Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing your Angular App with Auth0

Fabian Gosebrink
October 31, 2022
Technology
0
660

Securing your Angular App with Auth0

One of the biggest problems of applications in distributed systems is authentication and authorization and ensuring that users see the correct data. Securing Angular applications on the web can be complex due to the endless possibilities and solutions for this. Most APIs that offer data should be secured. Auth0 is a cloud identity provider that makes it possible to outsource the complete user accounting and provides OpenID Connect client APPs for tech stacks like Angular as well as any APIs, for example, implemented with ASP.NET Core. In this talk, Fabian Gosebrink shows how you could secure an Angular App with Auth0, how a user can sign in and how data can be securely requested from an ASP.NET Core API. After this talk, modern security with Angular and ASP.NET Core should be no longer a problem for your project.

Fabian Gosebrink

October 31, 2022
Tweet

More Decks by Fabian Gosebrink

See All by Fabian Gosebrink
[iJS Munich] Better Angular Architectures with Libraries and Nx
fabiangosebrink
0
53
Mastering State Management in Angular with the NgRx Signal Store
fabiangosebrink
0
91
Angular Architectures with NgRx Stores & Effects
fabiangosebrink
0
42
Angular Testing made easy with Jest and Cypress
fabiangosebrink
0
50
Introducing NgRx in an Nx Angular Workspace
fabiangosebrink
0
240
Full-Stack-Web-Applications with Angular, Nx and .NET
fabiangosebrink
0
130
Angular Signals - Revolution in Angular development
fabiangosebrink
0
150
Kickstarting Your Journey with NgRx Signal Store
fabiangosebrink
0
100
Angular Signals under the Hood
fabiangosebrink
0
390

Other Decks in Technology

See All in Technology
オープンソースAIとは何か? --「オープンソースAIの定義 v1.0」詳細解説
shujisado
9
1.1k
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.9k
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
170
OTelCol_TailSampling_and_SpanMetrics
gumamon
1
190
RubyのWebアプリケーションを50倍速くする方法 / How to Make a Ruby Web Application 50 Times Faster
hogelog
3
950
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
210
アジャイルでの品質の進化 Agile in Motion vol.1/20241118 Hiroyuki Sato
shift_evolve
0
170
CDCL による厳密解法を採用した MILP ソルバー
imai448
3
130
AIチャットボット開発への生成AI活用
ryomrt
0
170
エンジニア人生の拡張性を高める 「探索型キャリア設計」の提案
tenshoku_draft
1
130
TanStack Routerに移行するのかい しないのかい、どっちなんだい! / Are you going to migrate to TanStack Router or not? Which one is it?
kaminashi
0
600
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
360

Featured

See All Featured
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Code Review Best Practice
trishagee
64
17k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.2k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
It's Worth the Effort
3n
183
27k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
130
Build your cross-platform service in a week with App Engine
jlugia
229
18k
How to train your dragon (web standard)
notwaldorf
88
5.7k
Designing on Purpose - Digital PM Summit 2013
jponch
115
7k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k

Transcript

  1. Securing your App with Auth0

  2. Fabian Gosebrink https://offering.solutions @FabianGosebrink

  3. Why?

  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None

  12. Identity

  13. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  14. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  15. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13

  16. { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss":

    "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "nickname": "testuser", 2 "name": "[email protected]", 3 "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", 4 "updated_at": "2022-10-23T08:53:13.652Z", 5 "iss": "https://dev-2fwvrhka.us.auth0.com/", 6 "sub": "auth0|626e4008908bab0069c8f20d", 7 8 "iat": 1666515194, 9 "exp": 1666551194, 10 "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", 11 "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" 12 } 13 { "nickname": "testuser", "name": "[email protected]", "picture": "https://s.gravatar.com/[...]avatars%2Fte.png", "updated_at": "2022-10-23T08:53:13.652Z", "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "iat": 1666515194, "exp": 1666551194, "sid": "hVYUGB_VhqxQ2SDuaLuNjRKz0I2ViOQ0", "nonce": "3661cea8889816d9eeefd99e8a9a51c952WJ1OHaU" } 1 2 3 4 5 6 7 8 9 10 11 12 13

  17. OAuth 2.0

  18. Open Authorization

  19. Access Tokens

  20. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  21. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  22. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  23. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  24. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  25. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  26. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  27. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16

  28. { "iss": "https://dev-2fwvrhka.us.auth0.com/", "sub": "auth0|626e4008908bab0069c8f20d", "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ],

    "iat": 1666515194, "exp": 1666601594, "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", "scope": "openid profile access:api offline_access", "permissions": [ "access:api", "read:weather" ] } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "iss": "https://dev-2fwvrhka.us.auth0.com/", { 1 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "sub": "auth0|626e4008908bab0069c8f20d", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "aud": [ "https://localhost:5001", "https://dev-2fwvrhka.us.auth0.com/userinfo" ], { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 4 5 6 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "iat": 1666515194, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "exp": 1666601594, { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 10 "scope": "openid profile access:api offline_access", 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "scope": "openid profile access:api offline_access", { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 11 "permissions": [ 12 "access:api", 13 "read:weather" 14 ] 15 } 16 "permissions": [ "access:api", "read:weather" ] { 1 "iss": "https://dev-2fwvrhka.us.auth0.com/", 2 "sub": "auth0|626e4008908bab0069c8f20d", 3 "aud": [ 4 "https://localhost:5001", 5 "https://dev-2fwvrhka.us.auth0.com/userinfo" 6 ], 7 "iat": 1666515194, 8 "exp": 1666601594, 9 "azp": "E7VCSlskwSPQvM1uwPRyyGvGYOc21MSg", 10 "scope": "openid profile access:api offline_access", 11 12 13 14 15 } 16

  29. Flow

  30. Code Flow

  31. None
  32. None

  33. Browser

  34. Browser

  35. Request Browser

  36. Request Login Browser

  37. Request Login Redirect & Code Browser

  38. Request Login Redirect & Code Code Browser

  39. Request Login Redirect & Code Code Browser Tokens

  40. https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-proof-key-for-code-exchange-pkce

  41. None

  42. Step 1

  43. Redirect Step 1

  44. Username Password Redirect Step 1

  45. Username Password <Code> Redirect Step 1

  46. Step 2

  47. <Code> Tokens { ... } Step 2

  48. <Code> Tokens { ... } Step 2

  49. /home /status ...

  50. /home /status /secure ...

  51. /home /status ... User

  52. /home /status /secure ... User

  53. /home /status ... User

  54. /home /status /secure ... User

  55. None

  56. Redirect to Auth0 Process the code Request information Process information

    Set the state

  57. Redirect to Auth0 Provide the login mask Provide social logins

    Create the code Turn code into user info Process the code Request information Process information Set the state
  58. None

  59. Process the code Request information Process information Set the state

    ...more!

  60. https://www.npmjs.com/package/angular-auth-oidc-client

  61. https://github.com/auth0/auth0-angular

  62. None
  63. None
  64. None
  65. None

  66. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  67. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24

  68. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  69. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  70. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  71. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  72. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  73. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  74. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  75. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24

  76. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24

  77. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 provideAuth({ }), import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 22 ], 23 }; 24 authority: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 redirectUrl: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 clientId: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 scope: '...', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 responseType: 'code', import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 silentRenew: true, useRefreshToken: true, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 14 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 postLogoutRedirectUri: window.location.origin, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 customParamsAuthRequest: { audience: '...', }, import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 17 18 19 secureRoutes: ['...'], 20 }, 21 }), 22 ], 23 }; 24 secureRoutes: ['...'], import { authInterceptor, provideAuth } 1 from 'angular-auth-oidc-client'; 2 3 export const appConfig = { 4 providers: [ 5 // ... 6 provideAuth({ 7 config: { 8 authority: '...', 9 redirectUrl: window.location.origin, 10 clientId: '...', 11 scope: '...', 12 responseType: 'code', 13 silentRenew: true, 14 useRefreshToken: true, 15 postLogoutRedirectUri: window.location.origin, 16 customParamsAuthRequest: { 17 audience: '...', 18 }, 19 20 }, 21 }), 22 ], 23 }; 24 import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  78. const appRoutes: Routes = [ { path: 'protected', component: <yourComponent>,

    canActivate: [isAuthenticated] }, // ... ]; 1 2 3 4 5 6 7 8

  79. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

  80. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20

  81. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20

  82. import { OidcSecurityService } from 'angular-auth-oidc-client'; export const isAuthenticated =

    () => { const oidcSecurityService = inject(OidcSecurityService); const router = inject(Router); return oidcSecurityService.isAuthenticated$.pipe( take(1), map(({ isAuthenticated }) => { if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } return true; }) ); }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import { OidcSecurityService } from 'angular-auth-oidc-client'; const oidcSecurityService = inject(OidcSecurityService); 1 2 3 export const isAuthenticated = () => { 4 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 return true; 17 }) 18 ); 19 }; 20 if (!isAuthenticated) { router.navigate(['/unauthorized']); return false; } import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 11 12 13 14 15 16 return true; 17 }) 18 ); 19 }; 20 return true; import { OidcSecurityService } 1 from 'angular-auth-oidc-client'; 2 3 export const isAuthenticated = () => { 4 const oidcSecurityService = inject(OidcSecurityService); 5 const router = inject(Router); 6 7 return oidcSecurityService.isAuthenticated$.pipe( 8 take(1), 9 map(({ isAuthenticated }) => { 10 if (!isAuthenticated) { 11 router.navigate(['/unauthorized']); 12 13 return false; 14 } 15 16 17 }) 18 ); 19 }; 20

  83. Demo

  84. None

  85. import { authInterceptor, provideAuth } from 'angular-auth-oidc-client'; export const appConfig

    = { providers: [ // ... provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  86. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

  87. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23

  88. export const appConfig = { providers: [ importProvidersFrom(BrowserModule), provideHttpClient(withInterceptors([authInterceptor()])), provideRouter(APP_ROUTES),

    provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], }; 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 provideHttpClient(withInterceptors([authInterceptor()])), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 4 provideRouter(APP_ROUTES), 5 provideAuth({ 6 config: { 7 authority: '...', 8 redirectUrl: window.location.origin, 9 clientId: '...', 10 scope: '...', 11 responseType: 'code', 12 silentRenew: true, 13 useRefreshToken: true, 14 postLogoutRedirectUri: window.location.origin, 15 customParamsAuthRequest: { 16 audience: '...', 17 }, 18 secureRoutes: ['...'], 19 }, 20 }), 21 ], 22 }; 23 provideAuth({ config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '...', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), export const appConfig = { 1 providers: [ 2 importProvidersFrom(BrowserModule), 3 provideHttpClient(withInterceptors([authInterceptor()])), 4 provideRouter(APP_ROUTES), 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ], 22 }; 23

  89. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

  90. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  91. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27

  92. @Injectable() export class AuthInterceptor implements HttpInterceptor { private secureRoutes =

    ['https://localhost:44390']; constructor(private authService: AuthService) {} intercept( request: HttpRequest<any>, next: HttpHandler ) { if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } const token = this.authService.token; if (!token) { return next.handle(request); } request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 11 12 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 const token = this.authService.token; if (!token) { return next.handle(request); } @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 15 16 17 18 19 20 request = request.clone({ 21 headers: request.headers.set('Authorization', 'Bearer ' + token), 22 }); 23 24 return next.handle(request); 25 } 26 } 27 request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + token), }); return next.handle(request); @Injectable() 1 export class AuthInterceptor implements HttpInterceptor { 2 private secureRoutes = ['https://localhost:44390']; 3 4 constructor(private authService: AuthService) {} 5 6 intercept( 7 request: HttpRequest<any>, 8 next: HttpHandler 9 ) { 10 if (!this.secureRoutes.find((x) => request.url.startsWith(x))) { 11 return next.handle(request); 12 } 13 14 const token = this.authService.token; 15 16 if (!token) { 17 return next.handle(request); 18 } 19 20 21 22 23 24 25 } 26 } 27
  93. None
  94. None

  95. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14

  96. var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.UseCors("AllowAllOrigins"); app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization();

    app.MapControllers(); app.Run(); 1 2 3 4 5 6 7 8 9 10 11 12 13 14 app.UseAuthentication(); app.UseAuthorization(); var app = builder.Build(); 1 2 app.UseSwagger(); 3 app.UseSwaggerUI(); 4 5 app.UseCors("AllowAllOrigins"); 6 app.UseHttpsRedirection(); 7 8 9 10 11 app.MapControllers(); 12 13 app.Run(); 14

  97. builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, c => { c.Authority = auth0Domain; c.Audience =

    auth0Audience; c.TokenValidationParameters = new TokenValidationParameters { ValidAudience = auth0Audience, ValidIssuer = auth0Domain, NameClaimType = ClaimTypes.NameIdentifier }; }); 1 2 3 4 5 6 7 8 9 10 11 12

  98. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  99. [ApiController] [Route("[controller]")] [Authorize] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  100. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  101. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  102. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8

  103. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8 options.AddPolicy("access:api", policy => builder.Services.AddAuthorization(options => 1 { 2 3 { 4 policy.RequireClaim("azp", clientId); 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("azp", clientId); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 policy.RequireClaim("iss", auth0Domain); 6 }); 7 }); 8 policy.RequireClaim("iss", auth0Domain); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 policy.RequireClaim("azp", clientId); 5 6 }); 7 }); 8

  104. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8

  105. [ApiController] [Route("[controller]")] [Authorize("access:api")] public class SomeDataController : ControllerBase { //

    Some HTTP Methods only accessible // When authorized }; 1 2 3 4 5 6 7 8 [Authorize("access:api")] [ApiController] 1 [Route("[controller]")] 2 3 public class SomeDataController : ControllerBase 4 { 5 // Some HTTP Methods only accessible 6 // When authorized 7 }; 8

  106. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy.RequireClaim("azp", clientId); policy.RequireClaim("iss",

    auth0Domain); }); }); 1 2 3 4 5 6 7 8

  107. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11

  108. builder.Services.AddAuthorization(options => { options.AddPolicy("access:api", policy => { policy .Requirements .Add(new

    UserApiScopeHandlerRequirement("access:api")); policy.RequireClaim("azp", clientId); policy.RequireClaim("iss", auth0Domain); }); }); 1 2 3 4 5 6 7 8 9 10 11 policy .Requirements .Add(new UserApiScopeHandlerRequirement("access:api")); builder.Services.AddAuthorization(options => 1 { 2 options.AddPolicy("access:api", policy => 3 { 4 5 6 7 policy.RequireClaim("azp", clientId); 8 policy.RequireClaim("iss", auth0Domain); 9 }); 10 }); 11

  109. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  110. import { AuthModule } from 'angular-auth-oidc-client'; @NgModule({ imports: [ AuthModule.forRoot({

    config: { authority: '...', redirectUrl: window.location.origin, clientId: '...', scope: '... access:api', responseType: 'code', silentRenew: true, useRefreshToken: true, postLogoutRedirectUri: window.location.origin, customParamsAuthRequest: { audience: '...', }, secureRoutes: ['...'], }, }), ], exports: [AuthModule], }) export class AuthConfigModule {} 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 scope: '... access:api', import { AuthModule } from 'angular-auth-oidc-client'; 1 2 @NgModule({ 3 imports: [ 4 AuthModule.forRoot({ 5 config: { 6 authority: '...', 7 redirectUrl: window.location.origin, 8 clientId: '...', 9 10 responseType: 'code', 11 silentRenew: true, 12 useRefreshToken: true, 13 postLogoutRedirectUri: window.location.origin, 14 customParamsAuthRequest: { 15 audience: '...', 16 }, 17 secureRoutes: ['...'], 18 }, 19 }), 20 ], 21 exports: [AuthModule], 22 }) 23 export class AuthConfigModule {} 24

  111. Demo

  112. None
  113. None

  114. BFF

  115. None

  116. Demo

  117. None
  118. None
  119. None
  120. None
  121. None
  122. None