Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration with OIDC library - Feature Request #585

Open
3 of 4 tasks
workcontrolgit opened this issue Jan 24, 2021 · 6 comments
Open
3 of 4 tasks

Integration with OIDC library - Feature Request #585

workcontrolgit opened this issue Jan 24, 2021 · 6 comments
Labels
feature help wanted PR welcome

Comments

@workcontrolgit
Copy link

workcontrolgit commented Jan 24, 2021
edited

I'm submitting a...

  • Bug report
  • Feature request
  • Documentation issue or request
  • Question

Current behavior

I have integrated OIDC client from damienbod/angular-auth-oidc-client to support the OpenID Connect Code Flow with PKCE. I need help to define the authentication interface within Ngx-Rocket to work with OIDC library so that it will minimize coding change when upgrading to a new version of ngx-rocket in the future.

Background

I forked the https://github.com/ngx-rocket/starter-kit to https://github.com/workcontrolgit/starter-kit. Then followed the integration instructions from damienbod/angular-auth-oidc-client to add the OIDC client library. At a high level, I made the following code changes

  1. auth\login.component.* - replaced username/password login with redirect to Identity Provider (ex. IdentityServer4) to support login
  2. auth\authentication.guard.ts - replaced isauthenticated with OIDC API method
  3. shell\header\header.component.* - replaced the logout method with OIDC API method

I left the existing auth\authentication.service.* and auth\credentials.service.* in the code base despite they are no longer in use.

Expected behavior

Please consider creating the interface and abstract classes for Authentication and Credentials. The default implementation can be form-based. Additional identity providers can be added and be configurable.

Examples techniques for define interface and abstract classes:
http://dotnetpattern.com/typescript-abstract-class

New set of code to integrate OIDC libary into ngx-rocket

Instead of using the code in ngx-rocket auth\authentication.* and auth\credentials.*, below is a new set of code in auth.service.ts (https://github.com/workcontrolgit/starter-kit/blob/main/src/app/auth/auth.service.ts) referencing the OIDC library


import { Injectable } from '@angular/core';
import { of } from 'rxjs';
import { OidcSecurityService } from 'angular-auth-oidc-client';

@Injectable({ providedIn: 'root' })
export class AuthService {
  constructor(private oidcSecurityService: OidcSecurityService) {}

  get isLoggedIn() {
    return this.oidcSecurityService.isAuthenticated$;
  }

  get token() {
    return this.oidcSecurityService.getToken();
  }

  get userData() {
    return this.oidcSecurityService.userData$;
  }

  checkAuth() {
    return this.oidcSecurityService.checkAuth();
  }

  doLogin() {
    return of(this.oidcSecurityService.authorize());
  }

  signOut() {
    this.oidcSecurityService.logoff();
  }
}

Minimal reproduction of the problem with instructions

Environment

Others:
@workcontrolgit
Copy link
Author

I wrote a blog to show how to use Ngx-Rocket to create an Angular app and then install/configure OIDC client to support Code Flow PKCE. I thought to share it here.

Secure Angular 11 App with Code Flow PKCE and IdentityServer4

@sinedied
Copy link
Member

It would be interesting to have such an integration as an option, if you're willing to work on it.

@workcontrolgit
Copy link
Author

workcontrolgit commented Jul 20, 2021
edited

@sinedied - I will be happy to help. How can I contribute to your repo? I have evaluated and integrated two popular Angular OIDC libraries into your starter kit. IHMO, the angular-oauth2-oidc from manfredsteyer is more developer friendly. Below are links to the Angular OIDC libraries and the integration repo/blog I created.

  1. https://github.com/manfredsteyer/angular-oauth2-oidc (integration repo, blog)
  2. https://github.com/damienbod/angular-auth-oidc-client (integration repo, blog)

@sinedied
Copy link
Member

You can have a look at the contribution guide here: https://github.com/ngx-rocket/generator-ngx-rocket/blob/main/CONTRIBUTING.md

If there's not too many changes involved in the existing templates, you could probably add an OIDC option in the new features prompt: https://github.com/ngx-rocket/generator-ngx-rocket/blob/main/generators/app/prompts.js#L116-L152

Or if you think there would be too many changes involved, I was thinking of maybe adding a "recipes" section to this repo, where we could either link to your blog post and example repo or make a quick resume of the main steps involved for OIDC integration.

@workcontrolgit
Copy link
Author

@sinedied - I like the idea to start with "recipes". There are numerous identity and access management products (ex. identity server, Azure, AWS, Google, Auth0, Okta, etc.) supporting OIDC. Some support authentication only and some support both authentication and authorization. Developers can contribute recipes for platforms they have worked with. The proven recipes can be refactored into extension to your starter kit later on.

@sinedied
Copy link
Member

That's perfect then, I'll see to create a recipes folder and doc in the repo, so you can add it there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature help wanted PR welcome
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sinedied @workcontrolgit