Merge pull request #1541 from damienbod/fabiangosebrink/exposing-the-…

…payload-of-access-token

exposing payload of access token

docs/site/angular-auth-oidc-client/docs/documentation/01-public-api.md

@@ -406,6 +406,21 @@ this.oidcSecurityService.getPayloadFromIdToken().subscribe(/*...*/);
 this.oidcSecurityService.getPayloadFromIdToken(true, 'configId').subscribe(/*...*/);
 ```
 
+## getPayloadFromAccessToken(encode = false, configId?: string)
+
+Returns the payload from the access token as an `Observable`. This can be used to get claims from the token.
+If you are running with multiple configs and pass a `configId`, the payload for this config is returned. If you are running with multiple configs and do not pass a `configId`, the payload for the first config is returned. If you are running with a single config, the payload for this config returned.
+
+The `encode` param has to be set to `true` if the payload is base64 encoded.
+
+```ts
+this.oidcSecurityService.getPayloadFromAccessToken().subscribe(/*...*/);
+```
+
+```ts
+this.oidcSecurityService.getPayloadFromAccessToken(true, 'configId').subscribe(/*...*/);
+```
+
 ## setState(state: string, configId?: string)
 
 You can set the state value used for the authorize request, if you have `autoCleanStateAfterAuthentication` in the configuration set to `false`. This can be used for custom state logic handling, the state is not automatically reset when set to `false`.

projects/angular-auth-oidc-client/src/lib/oidc.security.service.spec.ts

@@ -361,6 +361,32 @@ describe('OidcSecurityService', () => {
     }));
   });
 
+  describe('getPayloadFromAccessToken', () => {
+    it('calls `authStateService.getAccessToken` method, encode = false', waitForAsync(() => {
+      const config = { configId: 'configId1' };
+
+      spyOn(configurationService, 'getOpenIDConfiguration').and.returnValue(of(config));
+      spyOn(authStateService, 'getAccessToken').and.returnValue('some-access-token');
+      const spy = spyOn(tokenHelperService, 'getPayloadFromToken').and.returnValue(null);
+
+      oidcSecurityService.getPayloadFromAccessToken().subscribe(() => {
+        expect(spy).toHaveBeenCalledOnceWith('some-access-token', false, config);
+      });
+    }));
+
+    it('calls `authStateService.getIdToken` method, encode = true', waitForAsync(() => {
+      const config = { configId: 'configId1' };
+
+      spyOn(configurationService, 'getOpenIDConfiguration').and.returnValue(of(config));
+      spyOn(authStateService, 'getAccessToken').and.returnValue('some-access-token');
+      const spy = spyOn(tokenHelperService, 'getPayloadFromToken').and.returnValue(null);
+
+      oidcSecurityService.getPayloadFromAccessToken(true).subscribe(() => {
+        expect(spy).toHaveBeenCalledOnceWith('some-access-token', true, config);
+      });
+    }));
+  });
+
   describe('setState', () => {
     it('calls flowsDataService.setAuthStateControl with param', waitForAsync(() => {
       const config = { configId: 'configId1' };

projects/angular-auth-oidc-client/src/lib/oidc.security.service.ts

@@ -245,6 +245,24 @@ export class OidcSecurityService {
     );
   }
 
+  /**
+   * Returns the payload from the access token.
+   *
+   * @param encode Set to true if the payload is base64 encoded
+   * @param configId The configId to check the information for. If not passed, the first configs will be taken
+   *
+   * @returns The payload from the access token.
+   */
+  getPayloadFromAccessToken(encode = false, configId?: string): Observable<any> {
+    return this.configurationService.getOpenIDConfiguration(configId).pipe(
+      map((config) => {
+        const token = this.authStateService.getAccessToken(config);
+
+        return this.tokenHelperService.getPayloadFromToken(token, encode, config);
+      })
+    );
+  }
+
   /**
    * Sets a custom state for the authorize request.
    *