@epfl-si/react-appauth
Advanced tools
An unopinionated React binding for @openid/appauth.
code=, state=, error= and session_state= parts from the URL bar, regardless of whether they are found before or after the hash mark and whether the login operation was successfulfetch, not jQuery@openid/appauth's underlying feature set
extra redirect parameters, to activate features such as user consent in authentication servers that support them@openid/appauth)state= validation, PKCE is disabled<OIDCContext> to pass in configuration and consume “back-office” events (i.e. access tokens)useOpenIDConnectContext React hook to consume “front-office” events (for the appearance of widgets such as the login button and the “hello, ${user}” widget)<OIDCContext> unmounts or changes its props, pending token refresh timers get canceled and callbacks stop calling back.The various React components (“widgets”) discussed below must be placed within an <OIDCContext> near the top of your app, for instance:
import { OIDCContext } from "@epfl-si/react-appauth";
export function App() {
return <OIDCContext authServerUrl = { "http://localhost:8080/realm/myrealm/" }
debug = { true }
client = { { clientId: "myclient" } }
onNewToken={(token) => setFetchHeader("Authorization", `Bearer ${token}`)}
onLogout={() => setFetchHeader("Authorization", null)}>
<LoginButton/>
<TheRestOfMyApp/>
</OIDCContext>;
}
function setFetchHeader (header, value) {
// ... Integrate with your backend API code here
}
@epfl-si/react-appauth exports a ready-made <LoginButton/> React element, but you could just as well reimplement it like this:
import { useOpenIDConnectContext, StateEnum as OIDCState } from "@epfl-si/react-appauth";
export function LoginButton () {
const oidc = useOpenIDConnectContext();
if (oidc.state === OIDCState.InProgress) {
return <button title="Please wait..." disabled>⌛</button>;
}
const loggedIn = oidc.state === OIDCState.LoggedIn,
action = loggedIn ? "Logout" : "Login",
label = (oidc.error === undefined) ? action : [action, <sup>⚠</sup>],
tooltip = oidc.error ? `${oidc.error}` :
loggedIn ? "Log out" : "Log in with OpenID-Connect";
function onClick() {
if (loggedIn) {
oidc.logout();
} else {
oidc.login();
}
}
return <button title={tooltip} onClick={onClick}>{label}</button>;
}
If you would like a “hello, user” widget, you will find a couple of building parts in src/sundry-widgets.tsx that could come in handy. For instance:
import { IfOIDCState, StateEnum, LoggedInUser } from "@epfl-si/react-appauth";
function HelloUser () {
return <IfOIDCState is={ StateEnum.LoggedIn }>
<p>Welcome, <LoggedInUser field="preferred_username" />!</p>
</IfOIDCState>
}
But again, you could just implement it yourself out of useOIDCContext:
function HelloUser () {
const oidc = useOpenIDConnectContext();
if (! oidc.idToken) return <></>;
return <p>Welcome, { oidc.idToken.preferred_username! }</p>
}
FAQs
React bindings for @openid/appauth
We found that @epfl-si/react-appauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.