ember-implicit-grant-authenticator
A Ember Simple Auth addon which implements the Implicit Grant Flow.
Compatibility
- Ember.js v3.20 or above
- Ember CLI v3.20 or above
- Node.js v12 or above
Installation
ember install ember-implicit-grant-authenticator
Usage
To use the ember-implicit-grant-authenticator you need to do the following changes
Ember Simple Auth Authenticator
Create an Authenticator extending the ember-implicit-grant-authenticator Authenticator. Know more about ember-simple-auth Authenticator.
import OAuth2ImplicitGrant from 'ember-implicit-grant-authenticator/authenticators/oauth2-implicit-grant';
export default OAuth2ImplicitGrant.extend({});Login callback
Create a route named login-callback. This is the route that user will be redirected after the OpenID Connect Authorization Code Flow.
To authenticate the user session, you need to call the authenticate method from session service:
import Route from '@ember/routing/route';
import { inject as service } from '@ember/service';
export default Route.extend({
session: service(),
beforeModel() {
return this.get('session').authenticate('authenticator:oauth2-implicit-grant', window.location.hash);
}
});The authenticate method need two parameter
authenticator <String>
The ember-simple-auth authenticator that will be used inside the authentication flow
hash <String>
The url hash received from the OpenID server that can be accessed through: window.location.hash
Session Authentication
To authenticate the user session, you need to call the authenticate method from implicit-grant-authenticator service:
import Controller from '@ember/controller';
import { inject as service } from '@ember/service';
export default Controller.extend({
implicitGrantAuthenticator: service(),
actions: {
login() {
return this.get('implicitGrantAuthenticator').authenticate();
}
}
});Session Invalidation
To invalidate the user session, you need to call the invalidate method from implicit-grant-authenticator service:
import Controller from '@ember/controller';
import { inject as service } from '@ember/service';
export default Controller.extend({
implicitGrantAuthenticator: service(),
actions: {
logout() {
return this.get('implicitGrantAuthenticator').invalidate();
}
}
});Configuration
The addon can be configured in the project's environment.js file with the key ember-implicit-grant-authenticator.
// config/environment.js
module.exports = function (environment) {
"ember-implicit-grant-authenticator": {
host: "Your Host",
clientId: "{Client Name}",
scope: "openid profile email phone roles",
responseType: "id_token token",
grantType: "code implicit",
authEndpoint: "/connect/authorize",
tokenEndpoint: "/connect/token",
userinfoEndpoint: "/connect/userinfo",
endsessionEnpoint: "/connect/endsession"
}
return ENV;
};host <String>
A relative or absolute URI of the authorization server.
clientId <String>
The oidc client identifier valid at the authorization server.
authEndpoint <String>
Authorization endpoint at the authorization server. This can be a path which
will be appended to host or an absolute URL.
tokenEndpoint <String>
Token endpoint at the authorization server. This can be a path which will be
appended to host or an absolute URL.
endSessionEndpoint <String> (optional)
End session endpoint endpoint at the authorization server. This can be a path
which will be appended to host or an absolute URL.
userinfoEndpoint <String>
Userinfo endpoint endpoint at the authorization server. This can be a path
which will be appended to host or an absolute URL.
afterLogoutUri <String> (optional)
A relative or absolute URI to which will be redirected after logout / end session.
scope <String> (optional)
The oidc scope value. Default is "openid".
Contributing
See the Contributing guide for details.
License
This project is licensed under the MIT License. This project is based on ember-simple-auth-oidc.