Features
- Tested with Angular 8
- Code Flow + PKCE (RFC 7637) to align with OAuth 2.0 Security Best Current Practice
- Support for refresh_token and automatic refresh when using Code Flow
- See mentioned Best Current Practices document for things to consinder
More information about this can be found in the docs:
- https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/code-flow-+-pcke.html
- https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/refreshing-a-token.html
PR
Big thanks to all contributors for providing 21 PRs for this release! You all are awesome!!!
Proposal: Add implicit flow through popup
#468 by leonardochaia
Improve default oauth interceptor investigating
#515 by simonmulser was merged
feat: Upgrade to angular 8
#573 by killzoner was merged
Improve documentation for events
#520 by jeroenheijmans
Added customUrlValidation
#331 by vytautas-pranskunas-
Properly implements openUri for implicit flow
#369 by nhance was merged
Refresh the timers after configuration has changed
#382 by FabienDehopre
Cleanup timers when OAuthService is destroyed
#463 by leonardochaia
Fixed HTTPS error messages in service
#510 by bobvandevijver
Calculate the timeout using now as a reference
#487 by filipvh
Add documentation about configuring custom OAuthStorage
#512 by dennisameling
update README re: discovery doc validation disabling
#521 by cconcannon
optionally use crypto to generate nonce
#540 by ChristianMurphy
Pause silent refresh if user has logged out
#526 by l1b3r
Skip issuer check in processIdToken if skipIssuerCheck is true
#527 by ismcagdas
Corrects how localStorage could be used
#533 by ManuelRauber
Add noPrompt parameter to setupAutomaticSilentRefresh method
#536 by remiburtin
feature: Abort current implicit flow
#537 by enricodeleo
Fix spelling mistake
#544 by peterneave
Only present the sendAccessToken interceptor mechanism in the Readme
#554 by nhumblot
Added clock skew parameter
#569 by nenadmaricic