AngularJS OAuth2 authentication module written in ES6.
Choose your preferred method:
- Bower:
bower install angular-oauth2 - NPM:
npm install --save angular-oauth2 - Download: angular-oauth2
If you're using bower they will be automatically downloaded upon installing this library.
<script src="<VENDOR_FOLDER>/angular/angular.min.js"></script>
<script src="<VENDOR_FOLDER>/angular-cookie/dist/angular-cookie.min.js"></script>
<script src="<VENDOR_FOLDER>/query-string/query-string.min.js"></script>
<script src="<VENDOR_FOLDER>/angular-oauth2/dist/angular-oauth2.min.js"></script>angular.module('myApp', ['angular-oauth2'])
.config(['OAuthProvider', function(OAuthProvider) {
OAuthProvider.configure({
baseUrl: 'https://api.website.com',
clientId: 'CLIENT_ID',
clientSecret: 'CLIENT_SECRET' // optional
});
}]);angular.module('myApp', ['angular-oauth2'])
.run(['$rootScope', '$window', function($rootScope, $window, OAuth) {
$rootScope.$on('oauth:error', function(event, rejection) {
// Ignore `invalid_grant` error - should be catched on `LoginController`.
if ('invalid_grant' === rejection.data.error) {
return;
}
// Refresh token when a `invalid_token` error occurs.
if ('invalid_token' === rejection.data.error) {
return OAuth.getRefreshToken();
}
// Redirect to `/login` with the `error_reason`.
return $window.location.href = '/login?error_reason=' + rejection.data.error;
});
}]);Configuration defaults:
OAuthProvider.configure({
baseUrl: null,
clientId: null,
clientSecret: null,
grantPath: '/oauth2/token',
revokePath: '/oauth2/revoke'
});Check authentication status:
/**
* Verifies if the `user` is authenticated or not based on the `token`
* cookie.
*
* @return {boolean}
*/
OAuth.isAuthenticated();Get an access token:
/**
* Retrieves the `access_token` and stores the `response.data` on cookies
* using the `OAuthToken`.
*
* @param {object} user - Object with `username` and `password` properties.
* @param {object} config - Optional configuration object sent to `POST`.
* @return {promise} A response promise.
*/
OAuth.getAccessToken(user, options);Refresh access token:
/**
* Retrieves the `refresh_token` and stores the `response.data` on cookies
* using the `OAuthToken`.
*
* @return {promise} A response promise.
*/
OAuth.getRefreshToken()Revoke access token:
/**
* Revokes the `token` and removes the stored `token` from cookies
* using the `OAuthToken`.
*
* @return {promise} A response promise.
*/
OAuth.revokeToken()NOTE: An event oauth:error will be sent everytime a responseError is emitted:
{ status: 400, data: { error: 'invalid_request' }{ status: 400, data: { error: 'invalid_grant' }{ status: 401, data: { error: 'invalid_token' }
OAuthTokenProvider uses angular-cookie to store the cookies. Check the available options.
Configuration defaults:
OAuthTokenProvider.configure({
name: 'token',
options: {
secure: true
}
});Found a bug or want to suggest something? Take a look first on the current and closed issues. If it is something new, please submit an issue.
It will be awesome if you can help us evolve angular-oauth2. Want to help?
- Fork it.
npm install.bower install- Do your magic.
- Run the tests:
gulp test. - Build:
gulp build - Create a Pull Request.
The source files are written in ES6.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent