AngularJS + OAuth

Question

I'm trying to write a login solution for my Angular App,
This means to allow the user to connect via Facebook/Google/Twitter or Register normally.
I found Angular-OAuth to be useful, but it didn't seem to work with Facebook (or Twitter).

Anyone knows of an all-inclusive solution for this?

Anand Rajasekar · Answer 1 · 2014-09-25T05:25:14.923

Here is a simple example using just redirects with angular js

Here is how to redirect to authentication

angular.module('angularoauthexampleApp')
  .controller('MainCtrl', function ($scope) {
    $scope.login=function() {
        var client_id="your client id";
        var scope="email";
        var redirect_uri="http://localhost:9000";
        var response_type="token";
        var url="https://accounts.google.com/o/oauth2/auth?scope="+scope+"&client_id="+client_id+"&redirect_uri="+redirect_uri+
        "&response_type="+response_type;
        window.location.replace(url);
    };
  });

Here is how to handle the redirect after authentication

angular
  .module('angularoauthexampleApp', [
  ])
  .config(function ($routeProvider) {
    $routeProvider
      .when('/access_token=:accessToken', {
        template: '',
        controller: function ($location,$rootScope) {
          var hash = $location.path().substr(1);

          var splitted = hash.split('&');
          var params = {};

          for (var i = 0; i < splitted.length; i++) {
            var param  = splitted[i].split('=');
            var key    = param[0];
            var value  = param[1];
            params[key] = value;
            $rootScope.accesstoken=params;
          }
          $location.path("/about");
        }
      })
  });

More complete information here http://anandsekar.github.io/oauth2-with-angularjs/

How different part of application get that user is authorized? — Sharikov Vladislav, Nov 30 '15 at 17:44
Won't this cause a brand new instance of your angular application to be bootstrapped upon the browser receiving the redirect from the OAuth server? — Matt, Aug 14 '16 at 17:01

score 40 · Accepted Answer · answered Sep 03 '13 at 02:27

40

Take a look at oauth.io

Easy implementation in Javascript
80+ OAuth providers
Fast & secure

answered Sep 03 '13 at 02:27

Thibaud Arnault

1,435
14
21

is this still the best solution for angular apps? – FutuToad Mar 28 '14 at 18:17
5

OAuth.io has a large freemium model (up to 1000 monthly users) and an opensource version available on Github: https://github.com/oauth-io/oauthd – Thibaud Arnault Apr 22 '14 at 10:55
Any idea on how to call twitter authorize instead of autenticate using Oauth.io? – clopez Jun 19 '14 at 16:10
@clopez https://dev.twitter.com/docs/auth/implementing-sign-twitter. But you can't do it using angular-js only, you need to have a backend as it require to send via HTTP your API keys (with the secret key), the signature and others OAuth parameters which have to stay secret. – Thibaud Arnault Jun 24 '14 at 03:59
As I've said before, of course, the service is not totaly free, the company need money somewhere to continue further. But, we developed the opensource version oauthd (https://github.com/oauth-io/oauthd) which is completely free, the core is exactly the same than oauth.io. The mentality behind oauth.io is to publish everything in opensource license, so if you have a server, it is free. – Thibaud Arnault Oct 04 '14 at 23:00

score 13 · Answer 3 · answered May 06 '14 at 08:51

13

There is a Free-Open-Source alternative to the freemium oauth.io: hello.js

answered May 06 '14 at 08:51

Pedro Montoto García

1,672
2
18
38

6

OAuth.io is also opensource with his OAuth deamon: github.com/oauth-io/oauthd ;) – Thibaud Arnault May 06 '14 at 17:21
But that's only the OAuth provider (server), not the js client I think. – Pedro Montoto García May 20 '14 at 16:12
2

All client are available on github: [js](https://github.com/oauth-io/oauth-js), [ios](https://github.com/oauth-io/oauth-ios), [android](https://github.com/oauth-io/oauth-android), [phonegap](https://github.com/oauth-io/oauth-phonegap), [flex](https://github.com/oauth-io/oauth-flex), [php](https://github.com/oauth-io/sdk-php), [node.js](https://github.com/oauth-io/sdk-node) and more are coming). You can configure them to work with oauthd instead of oauth.io – Thibaud Arnault May 21 '14 at 19:43
btw oauthd is not an OAuth provider but the clone of OAuth.io made by the OAuth.io team in opensource (the core - The API Key manager / OAuth process flow / proxy the API call for OAuth1 / user unification etc...). – Thibaud Arnault May 21 '14 at 20:43

score 6 · Answer 4 · answered Jul 02 '15 at 23:08

Have a look at the Satellizer project on Github. I'm just getting started with it, it seems promising.

It uses JSON Web Tokens, and allows login with: email+password, Facebook, Twitter, Google, and any other OAuth 1.0/2.0 provider.

The client side code works out the box, you'll have to implement the server side yourself. There are good descriptions of the work flows and code examples for many server side languages.

score 0 · Answer 5 · answered Dec 24 '18 at 02:52

Just wanted to add some comment and sample Angular code for the OAuth.io solution mentioned above. As the founder stated, it is a paid service but it has 2 main benefits I believe:

It provides a consistent way to connect to any OAuth provider be it Facebook, Twitter, etc., i.e.,it hides all the peculiarities of each OAuth provider implementation.
It enables you implement OAuth social buttons using only front-end code.

The front-end code is also rather simple. I took this from coderwall.

import {Component, OnInit} from '@angular/core';

function _window(): any {
  // return the global native browser window object
  return window;
}

@Component({
  selector: 'app-root',
  templateUrl: './app.component.html',
  styleUrls: ['./app.component.css']
})
export class AppComponent implements OnInit {

  ngOnInit(): void {
    const oauthScript = document.createElement('script');
    oauthScript.src = 'https://cdn.rawgit.com/oauth-io/oauth-js/c5af4519/dist/oauth.js';

    document.body.appendChild(oauthScript);
  }

  handleClick(e) {
    // Prevents page reload
    e.preventDefault();

    // Initializes OAuth.io with API key
    // Sign-up an account to get one
    _window().OAuth.initialize('YOUR OAUTH.IO PUBLIC KEY');

    // Popup Github and ask for authorization
    _window().OAuth.popup('github').then((provider) => {

      // Prompts 'welcome' message with User's name on successful login
      // Check console logs for additional User info
      provider.me().then((data) => {
        console.log('data: ', data);
        alert('Welcome ' + data.name + '!');
      });

      // You can also call Github's API using .get()
      provider.get('/user').then((data) => {
        console.log('self data:', data);
      });
    });
  }
}

AngularJS + OAuth

5 Answers5

Linked