session checks

Author: manfredsteyer

angular-oauth2-oidc/docs/js/search/search_index.js

@@ -1,93 +1,147 @@
 
-export interface AuthConfig {
-
+export class AuthConfig {
     /**
      * The client's id as registered with the auth server
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    clientId?: string;
+    public clientId? = '';
 
     /**
      * The client's redirectUri as registered with the auth server
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    redirectUri?: string;
+    public redirectUri? = '';
 
     /**
      * An optional second redirectUri where the auth server
      * redirects the user to after logging out.
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    postLogoutRedirectUri?: string;
+    public postLogoutRedirectUri? = '';
 
     /**
      * The auth server's endpoint that allows to log
      * the user in when using implicit flow.
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     *
      */
-    loginUrl?: string;
+    public loginUrl? = '';
 
     /**
      * The requested scopes
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     *
      */
-    scope?: string;
+    public scope? = 'openid profile';
+
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public resource? = '';
+
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public rngUrl? = '';
 
     /**
      * Defines whether to use OpenId Connect during
-     * implicit flow. Defaults to true.
+     * implicit flow.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    oidc?: boolean;
+    public oidc? = true;
 
     /**
      * Defines whether to request a access token during
-     * implicit flow. Defaults to true;
+     * implicit flow.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public requestAccessToken? = true;
+
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    requestAccessToken?: boolean;
+    public options?: any;
 
     /**
      * The issuer's uri.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    issuer?: string;
+    public issuer? = '';
 
     /**
      * The logout url.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    logoutUrl?: string;
+    public logoutUrl? = '';
 
     /**
      * Defines whether to clear the hash fragment after logging in.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    clearHashAfterLogin?: boolean;
+    public clearHashAfterLogin? = true;
 
     /**
      * Url of the token endpoint as defined by OpenId Connect and OAuth 2.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    tokenEndpoint?: string;
+    public tokenEndpoint?: string;
 
     /**
      * Url of the userinfo endpoint as defined by OpenId Connect.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     *
      */
-    userinfoEndpoint?: string;
+    public userinfoEndpoint?: string;
+
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public responseType? = 'token';
 
     /**
      * Defines whether additional debug information should
      * be shown at the console.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    showDebugInformation?: boolean;
+    public showDebugInformation? = false;
 
     /**
      * The redirect uri used when doing silent refresh.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    silentRefreshRedirectUri?: string;
+    public silentRefreshRedirectUri? = '';
 
-    silentRefreshMessagePrefix?: string;
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public silentRefreshMessagePrefix? = '';
 
     /**
      * Set this to true to display the iframe used for
      * silent refresh for debugging.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    silentRefreshShowIFrame?: boolean;
+    public silentRefreshShowIFrame? = false;
 
     /**
      * Timeout for silent refresh.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    siletRefreshTimeout?: number;
+    public siletRefreshTimeout?: number = 1000 * 20;
 
     /**
      * Some auth servers don't allow using password flow
@@ -96,71 +150,100 @@ export interface AuthConfig {
      * here. As this passwort is exposed to the public
      * it does not bring additional security and is therefore
      * as good as using no password.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    dummyClientSecret?: string;
+    public dummyClientSecret?: string;
+
 
     /**
      * Defines whether https is required.
      * The default value is remoteOnly which only allows
      * http for location, while every other domains need
      * to be used with https.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    requireHttps?: boolean | 'remoteOnly';
+    public requireHttps?: boolean | 'remoteOnly' = 'remoteOnly';
 
     /**
      * Defines whether every url provided by the discovery
      * document has to start with the issuer's url.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    strictDiscoveryDocumentValidation?: boolean;
+    public strictDiscoveryDocumentValidation? = true;
 
     /**
      * JSON Web Key Set (https://tools.ietf.org/html/rfc7517)
      * with keys used to validate received id_tokens.
      * This is taken out of the disovery document. Can be set manually too.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    jwks?: object;
+    public jwks?: object;
 
     /**
      * Map with additional query parameter that are appended to
      * the request when initializing implicit flow.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    customQueryParams?: object;
+    public customQueryParams?: object;
 
-    silentRefreshIFrameName?: string;
+    /**
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
+     */
+    public silentRefreshIFrameName? = 'angular-oauth-oidc-silent-refresh-iframe';
 
     /**
      * Defines when the token_timeout event should be raised.
      * If you set this to the default value 0.75, the event
      * is triggered after 75% of the token's life time.
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    timeoutFactor?: number;
+    public timeoutFactor? = 0.75;
 
     /**
      * If true, the lib will try to check whether the user
      * is still logged in on a regular basis as described
      * in http://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification
      * @type {boolean}
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    checkSessionPeriodic?: boolean;
+    public sessionChecksEnabled? = false;
 
     /**
      * Intervall in msec for checking the session
      * according to http://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification
      * @type {number}
+     *
+     * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    checkSessionIntervall?: number;
+    public sessionCheckIntervall? = 3 * 1000;
 
     /**
      * Url for the iframe used for session checks
      * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    checkSessionIFrameUrl?: string;
+    public sessionCheckIFrameUrl?: string;
 
     /**
      * Name of the iframe to use for session checks
      * @type {number}
      *
      * @internal DEPREACTED/ LEGACY. Use method configure instead.
      */
-    checkSessionIFrameName?: string;
+    public sessionCheckIFrameName? = 'angular-oauth-oidc-check-session-iframe';
+
+    /**
+     * This property has been introduced to disable at_hash checks
+     * and is indented for Identity Provider that does not deliver
+     * an at_hash EVEN THOUGH its recommended by the OIDC specs.
+     * Of course, when disabling these checks the we are bypassing
+     * a security check which means we are more vulnerable.
+     */
+    public disableAtHashCheck? = false;
 }