Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing your Angular App with Auth0

Avatar for Fabian Gosebrink Fabian Gosebrink
October 31, 2022
Technology
0
740

Securing your Angular App with Auth0

One of the biggest problems of applications in distributed systems is authentication and authorization and ensuring that users see the correct data. Securing Angular applications on the web can be complex due to the endless possibilities and solutions for this. Most APIs that offer data should be secured. Auth0 is a cloud identity provider that makes it possible to outsource the complete user accounting and provides OpenID Connect client APPs for tech stacks like Angular as well as any APIs, for example, implemented with ASP.NET Core. In this talk, Fabian Gosebrink shows how you could secure an Angular App with Auth0, how a user can sign in and how data can be securely requested from an ASP.NET Core API. After this talk, modern security with Angular and ASP.NET Core should be no longer a problem for your project.
Avatar for Fabian Gosebrink

Fabian Gosebrink

October 31, 2022
Tweet

More Decks by Fabian Gosebrink

See All by Fabian Gosebrink
Angular testing made easy with Jest and Cypress
Avatar for Fabian Gosebrink fabiangosebrink
0
60
Introducing state management into an application with NgRx
Avatar for Fabian Gosebrink fabiangosebrink
0
90
Scalable architectures in Angular with Nx
Avatar for Fabian Gosebrink fabiangosebrink
0
76
My Biggest Angular Mistakes and How To Avoid Them
Avatar for Fabian Gosebrink fabiangosebrink
0
180
[iJS Munich] Better Angular Architectures with Libraries and Nx
Avatar for Fabian Gosebrink fabiangosebrink
0
120
Mastering State Management in Angular with the NgRx Signal Store
Avatar for Fabian Gosebrink fabiangosebrink
0
290
Angular Architectures with NgRx Stores & Effects
Avatar for Fabian Gosebrink fabiangosebrink
0
80
Angular Testing made easy with Jest and Cypress
Avatar for Fabian Gosebrink fabiangosebrink
0
82
Introducing NgRx in an Nx Angular Workspace
Avatar for Fabian Gosebrink fabiangosebrink
0
290

Other Decks in Technology

See All in Technology
地味にいろいろあった! 2025春のAmazon Bedrockアップデートおさらい
Avatar for みのるん minorun365
PRO
2
540
生成AIのユースケースをとにかく集めてまるっと学ぶ!/ all about generative ai usecases
Avatar for gakumura gakumura
3
330
グループ ポリシー再確認 (2)
Avatar for Murachi Akira murachiakira
0
190
DjangoCon Europe 2025 Keynote - Django for Data Science
Avatar for William S. Vincent wsvincent
0
300
Рекомендации с нуля: как мы в Lamoda превратили главную страницу в ключевую точку входа для персонализированного шоппинга. Данил Комаров, Data Scientist, Lamoda Tech
Avatar for Lamoda Tech lamodatech
0
850
Aspire をカスタマイズしよう & Aspire 9.2
Avatar for neno nenonaninu
0
330
CodePipelineのアクション統合から学ぶAWS CDKの抽象化技術 / codepipeline-actions-cdk-abstraction
Avatar for k.goto gotok365
5
330
AndroidアプリエンジニアもMCPを触ろう
Avatar for Shinnosuke Kugimiya kgmyshin
2
510
2025-04-14 Data & Analytics 井戸端会議 Multi tenant log platform with Iceberg
Avatar for kamijin_fanta kamijin_fanta
0
140
Стильный код: натуральный поиск редких атрибутов по картинке. Юлия Антохина, Data Scientist, Lamoda Tech
Avatar for Lamoda Tech lamodatech
0
850
更新系と状態
Avatar for uhyo uhyo
8
2.1k
Running JavaScript within Ruby
Avatar for Kengo Hamasaki hmsk
3
430

Featured

See All Featured
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
10
770
Code Reviewing Like a Champion
Avatar for maltzj maltzj
523
40k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.2k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
329
39k
BBQ
Avatar for Matthew Crist matthewcrist
88
9.6k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
47
2.7k
Side Projects
Avatar for Sacha Greif sachag
453
42k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
13
810
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
54
6.3k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
38
1.7k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
336
57k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
32
2.3k

Transcript

  1. Securing your App with Auth0

  2. Fabian Gosebrink https://offering.solutions @FabianGosebrink

  3. Why?

  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None

  12. Identity

  13. { "nickname": "testuser", "name": "testuser@test.com", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  14. { "nickname": "testuser", "name": "testuser@test.com", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "testuser@test.com", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  15. { "nickname": "testuser", "name": "testuser@test.com", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "testuser@test.com", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "testuser@test.com", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  16. { "nickname": "testuser", "name": "testuser@test.com", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "testuser@test.com", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "testuser@test.com", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 { "nickname": "testuser", "name": "testuser@test.com", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  17. OAuth 2.0

  18. Open Authorization

  19. Access Tokens

  20. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  21. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  22. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  23. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  24. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  25. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  26. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  27. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  28. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "permissions": [ "access:api", "read:weather" ] { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 12 13 14 15 } 16

  29. Flow

  30. Code Flow

  31. None
  32. None

  33. Browser

  34. Browser

  35. Request Browser

  36. Request Login Browser

  37. Request Login Redirect & Code Browser

  38. Request Login Redirect & Code Code Browser

  39. Request Login Redirect & Code Code Browser Tokens

  40. https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-proof-key-for-code-exchange-pkce

  41. None

  42. Step 1

  43. Redirect Step 1

  44. Username Password Redirect Step 1

  45. Username Password <Code> Redirect Step 1

  46. Step 2

  47. <Code> Tokens { ... } Step 2

  48. <Code> Tokens { ... } Step 2

  49. /home /status ...

  50. /home /status /secure ...

  51. /home /status ... User

  52. /home /status /secure ... User

  53. /home /status ... User

  54. /home /status /secure ... User

  55. None

  56. Redirect to Auth0 Process the code Request information Process information

    Set the state

  57. Redirect to Auth0 Provide the login mask Provide social logins

    Create the code Turn code into user info Process the code Request information Process information Set the state
  58. None

  59. Process the code Request information Process information Set the state

    ...more!

  60. https://www.npmjs.com/package/angular-auth-oidc-client

  61. https://github.com/auth0/auth0-angular

  62. None
  63. None
  64. None
  65. None

  66. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  67. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24

  68. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  69. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  70. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  71. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  72. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  73. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  74. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  75. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  76. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24

  77. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24 import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  78. const appRoutes: Routes = [ { path: 'protected', component: <yourComponent>,

    canActivate: [isAuthenticated] }, // ... ]; 1 2 3 4 5 6 7 8

  79. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

  80. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20

  81. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20

  82. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20 return true; import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 17 }) 18 ); 19 }; 20

  83. Demo

  84. None

  85. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  86. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

  87. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23

  88. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23 provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 provideHttpClient(withInterceptors([authInterceptor()])), 4 provideRouter(APP_ROUTES), 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ], 22 }; 23

  89. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

  90. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  91. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  92. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 21 22 23 24 25 } 26 } 27
  93. None
  94. None

  95. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14

  96. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14 app.UseAuthentication(); app.UseAuthorization(); var app = builder.Build(); 1 2 app.UseSwagger(); 3 app.UseSwaggerUI(); 4 5 app.UseCors("AllowAllOrigins"); 6 app.UseHttpsRedirection(); 7 8 9 10 11 app.MapControllers(); 12 13 app.Run(); 14

  97. builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, c => { c.Authority = auth0Domain; c.Audience =

    auth0Audience; c.TokenValidationParameters = new TokenValidationParameters { ValidAudience = auth0Audience, ValidIssuer = auth0Domain, NameClaimType = ClaimTypes.NameIdentifier }; }); 1 2 3 4 5 6 7 8 9 10 11 12

  98. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  99. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  100. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  101. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  102. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  103. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("iss", auth0Domain); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 policy.RequireClaim("azp", clientId); 5 6 }); 7 }); 8

  104. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  105. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize("access:api")] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  106. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  107. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11

  108. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11 policy .Requirements .Add(new UserApiScopeHandlerRequirement("access:api")); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 6 7 policy.RequireClaim("azp", clientId); 8 policy.RequireClaim("iss", auth0Domain); 9 }); 10 }); 11

  109. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  110. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 scope: '... access:api', import { AuthModule } from 'angular-auth-oidc-client'; 1 2 @NgModule({ 3 imports: [ 4 AuthModule.forRoot({ 5 config: { 6 authority: '...', 7 redirectUrl: window.location.origin, 8 clientId: '...', 9 10 responseType: 'code', 11 silentRenew: true, 12 useRefreshToken: true, 13 postLogoutRedirectUri: window.location.origin, 14 customParamsAuthRequest: { 15 audience: '...', 16 }, 17 secureRoutes: ['...'], 18 }, 19 }), 20 ], 21 exports: [AuthModule], 22 }) 23 export class AuthConfigModule {} 24

  111. Demo

  112. None
  113. None

  114. BFF

  115. None

  116. Demo

  117. None
  118. None
  119. None
  120. None
  121. None
  122. None