Version 11 to 12
Version 12 introduces a big new feature with supporting multiple configurations and with that multiple identity provider. With that the configuration and the interface for the users changes.
We also introduced an easier way of configuring the lib from the start to align in best practices.
#
Bootstrapping the libTo make the configuration at the start easier and to be able to pass multiple configs we re-wrote the bootstrapping process of the lib.
#
Static configurationOld:
New:
#
Loading config from endpoint (http)Old
New
#
ConfigurationauthWellknownEndpoint
renamed to authWellknownEndpointUrl
#
Old:
New:
#
AuthWellKnownEndpoints are now part of the configIn the previous version, authWellKnownEndpoints
was a separate parameter you could provide alongside the config in withConfig
to configure your Security Token Service's Well-Known Endpoints. This parameter still exists, and it is of the same type, but it's now a parameter on the config object rather than being a separate parameter on withConfig(..., authwellKonwn)
Old:
New:
autoUserinfo
--> autoUserInfo
#
The casing was corrected in the config.
Old:
New:
#
Custom Params to pass to requests have been renamedcustomParams
-->customParamsAuthRequest
customParamsRefreshToken
-->customParamsRefreshTokenRequest
customParamsEndSession
-->customParamsEndSessionRequest
customTokenParams
-->customParamsCodeRequest
Old:
New:
OidcSecurityService
#
Service configuration
replaced by method and object PublicConfiguration
deleted#
Getter for The getter for the active configuration was removed as well as the object PublicConfiguration
as return type. Since the AuthWellKnownEndpoints
parameter is now part of the config, the property was replaced with methods to get the configuration directly. Please read below on how to get the currently used configuration.
Old:
used with
New:
used with
getToken()
renamed to getAccessToken()
#
Old
New
checkAuth()
returning LoginResponse
instead of boolean#
The checkAuth()
method no longer returns a boolean value denoting the authentication status. Instead, an object is returned containing:
Old:
New:
Or
checkAuthIncludingServer()
returning LoginResponse
instead of boolean#
See checkAuth()
returning LoginResponse
instead of boolean.
Same applies for checkAuthIncludingServer()
forceRefreshSession()
returning LoginResponse
instead of TokenResponse#
See checkAuth()
returning LoginResponse
instead of boolean.
Same return value applies for forceRefreshSession()
.
Old:
New:
isAuthenticated$
returning AuthenticatedResult
instead of boolean
only#
Old:
New:
userData$
returning UserDataResult
instead of any
only#
Old:
New:
Single Config:
Multiple Configs:
authorize(...)
has new configId
as first parameter#
Because V12 introduces multiple configs, the first parameter is now configId
.
Old:
New:
logoffAndRevokeTokens(...)
has new configId
as first parameter#
Because V12 introduces multiple configs, the first parameter is now configId
.
Old:
New:
logoff(...)
has new parameters#
Because V12 introduces multiple configs, the first parameter is now configId
and the second parameter is AuthOptions
.
Old:
called with
New:
AuthorizationResult
changed and renamed to AuthStateResult
#
Interface The old interface AuthorizationResult
had the following structure:
The interface was renamed and the authorizationState: AuthorizedState;
was converted into a boolean
and renamed.
Old:
New
NewAuthorizationResult
was renamed to NewAuthenticationResult
#
The event has changed from NewAuthorizationResult
to NewAuthenticationResult
Old:
New:
AutoLoginGuard
--> AutoLoginAllRoutesGuard
and AutoLoginPartialRoutesGuard
#
Due to a lot of feedback about the AutoLoginGuard
and usage we did not expect in that way we decided to give the AuthGuard
a brush and divided it into a AutoLoginAllRoutesGuard
when you want to secure your complete app and an AutoLoginPartialRoutesGuard
if some of your routes are publicly accessible.
Please refer to the docs about more information.
Old (securing the whole app)
New (securing the whole app)
Old (securing parts of the app)
New (securing parts of the app)
stsServer
--> authority
#
Renaming the stsServer
to authority
. The authority
issues tokens. Sometimes this is called secure token service
, auth server
, identity provider
. The authority
can also be the issuer
but does not have to be.
Old:
New: