Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing your Angular App with Auth0

Fabian Gosebrink
October 31, 2022
Technology
0
500

Securing your Angular App with Auth0

One of the biggest problems of applications in distributed systems is authentication and authorization and ensuring that users see the correct data. Securing Angular applications on the web can be complex due to the endless possibilities and solutions for this. Most APIs that offer data should be secured. Auth0 is a cloud identity provider that makes it possible to outsource the complete user accounting and provides OpenID Connect client APPs for tech stacks like Angular as well as any APIs, for example, implemented with ASP.NET Core. In this talk, Fabian Gosebrink shows how you could secure an Angular App with Auth0, how a user can sign in and how data can be securely requested from an ASP.NET Core API. After this talk, modern security with Angular and ASP.NET Core should be no longer a problem for your project.

Fabian Gosebrink

October 31, 2022
Tweet

More Decks by Fabian Gosebrink

See All by Fabian Gosebrink
Angular Architectures with NgRx Stores & Effects
fabiangosebrink
0
73
Angular Testing made easy with Jest and Cypress
fabiangosebrink
0
82
From Desktop to web and back
fabiangosebrink
0
17
Better Angular Architectures with Libraries and Nx
fabiangosebrink
0
250
Developing forms and validation with Typed Angular Reactive Forms
fabiangosebrink
0
47
Angular Testing made easy with Jest and Cypress
fabiangosebrink
0
58
Monorepos with Angular and Nx
fabiangosebrink
0
120
Create modern Web Apps with the new Angular and it's ecosystem
fabiangosebrink
0
88
Realtime Cross Platform Apps with Angular, ASP.NET Core and SignalR
fabiangosebrink
0
120

Other Decks in Technology

See All in Technology
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
240
Compose Compiler Metricsを使った実践的なコードレビュー
tomorrowkey
1
220
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
310
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
900
Delivering Millions of Messages within seconds @ Duolingo
pelelgrino
0
350
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
480
よく聞くけど使ったことないソフトウェアNo.1 KafkaとSnowflake
foursue
4
360
アクセシビリティを考慮したUI/CSSフレームワーク・ライブラリ選定
yajihum
2
1k
Terraformあれやこれ/terraform-this-and-that
emiki
8
1.4k
Google Cloud の AI を支える裏側のインフラを垣間見る!
maroon1st
0
350
生産性向上チームの紹介
cybozuinsideout
PRO
1
870
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
2.1k

Featured

See All Featured
Being A Developer After 40
akosma
57
580k
Infographics Made Easy
chrislema
238
18k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
14
1.6k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
Clear Off the Table
cherdarchuk
84
310k
Automating Front-end Workflow
addyosmani
1356
200k
The Cult of Friendly URLs
andyhume
74
5.7k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
It's Worth the Effort
3n
180
27k
Raft: Consensus for Rubyists
vanstee
132
6.3k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k

Transcript

  1. Securing your App with Auth0

  2. Fabian Gosebrink https://offering.solutions @FabianGosebrink

  3. Why?

  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None

  12. Identity

  13. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  14. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  15. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  16. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  17. OAuth 2.0

  18. Open Authorization

  19. Access Tokens

  20. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  21. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  22. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  23. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  24. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  25. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  26. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  27. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  28. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "permissions": [ "access:api", "read:weather" ] { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 12 13 14 15 } 16

  29. Flow

  30. Code Flow

  31. None
  32. None

  33. Browser

  34. Browser

  35. Request Browser

  36. Request Login Browser

  37. Request Login Redirect & Code Browser

  38. Request Login Redirect & Code Code Browser

  39. Request Login Redirect & Code Code Browser Tokens

  40. https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-proof-key-for-code-exchange-pkce

  41. None

  42. Step 1

  43. Redirect Step 1

  44. Username Password Redirect Step 1

  45. Username Password <Code> Redirect Step 1

  46. Step 2

  47. <Code> Tokens { ... } Step 2

  48. <Code> Tokens { ... } Step 2

  49. /home /status ...

  50. /home /status /secure ...

  51. /home /status ... User

  52. /home /status /secure ... User

  53. /home /status ... User

  54. /home /status /secure ... User

  55. None

  56. Redirect to Auth0 Process the code Request information Process information

    Set the state

  57. Redirect to Auth0 Provide the login mask Provide social logins

    Create the code Turn code into user info Process the code Request information Process information Set the state
  58. None

  59. Process the code Request information Process information Set the state

    ...more!

  60. https://www.npmjs.com/package/angular-auth-oidc-client

  61. https://github.com/auth0/auth0-angular

  62. None
  63. None
  64. None
  65. None

  66. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  67. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24

  68. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  69. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  70. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  71. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  72. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  73. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  74. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  75. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  76. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24

  77. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24 import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  78. const appRoutes: Routes = [ { path: 'protected', component: <yourComponent>,

    canActivate: [isAuthenticated] }, // ... ]; 1 2 3 4 5 6 7 8

  79. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

  80. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20

  81. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20

  82. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20 return true; import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 17 }) 18 ); 19 }; 20

  83. Demo

  84. None

  85. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  86. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

  87. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23

  88. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23 provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 provideHttpClient(withInterceptors([authInterceptor()])), 4 provideRouter(APP_ROUTES), 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ], 22 }; 23

  89. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

  90. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  91. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  92. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 21 22 23 24 25 } 26 } 27
  93. None
  94. None

  95. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14

  96. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14 app.UseAuthentication(); app.UseAuthorization(); var app = builder.Build(); 1 2 app.UseSwagger(); 3 app.UseSwaggerUI(); 4 5 app.UseCors("AllowAllOrigins"); 6 app.UseHttpsRedirection(); 7 8 9 10 11 app.MapControllers(); 12 13 app.Run(); 14

  97. builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, c => { c.Authority = auth0Domain; c.Audience =

    auth0Audience; c.TokenValidationParameters = new TokenValidationParameters { ValidAudience = auth0Audience, ValidIssuer = auth0Domain, NameClaimType = ClaimTypes.NameIdentifier }; }); 1 2 3 4 5 6 7 8 9 10 11 12

  98. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  99. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  100. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  101. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  102. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  103. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("iss", auth0Domain); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 policy.RequireClaim("azp", clientId); 5 6 }); 7 }); 8

  104. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  105. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize("access:api")] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  106. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  107. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11

  108. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11 policy .Requirements .Add(new UserApiScopeHandlerRequirement("access:api")); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 6 7 policy.RequireClaim("azp", clientId); 8 policy.RequireClaim("iss", auth0Domain); 9 }); 10 }); 11

  109. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  110. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 scope: '... access:api', import { AuthModule } from 'angular-auth-oidc-client'; 1 2 @NgModule({ 3 imports: [ 4 AuthModule.forRoot({ 5 config: { 6 authority: '...', 7 redirectUrl: window.location.origin, 8 clientId: '...', 9 10 responseType: 'code', 11 silentRenew: true, 12 useRefreshToken: true, 13 postLogoutRedirectUri: window.location.origin, 14 customParamsAuthRequest: { 15 audience: '...', 16 }, 17 secureRoutes: ['...'], 18 }, 19 }), 20 ], 21 exports: [AuthModule], 22 }) 23 export class AuthConfigModule {} 24

  111. Demo

  112. None
  113. None

  114. BFF

  115. None

  116. Demo

  117. None
  118. None
  119. None
  120. None
  121. None
  122. None