Skip to content

Commit 01b4f20

Browse files
manfredsteyermanfredsteyer
committed
docs
1 parent 6738d23 commit 01b4f20

File tree

101 files changed

+14457
-32627
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

101 files changed

+14457
-32627
lines changed

.vscode/launch.json

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
{
2+
// Use IntelliSense to learn about possible attributes.
3+
// Hover to view descriptions of existing attributes.
4+
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
5+
"version": "0.2.0",
6+
"configurations": [
7+
{
8+
"type": "chrome",
9+
"request": "launch",
10+
"name": "Launch Chrome against localhost",
11+
"url": "http://localhost:4200",
12+
"webRoot": "${workspaceFolder}"
13+
}
14+
]
15+
}

docs-src/code-flow.bak.md

+66
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
# Code Flow
2+
3+
Since Version 8, this library also supports code flow and [PKCE](https://tools.ietf.org/html/rfc7636) to align with the current draft of the [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13) document.
4+
5+
6+
To configure your solution for code flow + PKCE you have to set the `responseType` to `code`:
7+
8+
```TypeScript
9+
10+
import { AuthConfig } from 'angular-oauth2-oidc';
11+
12+
export const authCodeFlowConfig: AuthConfig = {
13+
// Url of the Identity Provider
14+
issuer: 'https://demo.identityserver.io',
15+
16+
// URL of the SPA to redirect the user to after login
17+
redirectUri: window.location.origin + '/index.html',
18+
19+
// The SPA's id. The SPA is registerd with this id at the auth-server
20+
// clientId: 'server.code',
21+
clientId: 'spa',
22+
23+
// Just needed if your auth server demands a secret. In general, this
24+
// is a sign that the auth server is not configured with SPAs in mind
25+
// and it might not enforce further best practices vital for security
26+
// such applications.
27+
// dummyClientSecret: 'secret',
28+
29+
responseType: 'code',
30+
31+
// set the scope for the permissions the client should request
32+
// The first four are defined by OIDC.
33+
// Important: Request offline_access to get a refresh token
34+
// The api scope is a usecase specific one
35+
scope: 'openid profile email offline_access api',
36+
37+
showDebugInformation: true,
38+
39+
// Not recommented:
40+
// disablePKCI: true,
41+
};
42+
```
43+
44+
After this, you can initialize the code flow using:
45+
46+
```TypeScript
47+
48+
this.oauthService.initCodeFlow();
49+
```
50+
51+
There is also a convenience method `initLoginFlow` which initializes either the code flow or the implicit flow depending on your configuration.
52+
53+
```TypeScript
54+
this.oauthService.initLoginFlow();
55+
```
56+
57+
Also -- as shown in the readme -- you have to execute the following code when bootstrapping to make the library to fetch the token:
58+
59+
```TypeScript
60+
this.oauthService.configure(authCodeFlowConfig);
61+
this.oauthService.tokenValidationHandler = new JwksValidationHandler();
62+
this.oauthService.loadDiscoveryDocumentAndTryLogin();
63+
```
64+
65+
66+

docs-src/code-flow.md

+35-35
Original file line numberDiff line numberDiff line change
@@ -3,58 +3,58 @@
33
Since Version 8, this library also supports code flow and [PKCE](https://tools.ietf.org/html/rfc7636) to align with the current draft of the [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13) document.
44

55

6-
To configure your solution for code flow + PKCE you have to set the ``responseType`` to ``code``:
6+
To configure your solution for code flow + PKCE you have to set the `responseType` to `code`:
77

8-
```typescript
9-
import { AuthConfig } from 'angular-oauth2-oidc';
8+
```TypeScript
9+
import { AuthConfig } from 'angular-oauth2-oidc';
1010

11-
export const authCodeFlowConfig: AuthConfig = {
12-
// Url of the Identity Provider
13-
issuer: 'https://demo.identityserver.io',
11+
export const authCodeFlowConfig: AuthConfig = {
12+
// Url of the Identity Provider
13+
issuer: 'https://demo.identityserver.io',
1414

15-
// URL of the SPA to redirect the user to after login
16-
redirectUri: window.location.origin + '/index.html',
15+
// URL of the SPA to redirect the user to after login
16+
redirectUri: window.location.origin + '/index.html',
1717

18-
// The SPA's id. The SPA is registerd with this id at the auth-server
19-
// clientId: 'server.code',
20-
clientId: 'spa',
18+
// The SPA's id. The SPA is registerd with this id at the auth-server
19+
// clientId: 'server.code',
20+
clientId: 'spa',
2121

22-
// Just needed if your auth server demands a secret. In general, this
23-
// is a sign that the auth server is not configured with SPAs in mind
24-
// and it might not enforce further best practices vital for security
25-
// such applications.
26-
// dummyClientSecret: 'secret',
22+
// Just needed if your auth server demands a secret. In general, this
23+
// is a sign that the auth server is not configured with SPAs in mind
24+
// and it might not enforce further best practices vital for security
25+
// such applications.
26+
// dummyClientSecret: 'secret',
2727

28-
responseType: 'code',
28+
responseType: 'code',
2929

30-
// set the scope for the permissions the client should request
31-
// The first four are defined by OIDC.
32-
// Important: Request offline_access to get a refresh token
33-
// The api scope is a usecase specific one
34-
scope: 'openid profile email offline_access api',
30+
// set the scope for the permissions the client should request
31+
// The first four are defined by OIDC.
32+
// Important: Request offline_access to get a refresh token
33+
// The api scope is a usecase specific one
34+
scope: 'openid profile email offline_access api',
3535

36-
showDebugInformation: true,
36+
showDebugInformation: true,
3737

38-
// Not recommented:
39-
// disablePKCI: true,
40-
};
41-
```
38+
// Not recommented:
39+
// disablePKCI: true,
40+
};
41+
```
4242

4343
After this, you can initialize the code flow using:
4444

45-
```typescript
46-
this.oauthService.initCodeFlow();
47-
```
45+
```TypeScript
46+
this.oauthService.initCodeFlow();
47+
```
4848

49-
There is also a convenience method ``initLoginFlow`` which initializes either the code flow or the implicit flow depending on your configuration.
49+
There is also a convenience method `initLoginFlow` which initializes either the code flow or the implicit flow depending on your configuration.
5050

51-
```typescript
52-
this.oauthService.initLoginFlow();
53-
```
51+
```TypeScript
52+
this.oauthService.initLoginFlow();
53+
```
5454

5555
Also -- as shown in the readme -- you have to execute the following code when bootstrapping to make the library to fetch the token:
5656

57-
```typescript
57+
```TypeScript
5858
this.oauthService.configure(authCodeFlowConfig);
5959
this.oauthService.tokenValidationHandler = new JwksValidationHandler();
6060
this.oauthService.loadDiscoveryDocumentAndTryLogin();

0 commit comments

Comments
 (0)