Fabiangosebrink/enabling logoff with post method

.eslintrc.json

@@ -31,6 +31,7 @@
         "no-case-declarations": ["error"],
         "no-empty": ["error"],
         "@typescript-eslint/no-empty-function": ["error"],
+        "no-unused-vars": "off",
         "@typescript-eslint/no-unused-vars": ["error"],
         "@typescript-eslint/ban-types": ["error"],
         "no-useless-escape": ["error"],

CHANGELOG.md

@@ -2,14 +2,17 @@
 
 ### 2022-11-XX 15.0.0
 
-- Support for refresh without id_token, run silent renew using only the access token
-  - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1571)
 - Support refresh tokens without returning an id_token in the refresh
 - run silent renew using only the access token
 - id_token only has to be valid on the first authentication
 - add support to disable id_token validation completely, not recommended
 - Renamed `enableIdTokenExpiredValidationInRenew` to `triggerRefreshWhenIdTokenExpired`
 - Added `disableIdTokenValidation` parameter in config
+  - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1571)
+- `logoff()` possible now with `POST` request
+  - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1582)
+- removed deprecated `isLoading$` property
+  - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1580)
 
 Docs:
 [https://angular-auth-oidc-client.com/docs/documentation/silent-renew](https://github.com/damienbod/angular-auth-oidc-client/pull/1541)

README.md

@@ -132,7 +132,7 @@ export class AppComponent implements OnInit {
   }
 
   logout() {
-    this.oidcSecurityService.logoff();
+    this.oidcSecurityService.logoff().subscribe((result) => console.log(result));
   }
 }
 ```

docs/site/angular-auth-oidc-client/docs/documentation/01-public-api.md

@@ -601,14 +601,16 @@ const authOptions = {
 this.oidcSecurityService.logoffAndRevokeTokens('configId', authOptions).subscribe(/* ... */);
 ```
 
-## logoff(configId?: string, authOptions?: AuthOptions)
+## logoff(configId?: string, logoutAuthOptions?: LogoutAuthOptions)
 
-This method logs out on the server and the local client. If the server state has changed, check session, then only a local logout. The method takes a `configId` and `authOptions` as parameter. If you are running with multiple configs and pass the `configId` the passed config is taken. If you are running with multiple configs and do not pass the `configId` the first config is taken. If you are running with a single config this config is taken.
+This method logs out on the server and the local client. If the server state has changed, check session, then only a local logout. The method takes a `configId` and `logoutAuthOptions` as parameter. If you are running with multiple configs and pass the `configId` the passed config is taken. If you are running with multiple configs and do not pass the `configId` the first config is taken. If you are running with a single config this config is taken.
+
+The method returns an `Observable<unknown>`.
 
 Examples:
 
 ```ts
-this.oidcSecurityService.logoff();
+this.oidcSecurityService.logoff().subscribe((result) => console.log(result));
 ```
 
 ```ts
@@ -621,7 +623,7 @@ const authOptions = {
   },
 };
 
-this.oidcSecurityService.logoff('configId', authOptions);
+this.oidcSecurityService.logoff('configId', authOptions).subscribe((result) => console.log(result));
 ```
 
 ## logoffLocal(configId?: string)

docs/site/angular-auth-oidc-client/docs/documentation/03-login-logout.md

@@ -26,7 +26,7 @@ In case you have multiple configs you can pass the `configId` parameter as the f
 
 ```ts
 login() {
-  this.oidcSecurityService.authorizeWithPopUp('configId')
+  this.oidcSecurityService.authorize('configId')
     .subscribe(({ isAuthenticated, userData, idToken, accessToken, errorMessage }) => {
       // ...
     });
@@ -55,7 +55,7 @@ login() {
 
   const configIdOrNull = // ...
 
-  this.oidcSecurityService.authorizeWithPopUp(configIdOrNull, authOptions)
+  this.oidcSecurityService.authorize(configIdOrNull, authOptions)
     .subscribe(({ isAuthenticated, userData, idToken, accessToken, errorMessage }) => {
       // ...
     });
@@ -73,13 +73,14 @@ This allows you to have the provider's consent prompt display in a popup window
 
 ```ts
 loginWithPopup() {
-  this.oidcSecurityService.authorizeWithPopUp().subscribe(({ isAuthenticated, userData, accessToken, errorMessage }) => {
+  this.oidcSecurityService.authorizeWithPopUp()
+          .subscribe(({ isAuthenticated, userData, accessToken, errorMessage }) => {
     /* use data */
   });
 }
 ```
 
-### AuthOptions & PopupOptions
+### PopupOptions
 
 You can pass options to control the dimension of the popup with the `PopupOptions` interface as a second parameter.
 
@@ -138,19 +139,21 @@ A simplified page (instead of the application url) can be used. Here's an exampl
 
 ### Popup Sample
 
-[app.component.ts](../../../../../projects/sample-code-flow-popup/src/app/app.component.ts)
+[app.component.ts](../../../../../projects/sample-code-flow-popup/src/app/)
 
 ## Logout
 
 The `logoff()` method sends an end session request to the OIDC server, if it is available, or the check session has not sent a changed event.
 
 ```ts
 logout() {
-  this.oidcSecurityService.logoff();
+  this.oidcSecurityService.logoff().subscribe((result) => console.log(result));
 }
 ```
 
-### `ConfigId` Parameter
+### Parameters
+
+#### configId
 
 `logoff()` also accepts a `configId` paramater to select a specific config:
 
@@ -163,13 +166,21 @@ logout() {
 }
 ```
 
-### AuthOptions Parameter
+#### LogoutAuthOptions
 
-You can pass an `authOptions` parameter if you want to control the behavior more.
+You can pass in LogoutAuthOptions following optional parameters:
+
+- `urlHandler` - to manipulate the behavior of the logout with a custom `urlHandler`
+- `customParams` - to send custom parameters to OIDC Provider
+- `logoffMethod` - Which can be `GET` or `POST`. `GET` is default here.
+
+According to the [OIDC Standard](https://openid.net/specs/openid-connect-rpinitiated-1_0.html) only the customParams `state`, `logout_hint` and `ui_locales` are configurable. Other values are being created, being read from storage or taken from your config.
+
+You can pass an `logoutAuthOptions` parameter if you want to control the behavior more.
 
 ```ts
 logout() {
-  const authOptions = {
+  const logoutAuthOptions = {
     customParams: {
       some: 'params',
     },
@@ -178,7 +189,21 @@ logout() {
     },
   };
 
-  this.oidcSecurityService.logoff('configId', authOptions);
+  this.oidcSecurityService.logoff('configId', logoutAuthOptions);
+}
+```
+
+If you prefer to send a POST logout request:
+
+```
+logout() {
+	// logoffMethod` - Which can be `GET` or `POST
+	const logoutAuthOptions: LogoutAuthOptions = {
+	  logoffMethod: 'POST',
+	};
+
+	this.oidcSecurityService.logoff('', logoutAuthOptions)
+		.subscribe((result) => console.log(result));
 }
 ```
 
@@ -193,7 +218,7 @@ logoffAndRevokeTokens() {
 }
 ```
 
-The method also takes `configId` and `authOptions` parameters if needed.
+The method also takes `configId` and `logoutAuthOptions` parameters if needed.
 
 ### `logoffLocal()`
 

docs/site/angular-auth-oidc-client/docs/intro.md

@@ -89,7 +89,7 @@ export class AppComponent implements OnInit {
   }
 
   logout() {
-    this.oidcSecurityService.logoff();
+    this.oidcSecurityService.logoff().subscribe((result) => console.log(result));
   }
 }
 ```

docs/site/angular-auth-oidc-client/docs/migrations/v14-to-v15.md

@@ -4,17 +4,52 @@ sidebar_position: 5
 
 # Version 14 to 15
 
-## TL;DR
+## TL;DR: Breaking Changes
 
 - `enableIdTokenExpiredValidationInRenew` was renamed to `triggerRefreshWhenIdTokenExpired`
 - `isLoading$` property was removed -> use Public Event Service instead
+- `logoff()` method now returns an `Observable<unknown>` and accepts a `logoutOptions` parameter
 
 All changes are described below.
 
 ## `enableIdTokenExpiredValidationInRenew` was renamed to `triggerRefreshWhenIdTokenExpired`
 
 The configuration `enableIdTokenExpiredValidationInRenew` was renamed to `triggerRefreshWhenIdTokenExpired` to match its function. The `triggerRefreshWhenIdTokenExpired` parameter can be set to `false` and the renew process with not be triggered by an expired id_token.
 
+Old:
+
+```
+const config = {
+  //...
+  enableIdTokenExpiredValidationInRenew: true|false
+}
+```
+
+New:
+
+```
+const config = {
+  //...
+  triggerRefreshWhenIdTokenExpired: true|false
+}
+```
+
 ## `isLoading$` property was removed -> use Public Event Service instead
 
-The `isLoading$` was marked as deprecated and is removed now. If you want to know when `checkAuth` is finished, use the [PublicEventsService](https://www.angular-auth-oidc-client.com/docs/documentation/public-events) and listen to the Events [CheckingAuth, CheckinfAuthFinished](https://github.com/damienbod/angular-auth-oidc-client/blob/main/projects/angular-auth-oidc-client/src/lib/public-events/event-types.ts#L7-L8)
+The `isLoading$` was marked as deprecated and is removed now. If you want to know when `checkAuth` is finished, use the [PublicEventsService](https://www.angular-auth-oidc-client.com/docs/documentation/public-events) and listen to the Events [CheckingAuth, CheckingAuthFinished](https://github.com/damienbod/angular-auth-oidc-client/blob/main/projects/angular-auth-oidc-client/src/lib/public-events/event-types.ts#L7-L8)
+
+## `logoff()` method now returns an `Observable<unknown>`
+
+According to the standard we enabled logging out via `POST` request. For this, the API needed to change.
+
+Old:
+
+```
+this.oidcSecurityService.logoff();
+```
+
+New:
+
+```
+this.oidcSecurityService.logoff(),subscribe(/*...*/);
+```

projects/angular-auth-oidc-client/src/lib/auth-options.ts

@@ -4,3 +4,9 @@ export interface AuthOptions {
   /** overrides redirectUrl from configuration */
   redirectUrl?: string;
 }
+
+export interface LogoutAuthOptions {
+  customParams?: { [key: string]: string | number | boolean };
+  urlHandler?(url: string): any;
+  logoffMethod?: 'GET' | 'POST';
+}

projects/angular-auth-oidc-client/src/lib/auth.module.ts

@@ -13,6 +13,7 @@ import { ConfigurationService } from './config/config.service';
 import { StsConfigLoader, StsConfigStaticLoader } from './config/loader/config-loader';
 import { OpenIdConfiguration } from './config/openid-configuration';
 import { ConfigValidationService } from './config/validation/config-validation.service';
+import { JwkExtractor } from './extractors/jwk.extractor';
 import { CodeFlowCallbackHandlerService } from './flows/callback-handling/code-flow-callback-handler.service';
 import { HistoryJwtKeysCallbackHandlerService } from './flows/callback-handling/history-jwt-keys-callback-handler.service';
 import { ImplicitFlowCallbackHandlerService } from './flows/callback-handling/implicit-flow-callback-handler.service';
@@ -46,18 +47,17 @@ import { BrowserStorageService } from './storage/browser-storage.service';
 import { DefaultSessionStorageService } from './storage/default-sessionstorage.service';
 import { StoragePersistenceService } from './storage/storage-persistence.service';
 import { UserService } from './user-data/user.service';
-import { CryptoService } from './utils/crypto/crypto-service';
+import { CryptoService } from './utils/crypto/crypto.service';
 import { EqualityService } from './utils/equality/equality.service';
 import { FlowHelper } from './utils/flowHelper/flow-helper.service';
 import { PlatformProvider } from './utils/platform-provider/platform.provider';
 import { TokenHelperService } from './utils/tokenHelper/token-helper.service';
 import { CurrentUrlService } from './utils/url/current-url.service';
 import { UrlService } from './utils/url/url.service';
+import { JwkWindowCryptoService } from './validation/jwk-window-crypto.service';
 import { JwtWindowCryptoService } from './validation/jwt-window-crypto.service';
 import { StateValidationService } from './validation/state-validation.service';
 import { TokenValidationService } from './validation/token-validation.service';
-import { JwkExtractor } from './extractors/jwk.extractor';
-import { JwkWindowCryptoService } from './validation/jwk-window-crypto.service';
 
 export interface PassedInitialConfig {
   config?: OpenIdConfiguration | OpenIdConfiguration[];