diff --git a/.directory b/.directory deleted file mode 100644 index f28fc9e..0000000 --- a/.directory +++ /dev/null @@ -1,7 +0,0 @@ -[Dolphin] -Timestamp=2021,1,20,10,33,51 -Version=4 -ViewMode=1 - -[Settings] -HiddenFilesShown=true diff --git a/.gitignore b/.gitignore index 86d943a..d4fe85c 100644 --- a/.gitignore +++ b/.gitignore @@ -44,3 +44,4 @@ testem.log # System Files .DS_Store Thumbs.db +.directory diff --git a/package-lock.json b/package-lock.json index 0f46c0e..ce544de 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2146,14 +2146,6 @@ "js-sha256": "^0.9.0" } }, - "angular-oauth2-oidc-jwks": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/angular-oauth2-oidc-jwks/-/angular-oauth2-oidc-jwks-9.0.0.tgz", - "integrity": "sha512-3hTJc7vEI/ka/nnliMcCQuDnszzL3AhGInBBbn96BO+ZOdvP/4PbEumUsDto2WRpPMPxD6HAmExwYeQWljcc5A==", - "requires": { - "jsrsasign": "^8.0.12" - } - }, "ansi-colors": { "version": "3.2.4", "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-3.2.4.tgz", @@ -6841,11 +6833,6 @@ "verror": "1.10.0" } }, - "jsrsasign": { - "version": "8.0.24", - "resolved": "https://registry.npmjs.org/jsrsasign/-/jsrsasign-8.0.24.tgz", - "integrity": "sha512-u45jAyusqUpyGbFc2IbHoeE4rSkoBWQgLe/w99temHenX+GyCz4nflU5sjK7ajU1ffZTezl6le7u43Yjr/lkQg==" - }, "jszip": { "version": "3.5.0", "resolved": "https://registry.npmjs.org/jszip/-/jszip-3.5.0.tgz", diff --git a/package.json b/package.json index b4b0972..3bcc5bb 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,6 @@ "@angular/platform-browser-dynamic": "~10.2.4", "@angular/router": "~10.2.4", "angular-oauth2-oidc": "^9.2.2", - "angular-oauth2-oidc-jwks": "^9.0.0", "rxjs": "~6.6.0", "tslib": "^1.14.1", "zone.js": "~0.10.2" diff --git a/src/app/app.component.ts b/src/app/app.component.ts index 63ca228..75cbb4c 100644 --- a/src/app/app.component.ts +++ b/src/app/app.component.ts @@ -1,31 +1,24 @@ import { noDiscoveryAuthConfig } from './auth-no-discovery.config'; -import { authConfig } from './auth.config'; import { Component } from '@angular/core'; import { OAuthService, NullValidationHandler } from 'angular-oauth2-oidc'; import { Router } from '@angular/router'; import { filter } from 'rxjs/operators'; import { authCodeFlowConfig } from './auth-code-flow.config'; -import { JwksValidationHandler } from 'angular-oauth2-oidc-jwks'; import { useHash } from '../flags'; @Component({ // tslint:disable-next-line:component-selector selector: 'flight-app', - templateUrl: './app.component.html' + templateUrl: './app.component.html', }) export class AppComponent { constructor(private router: Router, private oauthService: OAuthService) { - // Remember the selected configuration - if (sessionStorage.getItem('flow') === 'code') { - this.configureCodeFlow(); - } else { - this.configureImplicitFlow(); - } + this.configureCodeFlow(); // Automatically load user profile this.oauthService.events - .pipe(filter(e => e.type === 'token_received')) - .subscribe(_ => { + .pipe(filter((e) => e.type === 'token_received')) + .subscribe((_) => { console.debug('state', this.oauthService.state); this.oauthService.loadUserProfile(); }); @@ -33,7 +26,7 @@ export class AppComponent { private configureCodeFlow() { this.oauthService.configure(authCodeFlowConfig); - this.oauthService.loadDiscoveryDocumentAndTryLogin().then(_ => { + this.oauthService.loadDiscoveryDocumentAndTryLogin().then((_) => { if (useHash) { this.router.navigate(['/']); } @@ -43,34 +36,6 @@ export class AppComponent { this.oauthService.setupAutomaticSilentRefresh(); } - private configureImplicitFlow() { - this.oauthService.configure(authConfig); - this.oauthService.setStorage(localStorage); - // this.oauthService.tokenValidationHandler = new JwksValidationHandler(); - - this.oauthService.loadDiscoveryDocumentAndTryLogin().then(_ => { - if (useHash) { - this.router.navigate(['/']); - } - }); - - // Optional - this.oauthService.setupAutomaticSilentRefresh(); - - // Display all events - this.oauthService.events.subscribe(e => { - // tslint:disable-next-line:no-console - console.debug('oauth/oidc event', e); - }); - - this.oauthService.events - .pipe(filter(e => e.type === 'session_terminated')) - .subscribe(e => { - // tslint:disable-next-line:no-console - console.debug('Your session has been terminated!'); - }); - } - // // Below you find further examples for configuration functions // @@ -106,19 +71,19 @@ export class AppComponent { this.oauthService.tokenValidationHandler = new NullValidationHandler(); - this.oauthService.events.subscribe(e => { + this.oauthService.events.subscribe((e) => { // tslint:disable-next-line:no-console console.debug('oauth/oidc event', e); }); // Load Discovery Document and then try to login the user - this.oauthService.loadDiscoveryDocument().then(doc => { + this.oauthService.loadDiscoveryDocument().then((doc) => { this.oauthService.tryLogin(); }); this.oauthService.events - .pipe(filter(e => e.type === 'token_expires')) - .subscribe(e => { + .pipe(filter((e) => e.type === 'token_expires')) + .subscribe((e) => { // tslint:disable-next-line:no-console console.debug('received token_expires event', e); this.oauthService.silentRefresh(); diff --git a/src/app/app.module.ts b/src/app/app.module.ts index 30fa412..a0c4c38 100644 --- a/src/app/app.module.ts +++ b/src/app/app.module.ts @@ -1,7 +1,7 @@ import { NgModule } from '@angular/core'; import { FormsModule, ReactiveFormsModule } from '@angular/forms'; import { BrowserModule } from '@angular/platform-browser'; -import { OAuthModule, OAuthStorage } from 'angular-oauth2-oidc'; +import { OAuthModule } from 'angular-oauth2-oidc'; import { HttpClientModule } from '@angular/common/http'; import { AppComponent } from './app.component'; @@ -9,11 +9,8 @@ import { APP_ROUTES } from './app.routes'; import { BASE_URL } from './app.tokens'; import { FlightHistoryComponent } from './flight-history/flight-history.component'; import { HomeComponent } from './home/home.component'; -import { PasswordFlowLoginComponent } from './password-flow-login/password-flow-login.component'; import { SharedModule } from './shared/shared.module'; import { RouterModule, ExtraOptions } from '@angular/router'; -import { CustomPreloadingStrategy } from './shared/preload/custom-preloading.strategy'; -import { LocationStrategy, HashLocationStrategy } from '@angular/common'; import { useHash } from '../flags'; const ROUTING_OPTIONS: ExtraOptions = { @@ -40,8 +37,7 @@ const ROUTING_OPTIONS: ExtraOptions = { declarations: [ AppComponent, HomeComponent, - FlightHistoryComponent, - PasswordFlowLoginComponent + FlightHistoryComponent ], providers: [ // (useHash) ? { provide: LocationStrategy, useClass: HashLocationStrategy } : [], diff --git a/src/app/app.routes.ts b/src/app/app.routes.ts index 027229e..18b3e07 100644 --- a/src/app/app.routes.ts +++ b/src/app/app.routes.ts @@ -1,5 +1,4 @@ -import { PasswordFlowLoginComponent } from './password-flow-login/password-flow-login.component'; -import { Routes, RouterModule } from '@angular/router'; +import { Routes } from '@angular/router'; import { HomeComponent } from './home/home.component'; import { FlightHistoryComponent } from './flight-history/flight-history.component'; @@ -13,10 +12,6 @@ export let APP_ROUTES: Routes = [ path: 'home', component: HomeComponent }, - { - path: 'password-flow-login', - component: PasswordFlowLoginComponent - }, { path: 'flight-booking', loadChildren: () => diff --git a/src/app/auth-code-flow.config.ts b/src/app/auth-code-flow.config.ts index 65ddc66..d8b64cc 100644 --- a/src/app/auth-code-flow.config.ts +++ b/src/app/auth-code-flow.config.ts @@ -46,7 +46,7 @@ export const authCodeFlowConfig: AuthConfig = { sessionChecksEnabled: true, - timeoutFactor: 0.01, + timeoutFactor: 0.5, // disablePKCI: true, clearHashAfterLogin: false diff --git a/src/app/auth-password-flow.config.ts b/src/app/auth-password-flow.config.ts deleted file mode 100644 index e54c362..0000000 --- a/src/app/auth-password-flow.config.ts +++ /dev/null @@ -1,27 +0,0 @@ -// This api will come in the next version - -import { AuthConfig } from 'angular-oauth2-oidc'; - -export const authPasswordFlowConfig: AuthConfig = { - // Url of the Identity Provider - issuer: 'https://steyer-identity-server.azurewebsites.net/identity', - - // URL of the SPA to redirect the user to after login - redirectUri: window.location.origin + '/index.html', - - // URL of the SPA to redirect the user after silent refresh - silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html', - - // The SPA's id. The SPA is registerd with this id at the auth-server - clientId: 'demo-resource-owner', - - dummyClientSecret: 'geheim', - - // set the scope for the permissions the client should request - // The first three are defined by OIDC. The 4th is a usecase-specific one - scope: 'openid profile email voucher', - - showDebugInformation: true, - - oidc: false -}; diff --git a/src/app/auth.config.ts b/src/app/auth.config.ts deleted file mode 100644 index 5b9dcdd..0000000 --- a/src/app/auth.config.ts +++ /dev/null @@ -1,34 +0,0 @@ -// This api will come in the next version - -import { AuthConfig } from 'angular-oauth2-oidc'; - -export const authConfig: AuthConfig = { - // Url of the Identity Provider - issuer: 'https://idsvr4.azurewebsites.net', - - // URL of the SPA to redirect the user to after login - // redirectUri: window.location.origin - // + ((localStorage.getItem('useHashLocationStrategy') === 'true') - // ? '/#/index.html' - // : '/index.html'), - - redirectUri: window.location.origin + '/index.html', - - // URL of the SPA to redirect the user after silent refresh - silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html', - - // The SPA's id. The SPA is registerd with this id at the auth-server - clientId: 'implicit', - - // set the scope for the permissions the client should request - // The first three are defined by OIDC. The 4th is a usecase-specific one - scope: 'openid profile email api', - - // silentRefreshShowIFrame: true, - - showDebugInformation: true, - - sessionChecksEnabled: true - - // timeoutFactor: 0.01, -}; diff --git a/src/app/auth.google.config.ts b/src/app/auth.google.config.ts deleted file mode 100644 index d925caf..0000000 --- a/src/app/auth.google.config.ts +++ /dev/null @@ -1,28 +0,0 @@ -// This api will come in the next version - -import { AuthConfig } from 'angular-oauth2-oidc'; - -export const googleAuthConfig: AuthConfig = { - // Url of the Identity Provider - issuer: 'https://accounts.google.com', - - // URL of the SPA to redirect the user to after login - redirectUri: window.location.origin + '/index.html', - - // URL of the SPA to redirect the user after silent refresh - silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html', - - // The SPA's id. The SPA is registerd with this id at the auth-server - clientId: - '1004270452653-m396kcs7jc3970turlp7ffh6bv4t1b86.apps.googleusercontent.com', - - strictDiscoveryDocumentValidation: false, - - // set the scope for the permissions the client should request - // The first three are defined by OIDC. The 4th is a usecase-specific one - scope: 'openid profile email', - - showDebugInformation: true, - - sessionChecksEnabled: true -}; diff --git a/src/app/home/home.component.html b/src/app/home/home.component.html index b1247c8..92ca2f3 100644 --- a/src/app/home/home.component.html +++ b/src/app/home/home.component.html @@ -27,34 +27,6 @@ -
-
-

Login with Implicit Flow

-

- - -

- Username/Password: max/geheim -
-
- -
-
-

Login with Implicit Flow in popup

-

- - -

-

Username/Password: max/geheim

-

- Note: When using IE, some security settings block the communication - with popups. This prevents that this feature works. -

-
-
-

Login with Code Flow

diff --git a/src/app/home/home.component.ts b/src/app/home/home.component.ts index 3b7f334..38ce3ae 100644 --- a/src/app/home/home.component.ts +++ b/src/app/home/home.component.ts @@ -1,4 +1,3 @@ -import { authConfig } from '../auth.config'; import { Component, OnInit } from '@angular/core'; import { OAuthService } from 'angular-oauth2-oidc'; import { authCodeFlowConfig } from '../auth-code-flow.config'; @@ -34,28 +33,6 @@ export class HomeComponent implements OnInit { */ } - async loginImplicit() { - // Tweak config for implicit flow - this.oauthService.configure(authConfig); - await this.oauthService.loadDiscoveryDocument(); - sessionStorage.setItem('flow', 'implicit'); - - this.oauthService.initLoginFlow('/some-state;p1=1;p2=2?p3=3&p4=4'); - // the parameter here is optional. It's passed around and can be used after logging in - } - - async loginImplicitInPopup() { - // Tweak config for implicit flow - this.oauthService.configure(authConfig); - await this.oauthService.loadDiscoveryDocument(); - sessionStorage.setItem('flow', 'implicit'); - - this.oauthService.initLoginFlowInPopup().then(() => { - this.loadUserProfile(); - }); - // the parameter here is optional. It's passed around and can be used after logging in - } - async loginCode() { // Tweak config for code flow this.oauthService.configure(authCodeFlowConfig); diff --git a/src/app/password-flow-login/password-flow-login.component.html b/src/app/password-flow-login/password-flow-login.component.html deleted file mode 100644 index e744133..0000000 --- a/src/app/password-flow-login/password-flow-login.component.html +++ /dev/null @@ -1,47 +0,0 @@ -

Welcome!

-

Welcome, {{ givenName }} {{ familyName }}!

- -
-
-

Login with Username/Password

- -

- Login wasn't successfull. -

- -
- - -
-
- - -
-
- - -
-
-
- -
-
Username/Password: max/geheim
-
- -
-
-

access_token_expiration: {{ access_token_expiration }}

-
-
- -
-
-

access_token: {{ access_token }}

-
- user profile: - 
{{ userProfile | json }}
-
-
-
diff --git a/src/app/password-flow-login/password-flow-login.component.ts b/src/app/password-flow-login/password-flow-login.component.ts deleted file mode 100644 index ec44275..0000000 --- a/src/app/password-flow-login/password-flow-login.component.ts +++ /dev/null @@ -1,69 +0,0 @@ -import { authPasswordFlowConfig } from '../auth-password-flow.config'; -import { OAuthService } from 'angular-oauth2-oidc'; -import { Component, OnInit } from '@angular/core'; - -@Component({ - selector: 'app-password-flow-login', - templateUrl: './password-flow-login.component.html' -}) -export class PasswordFlowLoginComponent implements OnInit { - userName: string; - password: string; - loginFailed: boolean = false; - userProfile: object; - - constructor(private oauthService: OAuthService) { - // Tweak config for password flow - // This is just needed b/c this demo uses both, - // implicit flow as well as password flow - - this.oauthService.configure(authPasswordFlowConfig); - this.oauthService.loadDiscoveryDocument(); - } - - ngOnInit() {} - - loadUserProfile(): void { - this.oauthService.loadUserProfile().then(up => (this.userProfile = up)); - } - - get access_token() { - return this.oauthService.getAccessToken(); - } - - get access_token_expiration() { - return this.oauthService.getAccessTokenExpiration(); - } - - get givenName() { - var claims = this.oauthService.getIdentityClaims(); - if (!claims) return null; - return claims['given_name']; - } - - get familyName() { - var claims = this.oauthService.getIdentityClaims(); - if (!claims) return null; - return claims['family_name']; - } - - loginWithPassword() { - this.oauthService - .fetchTokenUsingPasswordFlowAndLoadUserProfile( - this.userName, - this.password - ) - .then(() => { - console.debug('successfully logged in'); - this.loginFailed = false; - }) - .catch(err => { - console.error('error logging in', err); - this.loginFailed = true; - }); - } - - logout() { - this.oauthService.logOut(true); - } -} diff --git a/src/flags.ts b/src/flags.ts index 100788c..dad065f 100644 --- a/src/flags.ts +++ b/src/flags.ts @@ -1,5 +1,5 @@ // Use HashLocationStrategy for routing? -export const useHash = true; +export const useHash = false; // Set this to true, to use silent refresh; otherwise the example // uses the refresh_token via an AJAX coll to get new tokens.