Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
oidc-client-ts
Advanced tools
What is oidc-client-ts?
The oidc-client-ts package is a TypeScript library for OpenID Connect (OIDC) and OAuth2 authentication. It provides a client-side solution for handling user authentication, token management, and secure API calls.
What are oidc-client-ts's main functionalities?
User Authentication
This code demonstrates how to configure and initiate a user authentication process using the oidc-client-ts package. It sets up the UserManager with the necessary OIDC configuration and starts the sign-in redirect process.
import { UserManager, WebStorageStateStore } from 'oidc-client-ts';
const config = {
authority: 'https://example.com/oidc',
client_id: 'your-client-id',
redirect_uri: 'https://yourapp.com/callback',
response_type: 'code',
scope: 'openid profile',
userStore: new WebStorageStateStore({ store: window.localStorage })
};
const userManager = new UserManager(config);
userManager.signinRedirect();Token Management
This code snippet shows how to retrieve the current authenticated user and their tokens. If the user is logged in, their information is logged to the console.
userManager.getUser().then(user => {
if (user) {
console.log('User logged in', user);
} else {
console.log('User not logged in');
}
});Silent Renew
This code demonstrates how to set up silent token renewal. It listens for the access token expiring event and attempts to renew the token silently without user interaction.
userManager.events.addAccessTokenExpiring(() => {
userManager.signinSilent().then(user => {
console.log('Silent renew successful', user);
}).catch(err => {
console.error('Silent renew error', err);
});
});Logout
This code initiates the logout process by redirecting the user to the OIDC provider's logout endpoint.
userManager.signoutRedirect();Other packages similar to oidc-client-ts
oidc-client
The oidc-client package is a JavaScript library for OpenID Connect and OAuth2 authentication. It is the predecessor to oidc-client-ts and provides similar functionalities but is written in JavaScript instead of TypeScript.
react-oidc-context
The react-oidc-context package is a React library for integrating OIDC authentication into React applications. It provides hooks and context providers to manage authentication state within a React app, making it easier to use with React compared to oidc-client-ts.
next-auth
The next-auth package is a complete authentication solution for Next.js applications. It supports multiple authentication providers, including OIDC, and provides a higher-level abstraction compared to oidc-client-ts, making it easier to integrate into Next.js projects.
oidc-client-ts
Library to provide OpenID Connect (OIDC) and OAuth2 protocol support for client-side, browser-based JavaScript client applications. Also included is support for user session and access token management.
This project is a fork of
IdentityModel/oidc-client-js
which halted its development in June 2021. It has since been ported to
TypeScript here with a similar API for the initial 2.0 release. Going forward,
this library will focus only on protocols that continue to have support in
OAuth 2.1. As such, the implicit grant is not
supported by this client. Additional migration notes from oidc-client are
available here.
Contributions and help are greatly appreciated!
Implements the following OAuth 2.0 protocols and supports OpenID Connect Core 1.0:
- Authorization Code Grant with Proof Key for Code Exchange (PKCE)
- Authorization Code Grant
- Resource Owner Password Credentials (ROPC) Grant
- Refresh Token Grant
- Silent Refresh Token in iframe Flow
Table of Contents
Installation
Using npm
$ npm install oidc-client-ts --save
Building the Source
$ git clone https://github.com/authts/oidc-client-ts.git
$ cd oidc-client-ts
$ npm install
$ npm run build
Running the Sample
Parcel project
$ cd samples/Parcel
$ npm install
$ npm run start
and then browse to http://localhost:1234.
Angular app
can be found here.
Running the Tests
$ npm test
Contributing
We appreciate feedback and contribution to this repo!
License
This project is licensed under the Apache-2.0 license. See the LICENSE file for more info.
FAQs
OpenID Connect (OIDC) & OAuth2 client library
The npm package oidc-client-ts receives a total of 309,299 weekly downloads. As such, oidc-client-ts popularity was classified as popular.
We found that oidc-client-ts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 04 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024