Angular 13 support about angular2-jwt HOT 28 CLOSED

Almost no commits in 2 years, this project seems not maintained.

from angular2-jwt.

Hi all, I apologize for the delayed response. This issue is on our radar and we are actively working to find new support for the repo. I don’t have any specific updates at the moment, but we will let you know when we have more info.

from angular2-jwt.

Angular14 Upgrade #725

Since Angular 14 was released last week... this issue should be renamed to "Angular 14 support" 😜

from angular2-jwt.

Would request the library authors to look into this. Got the same warning while upgrading to angular 13.

from angular2-jwt.

Hello, and our apologies for the radio silence here.

This repository has recently switched teams inside the company, and we will be following up on this SDK to ensure it stays compatible when Angular 15 is released as non-beta.

The warning is a known warning and the same we have with auth0-angular, our recommended SDK for Angular.
In order to drop this warning, we need to stop supporting certain Angular versions (Anything below Angular 12, IIRC).
Even though these versions are not supported by Google anymore, we do have customers using it and we didn't want to leave them in the dark only because of this warning.

Having said that, we are aware of the benefits of compiling using Ivy. We are also aware that it probably won't work with Angular 15 anymore. With v15 being released in beta, compiling with Ivy is on our radar and we are considering doing the update in a minor release on both this SDK as well as auth0-angular. The reason for a minor is that we believe toggling Ivy is a non-breaking change for any by google supported version of Angular, but we do want to avoid using a patch, to give our users that are still on Angular <12 some wiggle room for security fixes, while the main guidance will be to upgrade Angular to >12.

from angular2-jwt.

Would really appreciate this update as well, fortunately we have had no issues with the upgrade or running it in our applications, however we get the same warning as @igorosabel when we run. Looking at Angular's roadmap, I'm worried about items not compiled in Ivy may not work in future versions going forward.

from angular2-jwt.

Note that Angular 15 will not support non-Ivy view engines and as such this package in it's current state will not work.

from angular2-jwt.

It's a grey zone, adding support that breaks only those that are using an unsupported version sounds fine in a non-major as we do not support versions that aren't supported by their own vendor in the first place. From that perspective, I would argue it even gets close to just being a patch release. However, we do want to give some wiggle room for security patches if needed.

In Angular ecosystem most libraries will do new major release even if they just add new Angular version support to indicate that.

I believe that's not worth it for our SDK as all we have is a service and an interceptor. Starting to maintain all kinds of versions just for the sake of not breaking users using an unsupported version sounds like not ideal.
We will also not break anyone at run-time, but at compile time. So anyone can still rollback and lock our dependency.

A new major also increases support we should be giving, and it's a bit of a weird situation to be explicitly cutting a new major and supporting an old major only for versions of Angular that aren't supported. Being a security company, we always want you to use supported versions, as any version that doesnt have any LTS support can be vulnerable. We are doing best effort here to leave room for security patches on our end, but realy we shouldnt.

This should be fixed with #735 which we will be part of the next minor release.

from angular2-jwt.

We really depend on this before we can go to ng13, where can we help?

Also, we get this when upgraded to ng13:

Type JwtModule does not have 'ɵmod' property

from angular2-jwt.

Bump

from angular2-jwt.

I made my attempt and forked this repo and updated it. I'm using ng14 and it's working fine. Here it is:
https://github.com/MumiaIrrequieta/angular2-jwt

from angular2-jwt.

Dropping major Angular version support is not "minor" version update, IMO. :) While those dropped versions are not supported by Google anymore, it is good practice to do that in major version. In Angular ecosystem most libraries will do new major release even if they just add new Angular version support to indicate that. Though I understand that you may need to keep version ranges similar with another SDKs, I would urge you to consider is this really minor or major release.

from angular2-jwt.

@muuvmuuv this most probably can be solved by running ngcc directly. I had similar problem, and adding this to scripts of package.json helped me:
"postinstall": "ngcc --properties es2015 browser module main"

Usually it will run the postinstall scrip automatically each time you do npm install, but you can also run it directly npm run postinstall.

At the same time, I still would like to Encourage the library authors to publish an Ivy distribution..

from angular2-jwt.

@cherurg Ok, thanks, but unfortunately that does not work in NX environments due to another bug. NG13 anyway does not depend on ngcc anymore, so it shouldn't be necessary. For the time being we will use the core lib, which works just fine. https://github.com/auth0/jwt-decode

from angular2-jwt.

hello, I'm a Brazilian user and I had problems using the new angular ng13 updates

the token part works but I have a second method to retrieve the refresh token that is passed in the cookie

code:

 getNewAccessToken(): Promise<void> {
    const headers = new HttpHeaders()
      .append('Content-Type', 'application/x-www-form-urlencoded')
      .append('Authorization', 'Basic YW5ndWxhcjpAbmd1bEByMA==');


    const body = 'grant_type=refresh_token';

    return this.http.post<any>(this.oauthTokenUrl, body,
        { headers, withCredentials: true })
      .toPromise()
      .then((response:any) => {
        this.storeToken(response['access_token']);

        console.log('New access token created!');

        return Promise.resolve();
      })
      .catch(response => {
        console.error('Error renewing token.', response);
        return Promise.resolve();
      });
  }

passing withCredentials to true should make the application get the refresh token automatically and pass it to the body, no? at least that's what I read, but he's not passing the refreshToken in the body along with the grant_type = refresh_token

sorry my english it is not good

from angular2-jwt.

any progress?

from angular2-jwt.

Any news or alternatives?

from angular2-jwt.

@danwoda I can raise a PR if you need support.

from angular2-jwt.

Bump 🔥 We need Angular 13 support.

from angular2-jwt.

Hope will be a release from auth0 soon!

from angular2-jwt.

This fork claims to be Ivy compatible, but not complete:
https://github.com/avatsaev/angular2-jwt

from angular2-jwt.

Bump

from angular2-jwt.

is this repo dead, still on ng10, now is ng14, and ja on ng15 will not work

from angular2-jwt.

@MumiaIrrequieta thx, but this version: 5.99.0 is not published in central npm

from angular2-jwt.

@sysmat , here it is https://www.npmjs.com/package/@mumiairrequieta/angular-jwt

from angular2-jwt.

It's been almost a year since I opened this issue. I would like to use auth0's library as I have been using for a lot of time, but if they don't update it by the time Angular 15 comes out... I am going to drop it and start using that fork, thanks @MumiaIrrequieta

from angular2-jwt.

@MumiaIrrequieta thx

from angular2-jwt.

from angular2-jwt.