

                      skipIssuerCheck?: boolean;
                      • Defined whether to skip the validation of the issuer in the discovery document. Normally, the discovey document's url starts with the url of the issuer.

                      property skipSubjectCheck

                      skipSubjectCheck?: boolean;
                      • Defines wether to check the subject of a refreshed token after silent refresh. Normally, it should be the same as before.

                      property strictDiscoveryDocumentValidation

                      strictDiscoveryDocumentValidation?: boolean;
                      • Defines whether every url provided by the discovery document has to start with the issuer's url.

                      property timeoutFactor

                      timeoutFactor?: number;
                      • Defines when the token_timeout event should be raised. If you set this to the default value 0.75, the event is triggered after 75% of the token's life time.

                      property tokenEndpoint

                      tokenEndpoint?: string;
                      • Url of the token endpoint as defined by OpenId Connect and OAuth 2.

                      property useHttpBasicAuth

                      useHttpBasicAuth?: boolean;
                      • Set this to true to use HTTP BASIC auth for AJAX calls

                      property useIdTokenHintForSilentRefresh

                      useIdTokenHintForSilentRefresh?: boolean;

                        property userinfoEndpoint

                        userinfoEndpoint?: string;
                        • Url of the userinfo endpoint as defined by OpenId Connect.

                        property useSilentRefresh

                        useSilentRefresh?: any;
                        • Set this to true if you want to use silent refresh together with code flow. As silent refresh is the only option for refreshing with implicit flow, you don't need to explicitly turn it on in this case.

                        property waitForTokenInMsec

                        waitForTokenInMsec?: number;
                        • The interceptors waits this time span if there is no token

                        class DateTimeProvider

                        abstract class DateTimeProvider {}

                          method new

                          abstract new: () => Date;

                            method now

                            abstract now: () => number;

                              class DefaultHashHandler

                              class DefaultHashHandler implements HashHandler {}

                                property ɵfac

                                static ɵfac: i0.ɵɵFactoryDeclaration<DefaultHashHandler, never>;

                                  property ɵprov

                                  static ɵprov: i0.ɵɵInjectableDeclaration<DefaultHashHandler>;

                                    method calcHash

                                    calcHash: (valueToHash: string, algorithm: string) => Promise<string>;

                                      method toHashString

                                      toHashString: (buffer: ArrayBuffer) => string;

                                        method toHashString2

                                        toHashString2: (byteArray: number[]) => string;

                                          class DefaultOAuthInterceptor

                                          class DefaultOAuthInterceptor implements HttpInterceptor {}

                                            constructor

                                            constructor(
                                            oAuthService: OAuthService,
                                            errorHandler: OAuthResourceServerErrorHandler,
                                            moduleConfig: OAuthModuleConfig
                                            );

                                              property ɵfac

                                              static ɵfac: i0.ɵɵFactoryDeclaration<
                                              DefaultOAuthInterceptor,
                                              [null, null, { optional: true }]
                                              >;

                                                property ɵprov

                                                static ɵprov: i0.ɵɵInjectableDeclaration<DefaultOAuthInterceptor>;

                                                  method intercept

                                                  intercept: (
                                                  req: HttpRequest<any>,
                                                  next: HttpHandler
                                                  ) => Observable<HttpEvent<any>>;

                                                    class HashHandler

                                                    abstract class HashHandler {}
                                                    • Abstraction for crypto algorithms

                                                    method calcHash

                                                    abstract calcHash: (valueToHash: string, algorithm: string) => Promise<string>;

                                                      class JwksValidationHandler

                                                      class JwksValidationHandler extends NullValidationHandler {}
                                                      • This is just a dummy of the JwksValidationHandler telling the users that the real one has been moved to an library of its own, namely angular-oauth2-oidc-utils

                                                      constructor

                                                      constructor();

                                                        class LoginOptions

                                                        class LoginOptions {}
                                                        • Additional options that can be passed to tryLogin.

                                                        property customHashFragment

                                                        customHashFragment?: string;
                                                        • A custom hash fragment to be used instead of the actual one. This is used for silent refreshes, to pass the iframes hash fragment to this method, and is also used by popup flows in the same manner. This can be used with code flow, where is must be set to a hash symbol followed by the querystring. The question mark is optional, but may be present following the hash symbol.

                                                        property customRedirectUri

                                                        customRedirectUri?: string;
                                                        • Set this for code flow if you used a custom redirect Uri when retrieving the code. This is used internally for silent refresh and popup flows.

                                                        property disableNonceCheck

                                                        disableNonceCheck?: boolean;
                                                        • Set this to true to disable the nonce check which is used to avoid replay attacks. This flag should never be true in production environments.

                                                        property disableOAuth2StateCheck

                                                        disableOAuth2StateCheck?: boolean;
                                                        • Set this to true to disable the oauth2 state check which is a best practice to avoid security attacks. As OIDC defines a nonce check that includes this, this can be set to true when only doing OIDC.

                                                        property onLoginError

                                                        onLoginError?: (params: object) => void;
                                                        • Called when tryLogin detects that the auth server included an error message into the hash fragment.

                                                          Deprecated: Use property ``events`` on OAuthService instead.

                                                        property onTokenReceived

                                                        onTokenReceived?: (receivedTokens: ReceivedTokens) => void;
                                                        • Is called, after a token has been received and successfully validated.

                                                          Deprecated: Use property ``events`` on OAuthService instead.

                                                        property preventClearHashAfterLogin

                                                        preventClearHashAfterLogin?: boolean;
                                                        • Normally, you want to clear your hash fragment after the lib read the token(s) so that they are not displayed anymore in the url. If not, set this to true. For code flow this controls removing query string values.

                                                        property validationHandler

                                                        validationHandler?: (receivedTokens: ReceivedTokens) => Promise<any>;
                                                        • Hook, to validate the received tokens.

                                                          Deprecated: Use property ``tokenValidationHandler`` on OAuthService instead.

                                                        class MemoryStorage

                                                        class MemoryStorage implements OAuthStorage {}

                                                          property ɵfac

                                                          static ɵfac: i0.ɵɵFactoryDeclaration<MemoryStorage, never>;

                                                            property ɵprov

                                                            static ɵprov: i0.ɵɵInjectableDeclaration<MemoryStorage>;

                                                              method getItem

                                                              getItem: (key: string) => string;

                                                                method removeItem

                                                                removeItem: (key: string) => void;

                                                                  method setItem

                                                                  setItem: (key: string, data: string) => void;

                                                                    class NullValidationHandler

                                                                    class NullValidationHandler implements ValidationHandler {}
                                                                    • A validation handler that isn't validating nothing. Can be used to skip validation (at your own risk).

                                                                    method validateAtHash

                                                                    validateAtHash: (validationParams: ValidationParams) => Promise<boolean>;

                                                                      method validateSignature

                                                                      validateSignature: (validationParams: ValidationParams) => Promise<any>;

                                                                        class OAuthErrorEvent

                                                                        class OAuthErrorEvent extends OAuthEvent {}

                                                                          constructor

                                                                          constructor(type: EventType, reason: {}, params?: {});

                                                                            property params

                                                                            readonly params: {};

                                                                              property reason

                                                                              readonly reason: {};

                                                                                class OAuthEvent

                                                                                abstract class OAuthEvent {}

                                                                                  constructor

                                                                                  constructor(type: EventType);

                                                                                    property type

                                                                                    readonly type: EventType;

                                                                                      class OAuthInfoEvent

                                                                                      class OAuthInfoEvent extends OAuthEvent {}

                                                                                        constructor

                                                                                        constructor(type: EventType, info?: any);

                                                                                          property info

                                                                                          readonly info: any;

                                                                                            class OAuthLogger

                                                                                            abstract class OAuthLogger {}
                                                                                            • Defines the logging interface the OAuthService uses internally. Is compatible with the console object, but you can provide your own implementation as well through dependency injection.

                                                                                            method debug

                                                                                            abstract debug: (message?: any, ...optionalParams: any[]) => void;

                                                                                              method error

                                                                                              abstract error: (message?: any, ...optionalParams: any[]) => void;

                                                                                                method info

                                                                                                abstract info: (message?: any, ...optionalParams: any[]) => void;

                                                                                                  method log

                                                                                                  abstract log: (message?: any, ...optionalParams: any[]) => void;

                                                                                                    method warn

                                                                                                    abstract warn: (message?: any, ...optionalParams: any[]) => void;

                                                                                                      class OAuthModule

                                                                                                      class OAuthModule {}

                                                                                                        property ɵfac

                                                                                                        static ɵfac: i0.ɵɵFactoryDeclaration<OAuthModule, never>;

                                                                                                          property ɵinj

                                                                                                          static ɵinj: i0.ɵɵInjectorDeclaration<OAuthModule>;

                                                                                                            property ɵmod

                                                                                                            static ɵmod: i0.ɵɵNgModuleDeclaration<OAuthModule, never, [any], never>;

                                                                                                              method forRoot

                                                                                                              static forRoot: (
                                                                                                              config?: OAuthModuleConfig,
                                                                                                              validationHandlerClass?: typeof NullValidationHandler
                                                                                                              ) => ModuleWithProviders<OAuthModule>;

                                                                                                                class OAuthModuleConfig

                                                                                                                abstract class OAuthModuleConfig {}

                                                                                                                  property resourceServer

                                                                                                                  resourceServer: OAuthResourceServerConfig;

                                                                                                                    class OAuthNoopResourceServerErrorHandler

                                                                                                                    class OAuthNoopResourceServerErrorHandler
                                                                                                                    implements OAuthResourceServerErrorHandler {}

                                                                                                                      method handleError

                                                                                                                      handleError: (err: HttpResponse<any>) => Observable<any>;

                                                                                                                        class OAuthResourceServerConfig

                                                                                                                        abstract class OAuthResourceServerConfig {}

                                                                                                                          property allowedUrls

                                                                                                                          allowedUrls?: string[];
                                                                                                                          • Urls for which calls should be intercepted. If there is an ResourceServerErrorHandler registered, it is used for them. If sendAccessToken is set to true, the access_token is send to them too.

                                                                                                                          property customUrlValidation

                                                                                                                          customUrlValidation?: (url: string) => boolean;

                                                                                                                            property sendAccessToken

                                                                                                                            sendAccessToken: boolean;

                                                                                                                              class OAuthResourceServerErrorHandler

                                                                                                                              abstract class OAuthResourceServerErrorHandler {}

                                                                                                                                method handleError

                                                                                                                                abstract handleError: (err: HttpResponse<any>) => Observable<any>;

                                                                                                                                  class OAuthService

                                                                                                                                  class OAuthService extends AuthConfig implements OnDestroy {}
                                                                                                                                  • Service for logging in and logging out with OIDC and OAuth2. Supports implicit flow and password flow.

                                                                                                                                  constructor

                                                                                                                                  constructor(
                                                                                                                                  ngZone: NgZone,
                                                                                                                                  http: HttpClient,
                                                                                                                                  storage: OAuthStorage,
                                                                                                                                  tokenValidationHandler: ValidationHandler,
                                                                                                                                  config: AuthConfig,
                                                                                                                                  urlHelper: UrlHelperService,
                                                                                                                                  logger: OAuthLogger,
                                                                                                                                  crypto: HashHandler,
                                                                                                                                  document: Document,
                                                                                                                                  dateTimeService: DateTimeProvider
                                                                                                                                  );

                                                                                                                                    property accessTokenTimeoutSubscription

                                                                                                                                    protected accessTokenTimeoutSubscription: Subscription;

                                                                                                                                      property automaticRefreshSubscription

                                                                                                                                      protected automaticRefreshSubscription: Subscription;

                                                                                                                                        property config

                                                                                                                                        protected config: AuthConfig;

                                                                                                                                          property crypto

                                                                                                                                          protected crypto: HashHandler;

                                                                                                                                            property dateTimeService

                                                                                                                                            protected dateTimeService: DateTimeProvider;

                                                                                                                                              property discoveryDocumentLoadedSubject

                                                                                                                                              protected discoveryDocumentLoadedSubject: Subject<OidcDiscoveryDoc>;

                                                                                                                                                property events

                                                                                                                                                events: Observable<OAuthEvent>;
                                                                                                                                                • Informs about events, like token_received or token_expires. See the string enum EventType for a full list of event types.

                                                                                                                                                property eventsSubject

                                                                                                                                                protected eventsSubject: Subject<OAuthEvent>;

                                                                                                                                                  property grantTypesSupported

                                                                                                                                                  protected grantTypesSupported: string[];

                                                                                                                                                    property http

                                                                                                                                                    protected http: HttpClient;

                                                                                                                                                      property idTokenTimeoutSubscription

                                                                                                                                                      protected idTokenTimeoutSubscription: Subscription;

                                                                                                                                                        property inImplicitFlow

                                                                                                                                                        protected inImplicitFlow: boolean;

                                                                                                                                                          property jwksUri

                                                                                                                                                          protected jwksUri: string;

                                                                                                                                                            property logger

                                                                                                                                                            protected logger: OAuthLogger;

                                                                                                                                                              property ngZone

                                                                                                                                                              protected ngZone: NgZone;

                                                                                                                                                                property ɵfac

                                                                                                                                                                static ɵfac: i0.ɵɵFactoryDeclaration<
                                                                                                                                                                OAuthService,
                                                                                                                                                                [
                                                                                                                                                                null,
                                                                                                                                                                null,
                                                                                                                                                                { optional: true },
                                                                                                                                                                { optional: true },
                                                                                                                                                                { optional: true },
                                                                                                                                                                null,
                                                                                                                                                                null,
                                                                                                                                                                { optional: true },
                                                                                                                                                                null,
                                                                                                                                                                null
                                                                                                                                                                ]
                                                                                                                                                                >;

                                                                                                                                                                  property ɵprov

                                                                                                                                                                  static ɵprov: i0.ɵɵInjectableDeclaration<OAuthService>;

                                                                                                                                                                    property saveNoncesInLocalStorage

                                                                                                                                                                    protected saveNoncesInLocalStorage: boolean;

                                                                                                                                                                      property sessionCheckEventListener

                                                                                                                                                                      protected sessionCheckEventListener: EventListener;

                                                                                                                                                                        property sessionCheckTimer

                                                                                                                                                                        protected sessionCheckTimer: any;

                                                                                                                                                                          property silentRefreshPostMessageEventListener

                                                                                                                                                                          protected silentRefreshPostMessageEventListener: EventListener;

                                                                                                                                                                            property silentRefreshSubject

                                                                                                                                                                            protected silentRefreshSubject: string;

                                                                                                                                                                              property state

                                                                                                                                                                              state?: string;
                                                                                                                                                                              • The received (passed around) state, when logging in with implicit flow.

                                                                                                                                                                              property tokenReceivedSubscription

                                                                                                                                                                              protected tokenReceivedSubscription: Subscription;

                                                                                                                                                                                property tokenValidationHandler

                                                                                                                                                                                tokenValidationHandler: ValidationHandler;
                                                                                                                                                                                • The ValidationHandler used to validate received id_tokens.

                                                                                                                                                                                property urlHelper

                                                                                                                                                                                protected urlHelper: UrlHelperService;

                                                                                                                                                                                  method assertUrlNotNullAndCorrectProtocol

                                                                                                                                                                                  protected assertUrlNotNullAndCorrectProtocol: (
                                                                                                                                                                                  url: string | undefined,
                                                                                                                                                                                  description: string
                                                                                                                                                                                  ) => void;

                                                                                                                                                                                    method authorizationHeader

                                                                                                                                                                                    authorizationHeader: () => string;
                                                                                                                                                                                    • Returns the auth-header that can be used to transmit the access_token to a service

                                                                                                                                                                                    method calcTimeout

                                                                                                                                                                                    protected calcTimeout: (storedAt: number, expiration: number) => number;

                                                                                                                                                                                      method calculatePopupFeatures

                                                                                                                                                                                      protected calculatePopupFeatures: (options: {
                                                                                                                                                                                      height?: number;
                                                                                                                                                                                      width?: number;
                                                                                                                                                                                      }) => string;

                                                                                                                                                                                        method callOnTokenReceivedIfExists

                                                                                                                                                                                        protected callOnTokenReceivedIfExists: (options: LoginOptions) => void;

                                                                                                                                                                                          method canPerformSessionCheck

                                                                                                                                                                                          protected canPerformSessionCheck: () => boolean;

                                                                                                                                                                                            method checkAtHash

                                                                                                                                                                                            protected checkAtHash: (params: ValidationParams) => Promise<boolean>;

                                                                                                                                                                                              method checkSession

                                                                                                                                                                                              checkSession: () => void;

                                                                                                                                                                                                method checkSignature

                                                                                                                                                                                                protected checkSignature: (params: ValidationParams) => Promise<any>;

                                                                                                                                                                                                  method clearAccessTokenTimer

                                                                                                                                                                                                  protected clearAccessTokenTimer: () => void;

                                                                                                                                                                                                    method clearAutomaticRefreshTimer

                                                                                                                                                                                                    protected clearAutomaticRefreshTimer: () => void;

                                                                                                                                                                                                      method clearIdTokenTimer

                                                                                                                                                                                                      protected clearIdTokenTimer: () => void;

                                                                                                                                                                                                        method configChanged

                                                                                                                                                                                                        protected configChanged: () => void;

                                                                                                                                                                                                          method configure

                                                                                                                                                                                                          configure: (config: AuthConfig) => void;
                                                                                                                                                                                                          • Use this method to configure the service

                                                                                                                                                                                                            Parameter config

                                                                                                                                                                                                            the configuration

                                                                                                                                                                                                          method createAndSaveNonce

                                                                                                                                                                                                          createAndSaveNonce: () => Promise<string>;

                                                                                                                                                                                                          method createChallangeVerifierPairForPKCE

                                                                                                                                                                                                          protected createChallangeVerifierPairForPKCE: () => Promise<[string, string]>;

                                                                                                                                                                                                            method createLoginUrl

                                                                                                                                                                                                            protected createLoginUrl: (
                                                                                                                                                                                                            state?: string,
                                                                                                                                                                                                            loginHint?: string,
                                                                                                                                                                                                            customRedirectUri?: string,
                                                                                                                                                                                                            noPrompt?: boolean,
                                                                                                                                                                                                            params?: object
                                                                                                                                                                                                            ) => Promise<string>;

                                                                                                                                                                                                              method createNonce

                                                                                                                                                                                                              protected createNonce: () => Promise<string>;

                                                                                                                                                                                                                method debug

                                                                                                                                                                                                                protected debug: (...args: any[]) => void;

                                                                                                                                                                                                                  method fetchTokenUsingGrant

                                                                                                                                                                                                                  fetchTokenUsingGrant: (
                                                                                                                                                                                                                  grantType: string,
                                                                                                                                                                                                                  parameters: object,
                                                                                                                                                                                                                  headers?: HttpHeaders
                                                                                                                                                                                                                  ) => Promise<TokenResponse>;
                                                                                                                                                                                                                  • Uses a custom grant type to retrieve tokens.

                                                                                                                                                                                                                    Parameter grantType

                                                                                                                                                                                                                    Grant type.

                                                                                                                                                                                                                    Parameter parameters

                                                                                                                                                                                                                    Parameters to pass.

                                                                                                                                                                                                                    Parameter headers

                                                                                                                                                                                                                    Optional additional HTTP headers.

                                                                                                                                                                                                                  method fetchTokenUsingPasswordFlow

                                                                                                                                                                                                                  fetchTokenUsingPasswordFlow: (
                                                                                                                                                                                                                  userName: string,
                                                                                                                                                                                                                  password: string,
                                                                                                                                                                                                                  headers?: HttpHeaders
                                                                                                                                                                                                                  ) => Promise<TokenResponse>;
                                                                                                                                                                                                                  • Uses password flow to exchange userName and password for an access_token.

                                                                                                                                                                                                                    Parameter userName

                                                                                                                                                                                                                    Parameter password

                                                                                                                                                                                                                    Parameter headers

                                                                                                                                                                                                                    Optional additional http-headers.

                                                                                                                                                                                                                  method fetchTokenUsingPasswordFlowAndLoadUserProfile

                                                                                                                                                                                                                  fetchTokenUsingPasswordFlowAndLoadUserProfile: (
                                                                                                                                                                                                                  userName: string,
                                                                                                                                                                                                                  password: string,
                                                                                                                                                                                                                  headers?: HttpHeaders
                                                                                                                                                                                                                  ) => Promise<object>;
                                                                                                                                                                                                                  • Uses password flow to exchange userName and password for an access_token. After receiving the access_token, this method uses it to query the userinfo endpoint in order to get information about the user in question.

                                                                                                                                                                                                                    When using this, make sure that the property oidc is set to false. Otherwise stricter validations take place that make this operation fail.

                                                                                                                                                                                                                    Parameter userName

                                                                                                                                                                                                                    Parameter password

                                                                                                                                                                                                                    Parameter headers

                                                                                                                                                                                                                    Optional additional http-headers.

                                                                                                                                                                                                                  method getAccessToken

                                                                                                                                                                                                                  getAccessToken: () => string;
                                                                                                                                                                                                                  • Returns the current access_token.

                                                                                                                                                                                                                  method getAccessTokenExpiration

                                                                                                                                                                                                                  getAccessTokenExpiration: () => number;
                                                                                                                                                                                                                  • Returns the expiration date of the access_token as milliseconds since 1970.

                                                                                                                                                                                                                  method getAccessTokenStoredAt

                                                                                                                                                                                                                  protected getAccessTokenStoredAt: () => number;

                                                                                                                                                                                                                    method getCustomTokenResponseProperty

                                                                                                                                                                                                                    getCustomTokenResponseProperty: (requestedProperty: string) => any;
                                                                                                                                                                                                                    • Retrieve a saved custom property of the TokenReponse object. Only if predefined in authconfig.

                                                                                                                                                                                                                    method getGrantedScopes

                                                                                                                                                                                                                    getGrantedScopes: () => object;
                                                                                                                                                                                                                    • Returns the granted scopes from the server.

                                                                                                                                                                                                                    method getIdentityClaims

                                                                                                                                                                                                                    getIdentityClaims: () => Record<string, any>;
                                                                                                                                                                                                                    • Returns the received claims about the user.

                                                                                                                                                                                                                    method getIdToken

                                                                                                                                                                                                                    getIdToken: () => string;
                                                                                                                                                                                                                    • Returns the current id_token.

                                                                                                                                                                                                                    method getIdTokenExpiration

                                                                                                                                                                                                                    getIdTokenExpiration: () => number;
                                                                                                                                                                                                                    • Returns the expiration date of the id_token as milliseconds since 1970.

                                                                                                                                                                                                                    method getIdTokenStoredAt

                                                                                                                                                                                                                    protected getIdTokenStoredAt: () => number;

                                                                                                                                                                                                                      method getRefreshToken

                                                                                                                                                                                                                      getRefreshToken: () => string;

                                                                                                                                                                                                                        method getSessionState

                                                                                                                                                                                                                        protected getSessionState: () => string;

                                                                                                                                                                                                                          method handleLoginError

                                                                                                                                                                                                                          protected handleLoginError: (options: LoginOptions, parts: object) => void;

                                                                                                                                                                                                                            method handleSessionChange

                                                                                                                                                                                                                            protected handleSessionChange: () => void;

                                                                                                                                                                                                                              method handleSessionError

                                                                                                                                                                                                                              protected handleSessionError: () => void;

                                                                                                                                                                                                                                method handleSessionUnchanged

                                                                                                                                                                                                                                protected handleSessionUnchanged: () => void;

                                                                                                                                                                                                                                  method hasValidAccessToken

                                                                                                                                                                                                                                  hasValidAccessToken: () => boolean;
                                                                                                                                                                                                                                  • Checkes, whether there is a valid access_token.

                                                                                                                                                                                                                                  method hasValidIdToken

                                                                                                                                                                                                                                  hasValidIdToken: () => boolean;
                                                                                                                                                                                                                                  • Checks whether there is a valid id_token.

                                                                                                                                                                                                                                  method initCodeFlow

                                                                                                                                                                                                                                  initCodeFlow: (additionalState?: string, params?: {}) => void;
                                                                                                                                                                                                                                  • Starts the authorization code flow and redirects to user to the auth servers login url.

                                                                                                                                                                                                                                  method initImplicitFlow

                                                                                                                                                                                                                                  initImplicitFlow: (additionalState?: string, params?: string | object) => void;
                                                                                                                                                                                                                                  • Starts the implicit flow and redirects to user to the auth servers' login url.

                                                                                                                                                                                                                                    Parameter additionalState

                                                                                                                                                                                                                                    Optional state that is passed around. You'll find this state in the property state after tryLogin logged in the user.

                                                                                                                                                                                                                                    Parameter params

                                                                                                                                                                                                                                    Hash with additional parameter. If it is a string, it is used for the parameter loginHint (for the sake of compatibility with former versions)

                                                                                                                                                                                                                                  method initImplicitFlowInPopup

                                                                                                                                                                                                                                  initImplicitFlowInPopup: (options?: {
                                                                                                                                                                                                                                  height?: number;
                                                                                                                                                                                                                                  width?: number;
                                                                                                                                                                                                                                  windowRef?: Window;
                                                                                                                                                                                                                                  }) => Promise<unknown>;

                                                                                                                                                                                                                                  method initImplicitFlowInternal

                                                                                                                                                                                                                                  initImplicitFlowInternal: (
                                                                                                                                                                                                                                  additionalState?: string,
                                                                                                                                                                                                                                  params?: string | object
                                                                                                                                                                                                                                  ) => void;

                                                                                                                                                                                                                                    method initLoginFlow

                                                                                                                                                                                                                                    initLoginFlow: (additionalState?: string, params?: {}) => void;
                                                                                                                                                                                                                                    • Start the implicit flow or the code flow, depending on your configuration.

                                                                                                                                                                                                                                    method initLoginFlowInPopup

                                                                                                                                                                                                                                    initLoginFlowInPopup: (options?: {
                                                                                                                                                                                                                                    height?: number;
                                                                                                                                                                                                                                    width?: number;
                                                                                                                                                                                                                                    windowRef?: Window;
                                                                                                                                                                                                                                    }) => Promise<unknown>;

                                                                                                                                                                                                                                      method initSessionCheck

                                                                                                                                                                                                                                      protected initSessionCheck: () => void;

                                                                                                                                                                                                                                        method loadDiscoveryDocument

                                                                                                                                                                                                                                        loadDiscoveryDocument: (fullUrl?: string) => Promise<OAuthSuccessEvent>;
                                                                                                                                                                                                                                        • Loads the discovery document to configure most properties of this service. The url of the discovery document is infered from the issuer's url according to the OpenId Connect spec. To use another url you can pass it to to optional parameter fullUrl.

                                                                                                                                                                                                                                          Parameter fullUrl

                                                                                                                                                                                                                                        method loadDiscoveryDocumentAndLogin

                                                                                                                                                                                                                                        loadDiscoveryDocumentAndLogin: (
                                                                                                                                                                                                                                        options?: LoginOptions & { state?: string }
                                                                                                                                                                                                                                        ) => Promise<boolean>;
                                                                                                                                                                                                                                        • Convenience method that first calls loadDiscoveryDocumentAndTryLogin(...) and if then chains to initLoginFlow(), but only if there is no valid IdToken or no valid AccessToken.

                                                                                                                                                                                                                                          Parameter options

                                                                                                                                                                                                                                          LoginOptions to pass through to tryLogin(...)

                                                                                                                                                                                                                                        method loadDiscoveryDocumentAndTryLogin

                                                                                                                                                                                                                                        loadDiscoveryDocumentAndTryLogin: (options?: LoginOptions) => Promise<boolean>;
                                                                                                                                                                                                                                        • Convenience method that first calls loadDiscoveryDocument(...) and directly chains using the then(...) part of the promise to call the tryLogin(...) method.

                                                                                                                                                                                                                                          Parameter options

                                                                                                                                                                                                                                          LoginOptions to pass through to tryLogin(...)

                                                                                                                                                                                                                                        method loadJwks

                                                                                                                                                                                                                                        protected loadJwks: () => Promise<object>;

                                                                                                                                                                                                                                          method loadUserProfile

                                                                                                                                                                                                                                          loadUserProfile: () => Promise<object>;
                                                                                                                                                                                                                                          • Loads the user profile by accessing the user info endpoint defined by OpenId Connect.

                                                                                                                                                                                                                                            When using this with OAuth2 password flow, make sure that the property oidc is set to false. Otherwise stricter validations take place that make this operation fail.

                                                                                                                                                                                                                                          method logOut

                                                                                                                                                                                                                                          logOut: {
                                                                                                                                                                                                                                          (): void;
                                                                                                                                                                                                                                          (customParameters: boolean | object): void;
                                                                                                                                                                                                                                          (noRedirectToLogoutUrl: boolean): void;
                                                                                                                                                                                                                                          (noRedirectToLogoutUrl: boolean, state: string): void;
                                                                                                                                                                                                                                          };
                                                                                                                                                                                                                                          • Removes all tokens and logs the user out. If a logout url is configured, the user is redirected to it with optional state parameter.

                                                                                                                                                                                                                                            Parameter noRedirectToLogoutUrl

                                                                                                                                                                                                                                            Parameter state

                                                                                                                                                                                                                                          method ngOnDestroy

                                                                                                                                                                                                                                          ngOnDestroy: () => void;

                                                                                                                                                                                                                                          method padBase64

                                                                                                                                                                                                                                          protected padBase64: (base64data: any) => string;

                                                                                                                                                                                                                                            method processIdToken

                                                                                                                                                                                                                                            processIdToken: (
                                                                                                                                                                                                                                            idToken: string,
                                                                                                                                                                                                                                            accessToken: string,
                                                                                                                                                                                                                                            skipNonceCheck?: boolean
                                                                                                                                                                                                                                            ) => Promise<ParsedIdToken>;

                                                                                                                                                                                                                                            method processMessageEventMessage

                                                                                                                                                                                                                                            protected processMessageEventMessage: (e: MessageEvent) => string;

                                                                                                                                                                                                                                              method refreshInternal

                                                                                                                                                                                                                                              protected refreshInternal: (
                                                                                                                                                                                                                                              params: any,
                                                                                                                                                                                                                                              noPrompt: any
                                                                                                                                                                                                                                              ) => Promise<TokenResponse | OAuthEvent>;

                                                                                                                                                                                                                                                method refreshToken

                                                                                                                                                                                                                                                refreshToken: () => Promise<TokenResponse>;
                                                                                                                                                                                                                                                • Refreshes the token using a refresh_token. This does not work for implicit flow, b/c there is no refresh_token in this flow. A solution for this is provided by the method silentRefresh.

                                                                                                                                                                                                                                                method removeSessionCheckEventListener

                                                                                                                                                                                                                                                protected removeSessionCheckEventListener: () => void;

                                                                                                                                                                                                                                                  method removeSilentRefreshEventListener

                                                                                                                                                                                                                                                  protected removeSilentRefreshEventListener: () => void;

                                                                                                                                                                                                                                                    method resetImplicitFlow

                                                                                                                                                                                                                                                    resetImplicitFlow: () => void;
                                                                                                                                                                                                                                                    • Reset current implicit flow

                                                                                                                                                                                                                                                      This method allows resetting the current implict flow in order to be initialized again.

                                                                                                                                                                                                                                                    method restartRefreshTimerIfStillLoggedIn

                                                                                                                                                                                                                                                    protected restartRefreshTimerIfStillLoggedIn: () => void;

                                                                                                                                                                                                                                                      method restartSessionChecksIfStillLoggedIn

                                                                                                                                                                                                                                                      restartSessionChecksIfStillLoggedIn: () => void;

                                                                                                                                                                                                                                                        method revokeTokenAndLogout

                                                                                                                                                                                                                                                        revokeTokenAndLogout: (
                                                                                                                                                                                                                                                        customParameters?: boolean | object,
                                                                                                                                                                                                                                                        ignoreCorsIssues?: boolean
                                                                                                                                                                                                                                                        ) => Promise<any>;
                                                                                                                                                                                                                                                        • Revokes the auth token to secure the vulnarability of the token issued allowing the authorization server to clean up any security credentials associated with the authorization

                                                                                                                                                                                                                                                        method setStorage

                                                                                                                                                                                                                                                        setStorage: (storage: OAuthStorage) => void;
                                                                                                                                                                                                                                                        • DEPRECATED. Use a provider for OAuthStorage instead:

                                                                                                                                                                                                                                                          { provide: OAuthStorage, useFactory: oAuthStorageFactory } export function oAuthStorageFactory(): OAuthStorage { return localStorage; } Sets a custom storage used to store the received tokens on client side. By default, the browser's sessionStorage is used.

                                                                                                                                                                                                                                                          Parameter storage

                                                                                                                                                                                                                                                        method setupAccessTokenTimer

                                                                                                                                                                                                                                                        protected setupAccessTokenTimer: () => void;

                                                                                                                                                                                                                                                          method setupAutomaticSilentRefresh

                                                                                                                                                                                                                                                          setupAutomaticSilentRefresh: (
                                                                                                                                                                                                                                                          params?: object,
                                                                                                                                                                                                                                                          listenTo?: 'access_token' | 'id_token' | 'any',
                                                                                                                                                                                                                                                          noPrompt?: boolean
                                                                                                                                                                                                                                                          ) => void;
                                                                                                                                                                                                                                                          • Will setup up silent refreshing for when the token is about to expire. When the user is logged out via this.logOut method, the silent refreshing will pause and not refresh the tokens until the user is logged back in via receiving a new token.

                                                                                                                                                                                                                                                            Parameter params

                                                                                                                                                                                                                                                            Additional parameter to pass

                                                                                                                                                                                                                                                            Parameter listenTo

                                                                                                                                                                                                                                                            Setup automatic refresh of a specific token type

                                                                                                                                                                                                                                                          method setupExpirationTimers

                                                                                                                                                                                                                                                          protected setupExpirationTimers: () => void;

                                                                                                                                                                                                                                                            method setupIdTokenTimer

                                                                                                                                                                                                                                                            protected setupIdTokenTimer: () => void;

                                                                                                                                                                                                                                                              method setupRefreshTimer

                                                                                                                                                                                                                                                              protected setupRefreshTimer: () => void;

                                                                                                                                                                                                                                                                method setupSessionCheck

                                                                                                                                                                                                                                                                protected setupSessionCheck: () => void;

                                                                                                                                                                                                                                                                  method setupSessionCheckEventListener

                                                                                                                                                                                                                                                                  protected setupSessionCheckEventListener: () => void;

                                                                                                                                                                                                                                                                    method setupSilentRefreshEventListener

                                                                                                                                                                                                                                                                    protected setupSilentRefreshEventListener: () => void;

                                                                                                                                                                                                                                                                      method silentRefresh

                                                                                                                                                                                                                                                                      silentRefresh: (params?: object, noPrompt?: boolean) => Promise<OAuthEvent>;
                                                                                                                                                                                                                                                                      • Performs a silent refresh for implicit flow. Use this method to get new tokens when/before the existing tokens expire.

                                                                                                                                                                                                                                                                      method startSessionCheckTimer

                                                                                                                                                                                                                                                                      protected startSessionCheckTimer: () => void;

                                                                                                                                                                                                                                                                        method stopAutomaticRefresh

                                                                                                                                                                                                                                                                        stopAutomaticRefresh: () => void;
                                                                                                                                                                                                                                                                        • Stops timers for automatic refresh. To restart it, call setupAutomaticSilentRefresh again.

                                                                                                                                                                                                                                                                        method stopSessionCheckTimer

                                                                                                                                                                                                                                                                        protected stopSessionCheckTimer: () => void;

                                                                                                                                                                                                                                                                          method storeAccessTokenResponse

                                                                                                                                                                                                                                                                          protected storeAccessTokenResponse: (
                                                                                                                                                                                                                                                                          accessToken: string,
                                                                                                                                                                                                                                                                          refreshToken: string,
                                                                                                                                                                                                                                                                          expiresIn: number,
                                                                                                                                                                                                                                                                          grantedScopes: string,
                                                                                                                                                                                                                                                                          customParameters?: Map<string, string>
                                                                                                                                                                                                                                                                          ) => void;

                                                                                                                                                                                                                                                                            method storeIdToken

                                                                                                                                                                                                                                                                            protected storeIdToken: (idToken: ParsedIdToken) => void;

                                                                                                                                                                                                                                                                              method storeSessionState

                                                                                                                                                                                                                                                                              protected storeSessionState: (sessionState: string) => void;

                                                                                                                                                                                                                                                                                method tryLogin

                                                                                                                                                                                                                                                                                tryLogin: (options?: LoginOptions) => Promise<boolean>;
                                                                                                                                                                                                                                                                                • Delegates to tryLoginImplicitFlow for the sake of competability

                                                                                                                                                                                                                                                                                  Parameter options

                                                                                                                                                                                                                                                                                  Optional options.

                                                                                                                                                                                                                                                                                method tryLoginCodeFlow

                                                                                                                                                                                                                                                                                tryLoginCodeFlow: (options?: LoginOptions) => Promise<void>;

                                                                                                                                                                                                                                                                                  method tryLoginImplicitFlow

                                                                                                                                                                                                                                                                                  tryLoginImplicitFlow: (options?: LoginOptions) => Promise<boolean>;
                                                                                                                                                                                                                                                                                  • Checks whether there are tokens in the hash fragment as a result of the implicit flow. These tokens are parsed, validated and used to sign the user in to the current client.

                                                                                                                                                                                                                                                                                    Parameter options

                                                                                                                                                                                                                                                                                    Optional options.

                                                                                                                                                                                                                                                                                  method validateDiscoveryDocument

                                                                                                                                                                                                                                                                                  protected validateDiscoveryDocument: (doc: OidcDiscoveryDoc) => boolean;

                                                                                                                                                                                                                                                                                    method validateNonce

                                                                                                                                                                                                                                                                                    protected validateNonce: (nonceInState: string) => boolean;

                                                                                                                                                                                                                                                                                      method validateUrlAgainstIssuer

                                                                                                                                                                                                                                                                                      protected validateUrlAgainstIssuer: (url: string) => boolean;

                                                                                                                                                                                                                                                                                        method validateUrlForHttps

                                                                                                                                                                                                                                                                                        protected validateUrlForHttps: (url: string) => boolean;

                                                                                                                                                                                                                                                                                          method validateUrlFromDiscoveryDocument

                                                                                                                                                                                                                                                                                          protected validateUrlFromDiscoveryDocument: (url: string) => string[];

                                                                                                                                                                                                                                                                                            method waitForSilentRefreshAfterSessionChange

                                                                                                                                                                                                                                                                                            protected waitForSilentRefreshAfterSessionChange: () => void;

                                                                                                                                                                                                                                                                                              class OAuthStorage

                                                                                                                                                                                                                                                                                              abstract class OAuthStorage {}
                                                                                                                                                                                                                                                                                              • Defines a simple storage that can be used for storing the tokens at client side. Is compatible to localStorage and sessionStorage, but you can also create your own implementations.

                                                                                                                                                                                                                                                                                              method getItem

                                                                                                                                                                                                                                                                                              abstract getItem: (key: string) => string | null;

                                                                                                                                                                                                                                                                                                method removeItem

                                                                                                                                                                                                                                                                                                abstract removeItem: (key: string) => void;

                                                                                                                                                                                                                                                                                                  method setItem

                                                                                                                                                                                                                                                                                                  abstract setItem: (key: string, data: string) => void;

                                                                                                                                                                                                                                                                                                    class OAuthSuccessEvent

                                                                                                                                                                                                                                                                                                    class OAuthSuccessEvent extends OAuthEvent {}

                                                                                                                                                                                                                                                                                                      constructor

                                                                                                                                                                                                                                                                                                      constructor(type: EventType, info?: any);

                                                                                                                                                                                                                                                                                                        property info

                                                                                                                                                                                                                                                                                                        readonly info: any;

                                                                                                                                                                                                                                                                                                          class ReceivedTokens

                                                                                                                                                                                                                                                                                                          class ReceivedTokens {}
                                                                                                                                                                                                                                                                                                          • Represents the received tokens, the received state and the parsed claims from the id-token.

                                                                                                                                                                                                                                                                                                          property accessToken

                                                                                                                                                                                                                                                                                                          accessToken: string;

                                                                                                                                                                                                                                                                                                            property idClaims

                                                                                                                                                                                                                                                                                                            idClaims?: {};

                                                                                                                                                                                                                                                                                                              property idToken

                                                                                                                                                                                                                                                                                                              idToken: string;

                                                                                                                                                                                                                                                                                                                property state

                                                                                                                                                                                                                                                                                                                state?: string;

                                                                                                                                                                                                                                                                                                                  class SystemDateTimeProvider

                                                                                                                                                                                                                                                                                                                  class SystemDateTimeProvider extends DateTimeProvider {}

                                                                                                                                                                                                                                                                                                                    property ɵfac

                                                                                                                                                                                                                                                                                                                    static ɵfac: i0.ɵɵFactoryDeclaration<SystemDateTimeProvider, never>;

                                                                                                                                                                                                                                                                                                                      property ɵprov

                                                                                                                                                                                                                                                                                                                      static ɵprov: i0.ɵɵInjectableDeclaration<SystemDateTimeProvider>;

                                                                                                                                                                                                                                                                                                                        method new

                                                                                                                                                                                                                                                                                                                        new: () => Date;

                                                                                                                                                                                                                                                                                                                          method now

                                                                                                                                                                                                                                                                                                                          now: () => number;

                                                                                                                                                                                                                                                                                                                            class UrlHelperService

                                                                                                                                                                                                                                                                                                                            class UrlHelperService {}

                                                                                                                                                                                                                                                                                                                              property ɵfac

                                                                                                                                                                                                                                                                                                                              static ɵfac: i0.ɵɵFactoryDeclaration<UrlHelperService, never>;

                                                                                                                                                                                                                                                                                                                                property ɵprov

                                                                                                                                                                                                                                                                                                                                static ɵprov: i0.ɵɵInjectableDeclaration<UrlHelperService>;

                                                                                                                                                                                                                                                                                                                                  method getHashFragmentParams

                                                                                                                                                                                                                                                                                                                                  getHashFragmentParams: (customHashFragment?: string) => object;

                                                                                                                                                                                                                                                                                                                                    method parseQueryString

                                                                                                                                                                                                                                                                                                                                    parseQueryString: (queryString: string) => object;

                                                                                                                                                                                                                                                                                                                                      class ValidationHandler

                                                                                                                                                                                                                                                                                                                                      abstract class ValidationHandler {}
                                                                                                                                                                                                                                                                                                                                      • Interface for Handlers that are hooked in to validate tokens.

                                                                                                                                                                                                                                                                                                                                      method validateAtHash

                                                                                                                                                                                                                                                                                                                                      abstract validateAtHash: (
                                                                                                                                                                                                                                                                                                                                      validationParams: ValidationParams
                                                                                                                                                                                                                                                                                                                                      ) => Promise<boolean>;
                                                                                                                                                                                                                                                                                                                                      • Validates the at_hash in an id_token against the received access_token.

                                                                                                                                                                                                                                                                                                                                      method validateSignature

                                                                                                                                                                                                                                                                                                                                      abstract validateSignature: (validationParams: ValidationParams) => Promise<any>;
                                                                                                                                                                                                                                                                                                                                      • Validates the signature of an id_token.

                                                                                                                                                                                                                                                                                                                                      Interfaces

                                                                                                                                                                                                                                                                                                                                      interface OidcDiscoveryDoc

                                                                                                                                                                                                                                                                                                                                      interface OidcDiscoveryDoc {}
                                                                                                                                                                                                                                                                                                                                      • Represents an OpenID Connect discovery document

                                                                                                                                                                                                                                                                                                                                      property acr_values_supported

                                                                                                                                                                                                                                                                                                                                      acr_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                        property authorization_endpoint

                                                                                                                                                                                                                                                                                                                                        authorization_endpoint: string;

                                                                                                                                                                                                                                                                                                                                          property check_session_iframe

                                                                                                                                                                                                                                                                                                                                          check_session_iframe: string;

                                                                                                                                                                                                                                                                                                                                            property claim_types_supported

                                                                                                                                                                                                                                                                                                                                            claim_types_supported: string[];

                                                                                                                                                                                                                                                                                                                                              property claims_parameter_supported

                                                                                                                                                                                                                                                                                                                                              claims_parameter_supported: boolean;

                                                                                                                                                                                                                                                                                                                                                property claims_supported

                                                                                                                                                                                                                                                                                                                                                claims_supported: string[];

                                                                                                                                                                                                                                                                                                                                                  property display_values_supported

                                                                                                                                                                                                                                                                                                                                                  display_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                    property end_session_endpoint

                                                                                                                                                                                                                                                                                                                                                    end_session_endpoint: string;

                                                                                                                                                                                                                                                                                                                                                      property grant_types_supported

                                                                                                                                                                                                                                                                                                                                                      grant_types_supported: string[];

                                                                                                                                                                                                                                                                                                                                                        property id_token_encryption_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                        id_token_encryption_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                          property id_token_encryption_enc_values_supported

                                                                                                                                                                                                                                                                                                                                                          id_token_encryption_enc_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                            property id_token_signing_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                            id_token_signing_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                              property issuer

                                                                                                                                                                                                                                                                                                                                                              issuer: string;

                                                                                                                                                                                                                                                                                                                                                                property jwks_uri

                                                                                                                                                                                                                                                                                                                                                                jwks_uri: string;

                                                                                                                                                                                                                                                                                                                                                                  property registration_endpoint

                                                                                                                                                                                                                                                                                                                                                                  registration_endpoint: string;

                                                                                                                                                                                                                                                                                                                                                                    property request_object_signing_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                                    request_object_signing_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                      property response_modes_supported

                                                                                                                                                                                                                                                                                                                                                                      response_modes_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                        property response_types_supported

                                                                                                                                                                                                                                                                                                                                                                        response_types_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                          property revocation_endpoint

                                                                                                                                                                                                                                                                                                                                                                          revocation_endpoint: string;

                                                                                                                                                                                                                                                                                                                                                                            property scopes_supported

                                                                                                                                                                                                                                                                                                                                                                            scopes_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                              property service_documentation

                                                                                                                                                                                                                                                                                                                                                                              service_documentation: string;

                                                                                                                                                                                                                                                                                                                                                                                property subject_types_supported

                                                                                                                                                                                                                                                                                                                                                                                subject_types_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                  property token_endpoint

                                                                                                                                                                                                                                                                                                                                                                                  token_endpoint: string;

                                                                                                                                                                                                                                                                                                                                                                                    property token_endpoint_auth_methods_supported

                                                                                                                                                                                                                                                                                                                                                                                    token_endpoint_auth_methods_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                      property token_endpoint_auth_signing_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                                                      token_endpoint_auth_signing_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                        property ui_locales_supported

                                                                                                                                                                                                                                                                                                                                                                                        ui_locales_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                          property userinfo_encryption_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                                                          userinfo_encryption_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                            property userinfo_encryption_enc_values_supported

                                                                                                                                                                                                                                                                                                                                                                                            userinfo_encryption_enc_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                              property userinfo_endpoint

                                                                                                                                                                                                                                                                                                                                                                                              userinfo_endpoint: string;

                                                                                                                                                                                                                                                                                                                                                                                                property userinfo_signing_alg_values_supported

                                                                                                                                                                                                                                                                                                                                                                                                userinfo_signing_alg_values_supported: string[];

                                                                                                                                                                                                                                                                                                                                                                                                  interface ParsedIdToken

                                                                                                                                                                                                                                                                                                                                                                                                  interface ParsedIdToken {}
                                                                                                                                                                                                                                                                                                                                                                                                  • Represents the parsed and validated id_token.

                                                                                                                                                                                                                                                                                                                                                                                                  property idToken

                                                                                                                                                                                                                                                                                                                                                                                                  idToken: string;

                                                                                                                                                                                                                                                                                                                                                                                                    property idTokenClaims

                                                                                                                                                                                                                                                                                                                                                                                                    idTokenClaims: object;

                                                                                                                                                                                                                                                                                                                                                                                                      property idTokenClaimsJson

                                                                                                                                                                                                                                                                                                                                                                                                      idTokenClaimsJson: string;

                                                                                                                                                                                                                                                                                                                                                                                                        property idTokenExpiresAt

                                                                                                                                                                                                                                                                                                                                                                                                        idTokenExpiresAt: number;

                                                                                                                                                                                                                                                                                                                                                                                                          property idTokenHeader

                                                                                                                                                                                                                                                                                                                                                                                                          idTokenHeader: object;

                                                                                                                                                                                                                                                                                                                                                                                                            property idTokenHeaderJson

                                                                                                                                                                                                                                                                                                                                                                                                            idTokenHeaderJson: string;

                                                                                                                                                                                                                                                                                                                                                                                                              interface TokenResponse

                                                                                                                                                                                                                                                                                                                                                                                                              interface TokenResponse {}
                                                                                                                                                                                                                                                                                                                                                                                                              • Represents the response from the token endpoint http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint

                                                                                                                                                                                                                                                                                                                                                                                                              property access_token

                                                                                                                                                                                                                                                                                                                                                                                                              access_token: string;

                                                                                                                                                                                                                                                                                                                                                                                                                property expires_in

                                                                                                                                                                                                                                                                                                                                                                                                                expires_in: number;

                                                                                                                                                                                                                                                                                                                                                                                                                  property id_token

                                                                                                                                                                                                                                                                                                                                                                                                                  id_token: string;

                                                                                                                                                                                                                                                                                                                                                                                                                    property refresh_token

                                                                                                                                                                                                                                                                                                                                                                                                                    refresh_token: string;

                                                                                                                                                                                                                                                                                                                                                                                                                      property scope

                                                                                                                                                                                                                                                                                                                                                                                                                      scope: string;

                                                                                                                                                                                                                                                                                                                                                                                                                        property state

                                                                                                                                                                                                                                                                                                                                                                                                                        state?: string;

                                                                                                                                                                                                                                                                                                                                                                                                                          property token_type

                                                                                                                                                                                                                                                                                                                                                                                                                          token_type: string;

                                                                                                                                                                                                                                                                                                                                                                                                                            interface UserInfo

                                                                                                                                                                                                                                                                                                                                                                                                                            interface UserInfo {}
                                                                                                                                                                                                                                                                                                                                                                                                                            • Represents the response from the user info endpoint http://openid.net/specs/openid-connect-core-1_0.html#UserInfo

                                                                                                                                                                                                                                                                                                                                                                                                                            property sub

                                                                                                                                                                                                                                                                                                                                                                                                                            sub: string;

                                                                                                                                                                                                                                                                                                                                                                                                                              index signature

                                                                                                                                                                                                                                                                                                                                                                                                                              [key: string]: any;

                                                                                                                                                                                                                                                                                                                                                                                                                                interface ValidationParams

                                                                                                                                                                                                                                                                                                                                                                                                                                interface ValidationParams {}

                                                                                                                                                                                                                                                                                                                                                                                                                                  property accessToken

                                                                                                                                                                                                                                                                                                                                                                                                                                  accessToken: string;

                                                                                                                                                                                                                                                                                                                                                                                                                                    property idToken

                                                                                                                                                                                                                                                                                                                                                                                                                                    idToken: string;

                                                                                                                                                                                                                                                                                                                                                                                                                                      property idTokenClaims

                                                                                                                                                                                                                                                                                                                                                                                                                                      idTokenClaims: object;

                                                                                                                                                                                                                                                                                                                                                                                                                                        property idTokenHeader

                                                                                                                                                                                                                                                                                                                                                                                                                                        idTokenHeader: object;

                                                                                                                                                                                                                                                                                                                                                                                                                                          property jwks

                                                                                                                                                                                                                                                                                                                                                                                                                                          jwks: object;

                                                                                                                                                                                                                                                                                                                                                                                                                                            property loadKeys

                                                                                                                                                                                                                                                                                                                                                                                                                                            loadKeys: () => Promise<object>;

                                                                                                                                                                                                                                                                                                                                                                                                                                              Type Aliases

                                                                                                                                                                                                                                                                                                                                                                                                                                              type EventType

                                                                                                                                                                                                                                                                                                                                                                                                                                              type EventType =
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'discovery_document_loaded'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'jwks_load_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'invalid_nonce_in_state'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'discovery_document_load_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'discovery_document_validation_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'user_profile_loaded'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'user_profile_load_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_received'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'code_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_refreshed'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_refresh_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'silent_refresh_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'silently_refreshed'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'silent_refresh_timeout'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_validation_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_expires'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'session_changed'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'session_error'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'session_terminated'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'session_unchanged'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'logout'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'popup_closed'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'popup_blocked'
                                                                                                                                                                                                                                                                                                                                                                                                                                              | 'token_revoke_error';

                                                                                                                                                                                                                                                                                                                                                                                                                                                Package Files (17)

                                                                                                                                                                                                                                                                                                                                                                                                                                                Dependencies (1)

                                                                                                                                                                                                                                                                                                                                                                                                                                                Dev Dependencies (0)

                                                                                                                                                                                                                                                                                                                                                                                                                                                No dev dependencies.

                                                                                                                                                                                                                                                                                                                                                                                                                                                Peer Dependencies (2)

                                                                                                                                                                                                                                                                                                                                                                                                                                                Badge

                                                                                                                                                                                                                                                                                                                                                                                                                                                To add a badge like this onejsDocs.io badgeto your package's README, use the codes available below.

                                                                                                                                                                                                                                                                                                                                                                                                                                                You may also use Shields.io to create a custom badge linking to https://www.jsdocs.io/package/angular-oauth2-oidc.

                                                                                                                                                                                                                                                                                                                                                                                                                                                • Markdown
                                                                                                                                                                                                                                                                                                                                                                                                                                                  [![jsDocs.io](https://img.shields.io/badge/jsDocs.io-reference-blue)](https://www.jsdocs.io/package/angular-oauth2-oidc)
                                                                                                                                                                                                                                                                                                                                                                                                                                                • HTML
                                                                                                                                                                                                                                                                                                                                                                                                                                                  <a href="https://www.jsdocs.io/package/angular-oauth2-oidc"><img src="https://img.shields.io/badge/jsDocs.io-reference-blue" alt="jsDocs.io"></a>