Class OidcManager

Hierarchy

  • UserManager
    • OidcManager

Constructors

constructor

Properties

_client _events _iframeNavigator _logger _popupNavigator _redirectNavigator _sessionMonitor _silentRenewService settings

Accessors

_userStoreKey events metadataService

Methods

_buildUser _loadUser _revokeInternal _signin _signinEnd _signinStart _signout _signoutEnd _signoutStart _useRefreshToken clearStaleState dpopProof generateDPoPJkt getClient getUser querySessionStatus removeUser revokeTokens signinCallback signinPopup signinPopupCallback signinRedirect signinRedirectCallback signinResourceOwnerCredentials signinSilent signinSilentCallback signoutCallback signoutPopup signoutPopupCallback signoutRedirect signoutRedirectCallback signoutSilent signoutSilentCallback startSilentRenew stopSilentRenew storeUser

Constructors

constructor

Properties

Protected Readonly_client

_client: OidcClient

Protected Readonly_events

_events: UserManagerEvents

Protected Readonly_iframeNavigator

_iframeNavigator: INavigator

Protected Readonly_logger

_logger: Logger

Protected Readonly_popupNavigator

_popupNavigator: INavigator

Protected Readonly_redirectNavigator

_redirectNavigator: INavigator

Protected Readonly_sessionMonitor

_sessionMonitor: SessionMonitor

Protected Readonly_silentRenewService

_silentRenewService: SilentRenewService

Readonlysettings

settings: UserManagerSettingsStore

Get the settings used to configure the UserManager.

Accessors

Protected_userStoreKey

  • get _userStoreKey(): string

  • Returns string

events

  • get events(): UserManagerEvents

  • Get object used to register for events raised by the UserManager.

    Returns UserManagerEvents

metadataService

  • get metadataService(): MetadataService

  • Get object used to access the metadata configuration of the identity provider.

    Returns MetadataService

Methods

Protected_buildUser

  • _buildUser(signinResponse: SigninResponse, verifySub?: string): Promise<User>

  • Parameters

    • signinResponse: SigninResponse
    • OptionalverifySub: string

    Returns Promise<User>

Protected_loadUser

  • _loadUser(): Promise<User>

  • Returns Promise<User>

Protected_revokeInternal

  • _revokeInternal(
        user: User,
        types?: ("access_token" | "refresh_token")[],
    ): Promise<void>

  • Parameters

    • user: User
    • Optionaltypes: ("access_token" | "refresh_token")[]

    Returns Promise<void>

Protected_signin

  • _signin(
        args: CreateSigninRequestArgs,
        handle: IWindow,
        verifySub?: string,
    ): Promise<User>

  • Parameters

    • args: CreateSigninRequestArgs
    • handle: IWindow
    • OptionalverifySub: string

    Returns Promise<User>

Protected_signinEnd

  • _signinEnd(url: string, verifySub?: string): Promise<User>

  • Parameters

    • url: string
    • OptionalverifySub: string

    Returns Promise<User>

Protected_signinStart

  • _signinStart(
        args: CreateSigninRequestArgs,
        handle: IWindow,
    ): Promise<NavigateResponse>

  • Parameters

    • args: CreateSigninRequestArgs
    • handle: IWindow

    Returns Promise<NavigateResponse>

Protected_signout

  • _signout(
        args: CreateSignoutRequestArgs,
        handle: IWindow,
    ): Promise<SignoutResponse>

  • Parameters

    • args: CreateSignoutRequestArgs
    • handle: IWindow

    Returns Promise<SignoutResponse>

Protected_signoutEnd

  • _signoutEnd(url: string): Promise<SignoutResponse>

  • Parameters

    • url: string

    Returns Promise<SignoutResponse>

Protected_signoutStart

  • _signoutStart(
        args: CreateSignoutRequestArgs,
        handle: IWindow,
    ): Promise<NavigateResponse>

  • Parameters

    • args: CreateSignoutRequestArgs
    • handle: IWindow

    Returns Promise<NavigateResponse>

Protected_useRefreshToken

  • _useRefreshToken(args: UseRefreshTokenArgs): Promise<User>

  • Parameters

    • args: UseRefreshTokenArgs

    Returns Promise<User>

clearStaleState

  • clearStaleState(): Promise<void>

  • Removes stale state entries in storage for incomplete authorize requests.

    Returns Promise<void>

dpopProof

  • dpopProof(
        url: string,
        user: User,
        httpMethod?: string,
        nonce?: string,
    ): Promise<string>

  • Dynamically generates a DPoP proof for a given user, URL and optional Http method. This method is useful when you need to make a request to a resource server with fetch or similar, and you need to include a DPoP proof in a DPoP header.

    Parameters

    • url: string

      The URL to generate the DPoP proof for

    • user: User

      The user to generate the DPoP proof for

    • OptionalhttpMethod: string

      Optional, defaults to "GET"

    • Optionalnonce: string

      Optional nonce provided by the resource server

    Returns Promise<string>

    A promise containing the DPoP proof or undefined if DPoP is not enabled/no user is found.

generateDPoPJkt

  • generateDPoPJkt(dpopSettings: DPoPSettings): Promise<string>

  • Parameters

    • dpopSettings: DPoPSettings

    Returns Promise<string>

getClient

  • getClient(): OidcClient

  • Returns OidcClient

getUser

  • getUser(): Promise<User>

  • Load the User object for the currently authenticated user.

    Returns Promise<User>

    A promise

querySessionStatus

  • querySessionStatus(args?: QuerySessionStatusArgs): Promise<SessionStatus>

  • Query OP for user's current signin status.

    Parameters

    • Optionalargs: QuerySessionStatusArgs

    Returns Promise<SessionStatus>

    A promise object with session_state and subject identifier.

removeUser

  • removeUser(): Promise<void>

  • Remove from any storage the currently authenticated user.

    Returns Promise<void>

    A promise

revokeTokens

  • revokeTokens(types?: ("access_token" | "refresh_token")[]): Promise<void>

  • Parameters

    • Optionaltypes: ("access_token" | "refresh_token")[]

    Returns Promise<void>

signinCallback

  • signinCallback(url?: string): Promise<User>

  • Process any response (callback) from the authorization endpoint, by dispatching the request_type and executing one of the following functions:

    Parameters

    • Optionalurl: string

    Returns Promise<User>

    Throws

    Error If request_type is unknown or signin cannot be processed.

signinPopup

  • signinPopup(args?: SigninPopupArgs): Promise<User>

  • Trigger a request (via a popup window) to the authorization endpoint.

    Parameters

    • Optionalargs: SigninPopupArgs

    Returns Promise<User>

    A promise containing the authenticated User.

    Throws

    Error In cases of wrong authentication.

signinPopupCallback

  • signinPopupCallback(url?: string, keepOpen?: boolean): Promise<void>

  • Notify the opening window of response (callback) from the authorization endpoint. It is recommended to use UserManager.signinCallback instead.

    Parameters

    • Optionalurl: string
    • OptionalkeepOpen: boolean

    Returns Promise<void>

    A promise

    See

    UserManager.signinCallback

signinRedirect

  • signinRedirect(args?: SigninRedirectArgs): Promise<void>

  • Trigger a redirect of the current window to the authorization endpoint.

    Parameters

    • Optionalargs: SigninRedirectArgs

    Returns Promise<void>

    A promise

    Throws

    Error In cases of wrong authentication.

signinRedirectCallback

  • signinRedirectCallback(url?: string): Promise<User>

  • Process the response (callback) from the authorization endpoint. It is recommended to use UserManager.signinCallback instead.

    Parameters

    • Optionalurl: string

    Returns Promise<User>

    A promise containing the authenticated User.

    See

    UserManager.signinCallback

signinResourceOwnerCredentials

  • signinResourceOwnerCredentials(
        __namedParameters: ProcessResourceOwnerPasswordCredentialsArgs,
    ): Promise<User>

  • Trigger the signin with user/password.

    Parameters

    • __namedParameters: ProcessResourceOwnerPasswordCredentialsArgs

    Returns Promise<User>

    A promise containing the authenticated User.

    Throws

    ErrorResponse In cases of wrong authentication.

signinSilent

  • signinSilent(args?: SigninSilentArgs): Promise<User>

  • Trigger a silent request (via refresh token or an iframe) to the authorization endpoint.

    Parameters

    • Optionalargs: SigninSilentArgs

    Returns Promise<User>

    A promise that contains the authenticated User.

signinSilentCallback

  • signinSilentCallback(url?: string): Promise<void>

  • Notify the parent window of response (callback) from the authorization endpoint. It is recommended to use UserManager.signinCallback instead.

    Parameters

    • Optionalurl: string

    Returns Promise<void>

    A promise

    See

    UserManager.signinCallback

signoutCallback

  • signoutCallback(url?: string, keepOpen?: boolean): Promise<SignoutResponse>

  • Process any response (callback) from the end session endpoint, by dispatching the request_type and executing one of the following functions:

    Parameters

    • Optionalurl: string
    • OptionalkeepOpen: boolean

    Returns Promise<SignoutResponse>

    Throws

    Error If request_type is unknown or signout cannot be processed.

signoutPopup

  • signoutPopup(args?: SignoutPopupArgs): Promise<void>

  • Trigger a redirect of a popup window to the end session endpoint.

    Parameters

    • Optionalargs: SignoutPopupArgs

    Returns Promise<void>

    A promise

signoutPopupCallback

  • signoutPopupCallback(url?: string, keepOpen?: boolean): Promise<void>

  • Process response (callback) from the end session endpoint from a popup window. It is recommended to use UserManager.signoutCallback instead.

    Parameters

    • Optionalurl: string
    • OptionalkeepOpen: boolean

    Returns Promise<void>

    A promise

    See

    UserManager.signoutCallback

signoutRedirect

  • signoutRedirect(args?: SignoutRedirectArgs): Promise<void>

  • Trigger a redirect of the current window to the end session endpoint.

    Parameters

    • Optionalargs: SignoutRedirectArgs

    Returns Promise<void>

    A promise

signoutRedirectCallback

  • signoutRedirectCallback(url?: string): Promise<SignoutResponse>

  • Process response (callback) from the end session endpoint. It is recommended to use UserManager.signoutCallback instead.

    Parameters

    • Optionalurl: string

    Returns Promise<SignoutResponse>

    A promise containing signout response

    See

    UserManager.signoutCallback

signoutSilent

  • signoutSilent(args?: SignoutSilentArgs): Promise<void>

  • Trigger a silent request (via an iframe) to the end session endpoint.

    Parameters

    • Optionalargs: SignoutSilentArgs

    Returns Promise<void>

    A promise

signoutSilentCallback

  • signoutSilentCallback(url?: string): Promise<void>

  • Notify the parent window of response (callback) from the end session endpoint. It is recommended to use UserManager.signoutCallback instead.

    Parameters

    • Optionalurl: string

    Returns Promise<void>

    A promise

    See

    UserManager.signoutCallback

startSilentRenew

  • startSilentRenew(): void

  • Enables silent renew for the UserManager.

    Returns void

stopSilentRenew

  • stopSilentRenew(): void

  • Disables silent renew for the UserManager.

    Returns void

storeUser

  • storeUser(user: User): Promise<void>

  • Parameters

    • user: User

    Returns Promise<void>

Settings

Member Visibility

On This Page

Constructors
Properties
Accessors
Methods