Here we implement oauth2 authorization within angularjs.
Authentication is done as follows:
- Open oauth2 provider login/grant screen.
- Redirect to the oauth2 callback screen with access token.
- Verification of the access token against provider.
- Get some basic profile.
A base javascript class OAuth2 implements these steps.
There are following implementations that authorize against specific providers:
OAuth2Server - implements authorization through known providers, but calls server side to validate access token. This way, the server side can establish a user's session.
The file Config.json contains endpoints and request parameters per supported provider.
Note: You should register a client_id for each provider.
Note: user_id and access_tokens are unique only in a scope of access provider, thus a session is identified by Provider + access_token, and a user is identified by Provider + user_id.
The use case can be found in test.js E.g. authorization against OAuth2Server is done like this:
var login = new OAuth2Server(provider);
token = login.authorize();
token.$promise.then(
function()
{
// token contains populated data.
},
function(error)
{
if (error)
{
// handle an error
}
});
Authorization token contains:
- a promise to handle authorization outcome.
- cancelToken (a Deferred object) to cancel authorization in progress.
Whole sample is implemented as VS project. All scripts are build with app.tt, that combines content of Scripts/app int app.js.
Server side is implemented with ASP.NET Web API. Authorization controllers are
See also: oauth2 and angularjs