Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Add SigninRedirectArgs to AuthService.login() #31

Closed
PhilippRoessner opened this issue Feb 25, 2023 · 5 comments
Closed

[FEATURE] Add SigninRedirectArgs to AuthService.login() #31

PhilippRoessner opened this issue Feb 25, 2023 · 5 comments
Labels
enhancement New feature or request

Comments

@PhilippRoessner
Copy link

PhilippRoessner commented Feb 25, 2023
edited
Loading

Description

We used the oidc-client-ts and would like to switch to this library. We have some custom eventargs (SigninRedirectArgs) we send with the oidc-client-ts -> userManager.signinRedirect().

currently our code looks like that:

    public async parameterizedLogin(state: any, value1:string, value2:string) {
            let extraParams: any = {
                myExtraParam1: value1,
                myExtraParam2: value2
            };
            let args: SigninRedirectArgs = <SigninRedirectArgs>{
                state: state,
                extraQueryParams: extraParams
            }
            await this.userManager.signinRedirect(args);
            return this.redirect();
    }

Proposed solution

Can we provide the SigninRedirectArgs paramater to the login method of the auth.service.ts?

Alternatives considered

No response
@PhilippRoessner PhilippRoessner added enhancement New feature or request needs triage labels Feb 25, 2023
Badisi added a commit that referenced this issue Feb 26, 2023
@Badisi
feat(#31): add SigninRedirectArgs to AuthService.login()
f814bde
@Badisi
Copy link
Owner

Badisi commented Feb 26, 2023

Can you please give me more details about your use case ?

Because this is something I was planning to do but got hold on to as there are edge cases I don't know how to manage.

The exposed login, logout, renew methods are the easiest to modify.
I've started a WIP PR for that, by adding new arguments to these methods.

But the following use cases are managed internally by the lib and I have no idea if I should also deal with possible arguments there:

auth-js

  1. On desktop, when your application starts, the lib will check if an auth session already exists at the OP and retrieve it (ie. it will do a signinSilent) if retrieveUserSession: true was set. (This is by design as no tokens are stored on desktop for security reason).

    auth-js/projects/auth-js/oidc/oidc-auth-manager.ts

    Line 145 in f814bde

    await this.runSyncOrAsync(() => this.signinSilent()

  2. If no session were found and loginRequired: true was set, then the lib will start a login process.

    auth-js/projects/auth-js/oidc/oidc-auth-manager.ts

    Line 151 in f814bde

    await this.login();

  3. On mobile, when your application starts, the lib will start a login process if no user was found and loginRequired: true was set.

    auth-js/projects/auth-js/oidc/oidc-auth-manager.ts

    Line 168 in f814bde

    await this.login();

ngx-auth

  1. With Angular, the lib will start a login process if you navigate to a route that has an AuthGuard and the user is not authenticated.

    auth-js/projects/ngx-auth/core/auth.guard.ts

    Line 86 in f814bde

    return from(this.authService.login({ redirectUrl }))

  2. With Angular, the lib will start a login process if a 401 error is received and loginOn401: true was set.

    auth-js/projects/ngx-auth/core/auth.interceptor.ts

    Line 30 in f814bde

    void this.authService.login();

@PhilippRoessner
Copy link
Author

We have two use cases for this feature:

  1. Confirm Account -> direct SignIn
    When a user creates a new account, we give them a confirm token and a link to a page, where they create a password. When they confirm that page, we send the ConfirmToken together with the new password into the manager.signinredirect() method. Our Authentication server handles theses parameters and automatically signs in the user -> redirects to the root of our application. It feels a little bit nasty but in the end it was a huge enhancement in our UX.

  2. Switch User
    Our application handles groups of users in the style of Netflix or Spotifiy Family Accounts. We let users switch identities if they do have a valid token. We send the new UserID in manager.signinredirect() and our authentication server validates the token and checks if the current identity has access to the the new requested identity. Also this process seems a little nasty, but of all solutions we had by the time of the feature request, this was the most elegant.

I had a quick look at the commit and it looks like it would solve the cases I mentioned.

@Badisi
Copy link
Owner

Badisi commented Feb 27, 2023

Thanks for the explanation.
The PR should get you covered.
I'll try to release it in the next 2 days.

@Badisi Badisi closed this as completed in 73045db Mar 1, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2023

🎉 Released in @badisi/[email protected] 📦🚀

@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2023

🎉 Released in @badisi/[email protected] 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Badisi @PhilippRoessner