README
Angular OAuth
Ngx-oauth
is a fully OAuth 2.1 compliant angular library. The library supports all the 4 flows:
- resource
- implicit
- authorization code
- client credentials
Supports OIDC
PKCE
support for authorization code with code verification
How to
To start using the ngx-oauth
you need to import and configure the OAuthModule
module.
Example for resource owner flow:
const oauthConfig = {
type: OAuthType.RESOURCE,
config: {
tokenPath: '/authorizationserver/oauth/token',
revokePath: '/authorizationserver/oauth/revoke', // optional
clientId: '<your_client_id>',
clientSecret: '<your_client_secret>'
},
storage: localStorage, // Optional, default value is localStorage
storageKey: 'token' // Optional, default value is 'token'
};
@NgModule({
imports: [
OAuthModule.forRoot(oauthConfig),
],
providers: [],
bootstrap: [AppComponent]
})
export class AppModule {
}
Example for authorization code flow with OIDC
and PKCE
For public oauth clients clientSecret
can be removed since is not used
const oauthConfig = {
type: OAuthType.AUTHORIZATION_CODE,
config: {
clientId: '<your_client_id>',
clientSecret: '<your_client_secret>',
authorizePath: '/o/authorize/',
tokenPath: '/o/token/',
revokePath: '/o/revoke/',
scope: 'openid email profile',
pkce: true
},
}
Keycloak example for oidc implicit flow
const keycloakOpenIDConfig = {
type: OAuthType.IMPLICIT,
config: {
issuerPath: 'http://localhost:8080/auth/realms/commerce',
clientId: '<your_client_id>',
}
};
Keycloak example for oidc with issuer url
const keycloakOpenIDConfig = {
type: OAuthType.AUTHORIZATION_CODE,
config: {
issuerPath: 'http://localhost:8080/auth/realms/commerce',
clientId: '<your_client_id>',
}
};
Azure example
const azureOpenIDConfig = {
type: OAuthType.AUTHORIZATION_CODE,
config: {
issuerPath: 'https://login.microsoftonline.com/common/v2.0', // for common make sure you app has "signInAudience": "AzureADandPersonalMicrosoftAccount",
clientId: '<your_client_id>',
scope: 'openid profile email offline_access',
pkce: true // manually since is required but code_challenge_methods_supported is not in openid configuration
}
}
Google example
const googleOpenIDConfig = {
type: OAuthType.AUTHORIZATION_CODE,
config: {
issuerPath: 'https://accounts.google.com',
clientId: '<your_client_id>',
clientSecret: '<your_client_secret>',
scope: 'openid profile email'
}
}
You can use the oauth-login
component
<div class="login-component">
<oauth-login></oauth-login>
</div>
or with params
@Component({
selector: 'login-component',
template: `
<oauth-login [i18n]="i18n"
[profileName$]="profileName