SSOfy's authentication server is based on the OAuth2 protocol standards. To access your login page, you'll need an OAuth2 Client library. Using the SSOfy SDK is not mandated for this purpose. You may use any other standard libraries that can act as an OAuth2 Client.
To learn what urls to use with third-party libraries, check the Usage page.
On the other side, the OAuth2 Client library for the SDK is tailored for SSOfy. The primary url of your authentication server is all that is required. Rest of the urls will be generated automatically as needed.
The Javascript SDK provides the necessary modules to initiate an authentication/authorization process and generate necessary urls for various operations and handling callbacks.
const client = new SSOfy.OAuth2Client({
url: 'https://YOUR-SSO-DOMAIN',
clientId: 'sandbox',
redirectUri: 'https://CURRENT-DOMAIN/callback'
scopes: ['*'],
locale: 'en', //optional
// state: '', //optional
stateStore: new SSOfy.LocalStorage(),
stateTtl: 30 * 24 * 60 * 60,
});
import { OAuth2Config, OAuth2Client, Storage, FileStorage } from "@ssofy/javascript-sdk";
import fs from "fs";
const storagePath = fs.mkdtempSync('/tmp/');
const stateStore = new FileStorage(storagePath);
const config = new OAuth2Config({
url: 'https://YOUR-SSO-DOMAIN',
clientId: 'sandbox',
clientSecret: 'sandbox',
redirectUri: 'https://CURRENT-DOMAIN/callback'
pkceVerification: true,
scopes: ['*'],
locale: 'en', //optional
// state: '', //optional
stateStore: <Storage>stateStore,
stateTtl: 30 * 24 * 60 * 60,
});
const client = new OAuth2Client(config);
const customAuthorizationUrl = null; // optional
const nextUri = null; // optional
// Implicit Flow
const stateData = await client.initImplicitFlow(customAuthorizationUrl, nextUri);
// Auth Code Flow
const stateData = await client.initAuthCodeFlow(customAuthorizationUrl, nextUri);
// redirect to the login page
window.location.href = stateData.authorizationUri;
// create json payload from url parameters
const parameters = SSOfy.UrlHelper.getParameters(window.location.href);
const stateData = await client.handleCallback(parameters);
// store the last login state identifier somewhere for future use
localStorage.setItem('state', stateData.state);
if (stateData.nextUri) {
// Hint: /optional-uri-to-redirect-next
window.location.href = stateData.nextUri;
}
const state = localStorage.getItem('state');
const accessToken = await client.getAccessToken(state);
In most cases, it's not necessary to call this method as getAccessToken()
refreshes the token automatically upon expiration. However, should you require an earlier token refresh, this method can be used in such instances.
const state = localStorage.getItem('state');
const accessToken = await client.renewAccessToken(state);
await client.destroy(state);
await client.destroy(state);
// logout from this device
window.location.href = config.logoutUrl('URI-TO-REDIRECT-AFTER-LOGOUT')
// logout from all devices
window.location.href = config.logoutEverywhereUrl('URI-TO-REDIRECT-AFTER-LOGOUT')
const state = localStorage.getItem('state');
const user = await client.getUserInfo(state);