#119, #117, #48

Author: manfredsteyer

angular-oauth2-oidc/docs/classes/AuthConfig.html

@@ -1805,7 +1805,7 @@ <h3 id="inputs">
      */
     public requestAccessToken? &#x3D; true;
 
-    public options?: any;
+    public options?: any &#x3D; null;
 
     /**
      * The issuer&#x27;s uri.
@@ -1825,13 +1825,13 @@ <h3 id="inputs">
     /**
      * Url of the token endpoint as defined by OpenId Connect and OAuth 2.
      */
-    public tokenEndpoint?: string;
+    public tokenEndpoint?: string &#x3D; null;
 
     /**
      * Url of the userinfo endpoint as defined by OpenId Connect.
      *
      */
-    public userinfoEndpoint?: string;
+    public userinfoEndpoint?: string &#x3D; null;
 
     public responseType? &#x3D; &#x27;token&#x27;;
 
@@ -1874,7 +1874,7 @@ <h3 id="inputs">
      * it does not bring additional security and is therefore
      * as good as using no password.
      */
-    public dummyClientSecret?: string;
+    public dummyClientSecret?: string &#x3D; null;;
 
 
     /**
@@ -1896,13 +1896,13 @@ <h3 id="inputs">
      * with keys used to validate received id_tokens.
      * This is taken out of the disovery document. Can be set manually too.
      */
-    public jwks?: object;
+    public jwks?: object &#x3D; null;
 
     /**
      * Map with additional query parameter that are appended to
      * the request when initializing implicit flow.
      */
-    public customQueryParams?: object;
+    public customQueryParams?: object &#x3D; null;
 
     public silentRefreshIFrameName? &#x3D; &#x27;angular-oauth-oidc-silent-refresh-iframe&#x27;;
 
@@ -1931,7 +1931,7 @@ <h3 id="inputs">
     /**
      * Url for the iframe used for session checks
      */
-    public sessionCheckIFrameUrl?: string;
+    public sessionCheckIFrameUrl?: string &#x3D; null;
 
     /**
      * Name of the iframe to use for session checks

angular-oauth2-oidc/docs/classes/JwksValidationHandler.html

@@ -814,7 +814,7 @@ <h3 id="inputs">
         let alg &#x3D; params.idTokenHeader[&#x27;alg&#x27;];
 
         if (kid) {
-            key &#x3D; keys.find(k &#x3D;&gt; k[&#x27;kid&#x27;] &#x3D;&#x3D;&#x3D; kid &amp;&amp; k[&#x27;use&#x27;] &#x3D;&#x3D;&#x3D; &#x27;sig&#x27;);
+            key &#x3D; keys.find(k &#x3D;&gt; k[&#x27;kid&#x27;] &#x3D;&#x3D;&#x3D; kid /* &amp;&amp; k[&#x27;use&#x27;] &#x3D;&#x3D;&#x3D; &#x27;sig&#x27; */);
         }
         else {
             let kty &#x3D; this.alg2kty(alg);

angular-oauth2-oidc/docs/injectables/OAuthService.html

@@ -1440,7 +1440,7 @@ <h3 id="methods">
                                 <td class="col-md-4">
 
                                         <div class="io-description">
-                                            <b>Returns : </b>    <code><a href="https://www.typescriptlang.org/docs/handbook/basic-types.html" target="_blank" >void</a></code>
+                                            <b>Returns : </b>    <code><a href="https://www.typescriptlang.org/docs/handbook/basic-types.html" target="_blank" >any</a></code>
 
                                         </div>
                                 </td>
@@ -2214,7 +2214,7 @@ <h3 id="inputs">
     }
 
     public loadDiscoveryDocumentAndTryLogin() {
-        this.loadDiscoveryDocument().then((doc) &#x3D;&gt; {
+        return this.loadDiscoveryDocument().then((doc) &#x3D;&gt; {
             return this.tryLogin();
         });
     }

angular-oauth2-oidc/docs/js/search/search_index.js

@@ -43,7 +43,7 @@ export class AuthConfig {
      */
     public requestAccessToken? = true;
 
-    public options?: any;
+    public options?: any = null;
 
     /**
      * The issuer's uri.
@@ -63,13 +63,13 @@ export class AuthConfig {
     /**
      * Url of the token endpoint as defined by OpenId Connect and OAuth 2.
      */
-    public tokenEndpoint?: string;
+    public tokenEndpoint?: string = null;
 
     /**
      * Url of the userinfo endpoint as defined by OpenId Connect.
      *
      */
-    public userinfoEndpoint?: string;
+    public userinfoEndpoint?: string = null;
 
     public responseType? = 'token';
 
@@ -112,7 +112,7 @@ export class AuthConfig {
      * it does not bring additional security and is therefore
      * as good as using no password.
      */
-    public dummyClientSecret?: string;
+    public dummyClientSecret?: string = null;;
 
 
     /**
@@ -134,13 +134,13 @@ export class AuthConfig {
      * with keys used to validate received id_tokens.
      * This is taken out of the disovery document. Can be set manually too.
      */
-    public jwks?: object;
+    public jwks?: object = null;
 
     /**
      * Map with additional query parameter that are appended to
      * the request when initializing implicit flow.
      */
-    public customQueryParams?: object;
+    public customQueryParams?: object = null;
 
     public silentRefreshIFrameName? = 'angular-oauth-oidc-silent-refresh-iframe';
 
@@ -169,7 +169,7 @@ export class AuthConfig {
     /**
      * Url for the iframe used for session checks
      */
-    public sessionCheckIFrameUrl?: string;
+    public sessionCheckIFrameUrl?: string = null;
 
     /**
      * Name of the iframe to use for session checks

angular-oauth2-oidc/src/auth.config.ts

@@ -153,7 +153,7 @@ export class OAuthService
     }
 
     public loadDiscoveryDocumentAndTryLogin() {
-        this.loadDiscoveryDocument().then((doc) => {
+        return this.loadDiscoveryDocument().then((doc) => {
             return this.tryLogin();
         });
     }

angular-oauth2-oidc/src/oauth-service.ts

@@ -1,6 +1,6 @@
 {
   "name": "angular-oauth2-oidc",
-  "version": "2.1.6",
+  "version": "2.1.7",
   "repository": {
     "type": "git",
     "url": "https://github.com/manfredsteyer/angular-oauth2-oidc"

angular-oauth2-oidc/src/package.json

@@ -40,7 +40,7 @@ export class JwksValidationHandler extends AbstractValidationHandler {
         let alg = params.idTokenHeader['alg'];
 
         if (kid) {
-            key = keys.find(k => k['kid'] === kid && k['use'] === 'sig');
+            key = keys.find(k => k['kid'] === kid /* && k['use'] === 'sig' */);
         }
         else {
             let kty = this.alg2kty(alg);

angular-oauth2-oidc/src/token-validation/jwks-validation-handler.ts

@@ -1,8 +1,9 @@
+import { noDiscoveryAuthConfig } from './auth-no-discovery.config';
 import { googleAuthConfig } from './auth.google.config';
 import { authConfig } from './auth.config';
 import { FlightHistoryComponent } from './flight-history/flight-history.component';
 import { Component } from '@angular/core';
-import { OAuthService } from 'angular-oauth2-oidc';
+import { OAuthService, AuthConfig } from 'angular-oauth2-oidc';
 import { JwksValidationHandler } from 'angular-oauth2-oidc';
 import { Router } from "@angular/router";
 
@@ -16,13 +17,20 @@ export class AppComponent {
         private router: Router,
         private oauthService: OAuthService) {
 
+      // this.configureWithoutDiscovery();
       this.configureWithNewConfigApi();
       // this.configureAuth();
       // this.configurePasswordFlow();
 
     }
 
 
+    private configureWithoutDiscovery() {
+      this.oauthService.configure(noDiscoveryAuthConfig);
+      this.oauthService.tokenValidationHandler = new JwksValidationHandler();
+      this.oauthService.tryLogin();
+    }
+
     // This api will come in the next version
     private configureWithNewConfigApi() {
 

sample/src/app/app.component.ts

@@ -0,0 +1,67 @@
+import { AuthConfig } from 'angular-oauth2-oidc';
+
+export const noDiscoveryAuthConfig: AuthConfig = {
+  'clientId':
+      '1004270452653-m396kcs7jc3970turlp7ffh6bv4t1b86.apps.googleusercontent.com',
+  'redirectUri': 'http://localhost:4200/index.html',
+  'postLogoutRedirectUri': '',
+  'loginUrl': 'https://accounts.google.com/o/oauth2/v2/auth',
+  'scope': 'openid profile email',
+  'resource': '',
+  'rngUrl': '',
+  'oidc': true,
+  'requestAccessToken': true,
+  'options': null,
+  'issuer': 'https://accounts.google.com',
+  'clearHashAfterLogin': true,
+  'tokenEndpoint': 'https://www.googleapis.com/oauth2/v4/token',
+  'userinfoEndpoint': 'https://www.googleapis.com/oauth2/v3/userinfo',
+  'responseType': 'token',
+  'showDebugInformation': true,
+  'silentRefreshRedirectUri': 'http://localhost:4200/silent-refresh.html',
+  'silentRefreshMessagePrefix': '',
+  'silentRefreshShowIFrame': false,
+  'siletRefreshTimeout': 20000,
+  'silentRefreshTimeout': 20000,
+  'dummyClientSecret': null,
+  'requireHttps': 'remoteOnly',
+  'strictDiscoveryDocumentValidation': false,
+  'jwks': {
+    'keys': [
+      {
+        'kty': 'RSA',
+        'alg': 'RS256',
+        'use': 'sig',
+        'kid': '7540561fdb04b89d824a1b7b9e8849873e7cb50e',
+        'n':
+            'sSFZrLIrXzvXBCehdPR10T-mfHWFU5ZtGzW9buI7wT_tJzZ1SRUc2l1NH92kGV9bmWRtDLjWcWFwMG7rbjX25-R-62lD1k15gQiO4bhx7gbV05e36os2vXTs0ypj9GS9y8X_2fYAnxxulMLwz4m24Ejo2tQI43-V-3Tec6cSXe0FjhRaPbGdS8GHPDKkhpJ1NHMZ38vhddIImOfvtVuz3lt_zwjBsAC6Q7PHs2GOm3KtC22DCwXMYSri4QOQcasuvTlZxIQSIksTyuH0T02IH5SJvQZSx46Vfq8BM4JP-zEEjzadoyxQPouRM6TrUeaqNv5B1f1lbH6G0G_r_ddYWQ',
+        'e': 'AQAB'
+      },
+      {
+        'kty': 'RSA',
+        'alg': 'RS256',
+        'use': 'sig',
+        'kid': '778233e8f6f342ea09e867aad25f543adeebf372',
+        'n':
+            '8MMxQ9F7R1zJ57QvLX-HqUlTVLLofCzZ3-lxohJr8ivJDGZoCqll7ZTNO0nGMgnPpIO-3BQLkaNGQDCpnID1vNIjClFFl0E3cN5bDX15uxCQeQDsm25fTlphpy5FkdoHCviswtrsl2KKUPeRlKqCqMjlDO27KuxIwzIPdNSqv4tseZmI-biFt2JlO9htgODrVqaawdm27t9HcWfOK_a5czRFDHWck2-ZwjbCOF9CtF1ggYm11aV0TElExXr5fgjAQdZ1yGmJvir127BRUgyIy5cpyf7VRRf2Cv7whSMoVJr4W3OK0H9vkuFLnlBiBNYQmH_eWy5U4jBfZjBqvA7Oww',
+        'e': 'AQAB'
+      },
+      {
+        'kty': 'RSA',
+        'alg': 'RS256',
+        'use': 'sig',
+        'kid': '8ec17994394464d95b0b3d906326f1cdde8aee64',
+        'n':
+            'w49KfvzGWVXH4vyUxvP29_QTmJfvLp4RPT1WlI6Wo2aNvn6j9vRSLDrK2CnOvvrrlUKvR-8FTcyNi9pRKXDwDhEJcyVFBJVi4PqDh0KIX_dOGYCulr5FUvU0HXQxlMWSHIsJjfGbMMUwM0p09y8KHL-kipiipzn80EpBmrI4Q3t6XOAZJSmbIPaGZJDjyoWWV0TDdVDBMfkqII6tOOB7Ha189AZjz7FHYXR9CIc0Jm6rFy0tVpdHFEG3ptcNQEDQ5ghyMM4PDM4ZmQ5uk3WgHVqnpdmGEfKekLwmYFWgnI-ux_MabltIxr9TE1qubEmebM64rOusHBF0mSbEwggbyw',
+        'e': 'AQAB'
+      }
+    ]
+  },
+  'customQueryParams': null,
+  'silentRefreshIFrameName': 'angular-oauth-oidc-silent-refresh-iframe',
+  'timeoutFactor': 0.75,
+  'sessionCheckIntervall': 3000,
+  'sessionCheckIFrameName': 'angular-oauth-oidc-check-session-iframe',
+  'disableAtHashCheck': false,
+  'skipSubjectCheck': false
+}