OAuth service for SEGES angular applications
Prerequisites
Angular UI router TypeScript 2.x SAML and OAuth based login system which as part of the login process can store the saml token, expiry date and refresh token in localstorage on the browser.
How to use
Six things must be set up using the authenticationProvider:
- Bearer token (storedTokenKey)
- Expiry date of the bearer token (storedTokenExpiryKey)
- Refresh token to refresh the bearer token if expired (storedRefreshToken)
- Authentication URL that points to a extern login page (authenticateUrl)
- Externally logout URL that logout the user (logoutUrl)
- Externally logOutFromSingleSignOn URL that logout the user behind the scene (logOutFromSingleSignOnUrl)
- Logout Return Url (logOutReturnUrl)
The only thing to do if valid SAML token has to be checked on state changes (view changes by url) is to Inject the OAuth service in the project and initialize the authenticationProvider. Then as default behaviour the static method moduleRun in the oauth authentication service will run and catching state changes.
Example:
-
Install NPM module in project: npm install @seges/angular-oauth-service
-
Import the service and start it:
import {
AuthenticationProvider,
AuthenticationService,
IAuthenticationService,
} from "@seges/angular-oauth-service";Oauth configuration has to be set at the projects startpoint:
static setConfiguration(module: ng.IModule): void {
this.setupAuthentication(
module,
"authUrl",
"logOutUrl",
"logOutReturnUrl",
);
module.constant("farmTimeApiUrl", "apiUrl");
module.constant("farmTimeOauthUrl", "oauthUrl");
module.constant("storedTokenKey", "samltoken");
module.constant("storedTokenExpiryKey", "samltoken-expires");
module.constant("storedRefreshTokenKey", "refreshtoken");
}
private static setupAuthentication(
module: ng.IModule,
authUrl: string,
logoutUrl: string,
logOutReturnUrl: string): void {
module.config(["authenticationProvider", (authenticationProvider: AuthenticationProvider) => {
authenticationProvider.setAuthUrl(authUrl);
authenticationProvider.setLogoutUrl(logoutUrl);
authenticationProvider.setStoredTokenExpiryKey("samltoken-expires");
authenticationProvider.setStoredTokenKey("samltoken");
authenticationProvider.setStoredRefreshToken("refreshtoken");
authenticationProvider.setLogOutReturnUrl(logOutReturnUrl);
}]);
module.run(["$rootScope", "authentication",
($rootScope: ng.IRootScopeService, authentication: IAuthenticationService) =>
AuthenticationService.moduleRun($rootScope, authentication)]);
}The oAuth service also has to be injected as dependency where valid login is necessary and not checked by moduleRun and state changes. As example if a api call to backend is running internally in a view. In this situation use the isExpiredAndRefreshToken() method to check if the SAML token is valid before calling the api. If not get a fresh SAML token with the refreshSamlToken() method and do the call to the api afterwards.
- Import the service
import {
IAuthenticationService,
} from "@seges/angular-oauth-service";
2. Define SAML interface
interface SamlToken {
samlToken: string;
expires: Date;
start: Date;
}- Check if valid SAML token and refresh if not valid:
if (this.authService.isExpiredAndRefreshToken()) {
return this.authService.refreshSamlToken()
.then(
(samlToken: SamlToken) => {
this.$http.defaults.headers.common.Authorization = `Bearer ${samlToken.samlToken}`;
if (completeConfigCopy && !angular.equals(completeConfigCopy, completeConfig)) {
completeConfig = completeConfigCopy;
}
return this.submitRequest(completeConfig);
},
(error: ng.IHttpPromiseCallbackArg<void>) => { /* error handling */ });
} else {
/* Call api */
}
}To use logIn() and logOut() methods inject the service as dependency where they have to be used.