Authorization - Angular + Spring + wso2
Question
I've never implemented an application that needed to handle user authentication and authorization.
Now I'm trying to implement an app that has a front-end build with angular and a back-end build with spring security. And I want to user Wso2 identity server as an identity provider.
My doubt is, should i use a library like angular-oauth2-oidc or Asgardeo in the front-end and call the endpoint for the identity server authorization server from here; or should I call an api that I should implement in the backend and that api calls the identity server authorization server endpoint and returns to the front-end the access token generated?
1 answers
solution1
0 2022-12-05 21:24:50
Use an OIDC client lib for Angular. My favorite is angular-auth-oidc-client . It will handle:
- redirections to and from authorization-server
- exchange of authorization code for tokens
- access-token refreshing (silently, just before it expires)
- requests authorization (HTTP interceptor to set authorization header with access-token)
It also provides with Angular route guard to redirect to login when an unauthorized user tries to activate a protected route.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.