#2 Builds library using Angular 7 package format for compatiblity with Angular 7+.
#794 OktaAuthService.getUser only uses /userinfo endpoint to retrieve user claims. OktaAuthService.getUser should be the recommended method to acquire user information as idToken.claims may become stale due to data updating.
#867 The current instance of the OktaAuthService is passed to isAuthenticated callback function.
#867 Default onSessionExpired behavior is removed, as it was causing concurrency issues.
#776 OktaAuthGuard now implements canActivateChild
OktaCallbackComponentwill catch and display exceptions thrown fromhandleAuthentication()onAuthRequiredcallbacks will now receive the Angular injector as the 2nd parameter. This change allows logic using any services available within your application.
- Saved URI is now stored in
sessionStorageinstead oflocalStorage. This fixes an issue which can occur when multiple instances of the app are loading at the same time. OktaCallbackComponentuseswindow.location.replace()to complete the login flow afterhandleAuthenticationcompletes. This fixes an issue where the user could navigate back to the callback hander.
- Signature for
onAuthRequiredcallback functions has changed. Callbacks will receive theOktaAuthServiceas the first argument, and the AngularInjectoras the second argument. - Static initializer
OktaAuthModule.initAuth()has been removed.OKTA_CONFIGshould be provided directly by your module. getFromUrinow returns an absolute URI as a stringsetFromUritakes a string. If it is a relative path, it will be converted to an absolute URI before being saved.- Legacy config formats are no longer supported. See Configuration Reference for supported values.
- The
pkceoption now defaults totrue, using the Authorization Code w/PKCE flow- Those using the (previous default) Implicit Flow should pass
pkce: falseto their config - See the @okta/okta-auth-js README regarding PKCE OAuth2 Flow for PKCE requirements
- Which include the Application settings in the Okta Admin Dashboard allowing for PKCE
- Those using the (previous default) Implicit Flow should pass
- Upgrades
@okta/okta-auth-jsto version 3.0.0
- #648
- Adds a default handler for onSessionExpired
- Adds a new option isAuthenticated which works with onAuthRequired
- Expose TokenManager
- Adds documentation for postLogoutRedirectUri
- #646 - Fixes regression with AOT compilation. Also tested against Angular 9.
558696- Upgrades to@okta/[email protected]which includes new options for signout:3e8c65
558696- Upgrades to@okta/[email protected]which includes new options for signout:3e8c65
ef10d85- Support PKCE authorization flow
-
654550- All configuration options are now accepted. See Configuration Reference. Camel-case (clientId) is now the preferred syntax for all Okta OIDC libraries. Underscore syntax (client_id) will be deprecated in a future release. -
a2a7b3e- Configuration propertyscope(string) is deprecated in favor ofscopes(array). Normalize config format for the propertiesresponseTypeandscopes, used in get token flows. Fully support deprecated config propertiesrequest_typeandscopeas previously documented and used within the okta-angular samples.
0703aff- Relaxes peerDependency to include latest versions of Angular
f972822- Deprecates 'initAuth' method.
2ae1eff- Adds TokenManager configuration parameters.
2945461- Updates@okta/configuration-validationversion
6242f2d- Fixes an issue where the library was not correctly building the/distoutput before publishing tonpm.
29d04f6- Adds configuration validation forissuer,clientId, andredirectUriwhen passed into the auth service.
3582f25- Rely on shared environment configuration from project root.c8b7ab5a- Migrate dependencies to project root utilizing yarn workspaces.
5862e32- Fixes an issue where the library would enter an error state when attempting to renew expired tokens (errorCode:login_required).
- Updated
@okta/okta-auth-jsdependency to version 2.
- The supported range of Angular peer dependencies has been upgraded to include versions 4, 5, and 6. At the moment we only test on the latest stable version of Angular, currently version 6.