@esek/auth-client
An SDK to authenticate against the E-Sek SSO OAuth2.0 login provider.
Also includes wrappers to handle OAuth for different types of clients (web). At the moment of writing, the only client that has a wrapper is SvelteKit
.
EOAuth2.0Client
- Generic SDK
The EAuth2.0Client
is a generic SDK that streamlines the requests required to authenticate against the E-Sek SSO OAuth2.0 provider. This can be used as a standalone library, but it's also used under the hood in the SvelteKit
(and should be used in additional) wrapper.
Options
When initailizing the EOAuth2.0Client
, you can pass in the following options:
Variable | Required | Default | Description |
---|---|---|---|
authUrl |
true |
`` | The URL of the E-Sek SSO OAuth2.0 provider. |
clientId |
false |
`` | The client ID of the application. |
clientSecret |
false |
`` | The client secret of the application. |
redirectUri |
false |
`` | The (default) redirect URI of the application. Note that all these non-required options can be overritten at any request |
EOAuth2Handler
- SvelteKit wrapper
In order to use the E-Sek OAuth2.0 wrapper in SvelteKit, you need to:
- Create a
hooks.{js|ts}
file in the root (or somewhere else if you point it correctly according to the docs) - Create a new
EOAuth2Handler
somewhere in your project and make it exportable:
// hooks.ts
export const appAuth = new EOAuthHandler({
...options,
});
The options
provided to the constructor are as follows:
Variable | Required | Default | Description |
---|---|---|---|
authUrl |
true |
`` | The URL of the E-Sek SSO OAuth2.0 provider. |
clientId |
false |
`` | The client ID of the application. |
clientSecret |
false |
`` | The client secret of the application. |
basePath |
false |
/auth |
The base url that all authentication is handled via (ex. /{BASE_PATH}/login etc.) |
isDev |
true |
`` | Tells the wrapper whether to set the cookie domain or not |
- Use the created
appAuth
in your hooks file
export const handle = appAuth.handle;
export const getSession = appAuth.getSession;
-
Create a
/{BASE_PATH}/[...auth].ts
route under/routes
in your SvelteKit-application. This needs to be created otherwise the SvelteKit router will throw a 404 before hitting the session. -
Export the
GET
andPOST
endpoints from our[...auth].ts
file:
// [...auth].ts
import { appAuth } from 'xxx';
export const { GET, POST } = appAuth;