@epfl-si/react-appauth
Advanced tools
An unopinionated React binding for @openid/appauth.
code=, state=, error= and session_state= parts from the URL bar, regardless of whether they are found before or after the hash mark and whether the login operation was successfulfetch, not jQuery@openid/appauth's underlying feature set
extra redirect parameters, to activate features such as user consent in authentication servers that support them@openid/appauth)state= validation, PKCE is disabled<OIDCContext> to pass in configuration and consume “back-office” events (i.e. access tokens)useOpenIDConnectContext React hook to consume “front-office” events (for the appearance of widgets such as the login button and the “hello, ${user}” widget)<OIDCContext> unmounts or changes its props, pending token refresh timers get canceled and callbacks stop calling back.The various React components (“widgets”) discussed below must be placed within an <OIDCContext> near the top of your app, for instance:
import { OIDCContext } from "@epfl-si/react-appauth";
export function App() {
return <OIDCContext authServerUrl = { "http://localhost:8080/realm/myrealm/" }
debug = { true }
client = { { clientId: "myclient" } }
onNewToken={(token) => setFetchHeader("Authorization", `Bearer ${token}`)}
onLogout={() => setFetchHeader("Authorization", null)}>
<LoginButton/>
<TheRestOfMyApp/>
</OIDCContext>;
}
function setFetchHeader (header, value) {
// ... Integrate with your backend API code here
}
@epfl-si/react-appauth exports a ready-made <LoginButton/> React element, but you could just as well reimplement it like this:
import { useOpenIDConnectContext, StateEnum as OIDCState } from "@epfl-si/react-appauth";
export function LoginButton () {
const oidc = useOpenIDConnectContext();
if (oidc.state === OIDCState.InProgress) {
return <button title="Please wait..." disabled>⌛</button>;
}
const loggedIn = oidc.state === OIDCState.LoggedIn,
action = loggedIn ? "Logout" : "Login",
label = (oidc.error === undefined) ? action : [action, <sup>⚠</sup>],
tooltip = oidc.error ? `${oidc.error}` :
loggedIn ? "Log out" : "Log in with OpenID-Connect";
function onClick() {
if (loggedIn) {
oidc.logout();
} else {
oidc.login();
}
}
return <button title={tooltip} onClick={onClick}>{label}</button>;
}
If you would like a “hello, user” widget, you will find a couple of building parts in src/sundry-widgets.tsx that could come in handy. For instance:
import { IfOIDCState, StateEnum, LoggedInUser } from "@epfl-si/react-appauth";
function HelloUser () {
return <IfOIDCState is={ StateEnum.LoggedIn }>
<p>Welcome, <LoggedInUser field="preferred_username" />!</p>
</IfOIDCState>
}
But again, you could just implement it yourself out of useOIDCContext:
function HelloUser () {
const oidc = useOpenIDConnectContext();
if (! oidc.idToken) return <></>;
return <p>Welcome, { oidc.idToken.preferred_username! }</p>
}
FAQs
React bindings for @openid/appauth
We found that @epfl-si/react-appauth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.
Security News
Newly introduced telemetry in devenv 1.4 sparked a backlash over privacy concerns, leading to the removal of its AI-powered feature after strong community pushback.