jeroenheijmansjeroenheijmans
275

Sample Angular Oauth2 Oidc With Auth Guards

screenshot of Sample Angular Oauth2 Oidc With Auth Guards
angular

Basic example of how to integrate the angular-oauth2-oidc library in an Angular SPA utilizing AuthGuards.

Github

Overview

The Example Angular OAuth2 OIDC repository serves as a practical demonstration of integrating OAuth2 and OpenID Connect into an Angular application. It utilizes the angular-oauth2-oidc library in conjunction with Angular's AuthGuard feature, showcasing the intricacies involved in secure authentication in a Single Page Application (SPA). Given the tightening restrictions on third-party cookies by browser vendors, this repository provides insights into the challenges faced and the recommended practices for implementing effective authentication flows today.

Highlighting the use of the Code+PKCE flow, this resource emphasizes modern authentication techniques, ensuring a higher level of security for applications. It's particularly relevant for developers seeking to navigate the complexities of user authentication in SPAs while maintaining a robust user experience.

Features

  • Code+PKCE Flow: Utilizes the more secure Code+PKCE flow, eliminating the need for JWKS validation while enhancing security for JavaScript clients.
  • Mandatory Bootstrapping: Implements asynchronous bootstrapping using APP_INITIALIZER, ensuring the application is fully prepared before any components are loaded.
  • Auth Guard Functionality: Offers comprehensive AuthGuard options to either enforce login for protected routes or prevent access to unauthorized areas.
  • Asynchronous Login Information: Retrieves and loads login information asynchronously, providing a seamless user experience during the authentication process.
  • LocalStorage Token Management: Demonstrates the use of localStorage for storing tokens, providing flexibility but requiring caution regarding security risks.
  • Discovery Document Integration: Loads Identity Server (IDS) details directly from its discovery document, simplifying the configuration process for authentication.
  • External Logout Features: Includes the capability to leverage OpenID's external logout features, enhancing user control over their sessions.
  • Demo Setup Instructions: Provides a clear setup guide to get the application running locally, allowing developers to quickly test and experiment with the implementation.
angular
Angular

Angular is a TypeScript-based open-source framework by Google for building dynamic single-page applications and cross-platform mobile apps with MVC architecture and a rich set of features.

typescript
Typescript

TypeScript is a superset of JavaScript, providing optional static typing, classes, interfaces, and other features that help developers write more maintainable and scalable code. TypeScript's static typing system can catch errors at compile-time, making it easier to build and maintain large applications.