This project was bootstrapped with Create React App.
There are more than one way to approach integrating OAuth2 Popup Flow with React and React-Router. The following is one example and assumes you know how react-router works.
git clone https://github.com/ricokahler/oauth2-popup-flow.git
cd oauth2-popup-flow/examples/react-example
npm install
npm startnpm install --save oauth2-popup-flow
- User clicks "Login" button. This will open the authorization page/login page in a new tab.
- User enters their login info in the authorization page.
- Authorization server redirect the user's browser (still in that new tab) to the configured redirect/callback URL including an encoded token in the
#of the redirect URL (e.g.http://localhost:8080/redirect#access_token=SOME.TOKEN.HERE) - Based on the
/redirectroute, front-end will handle the redirect and try to parse the token out of the URL. If this is successful, the new tab will close. - Original tab will receive tokens and normal app flow continues.
Appis the first component rendered and includes a commonAppBarandreact-router's<Switch>component.- The
Appsupports 3 routes:/authenticatedwhich will only render when the user is logged in./unauthenticatedwhich will render when the user is not logged in./redirectwhich will render to handle the redirect/callback the authorization server redirect the user back to.
- The
Appcomponent add event listeners to theauthsingleton for bothloginandlogoutevents. The handlers on those events callhistory.pushorhistory.replaceto either push or redirect the user to the correct routes (/authenticatedand/unauthenticatedrespectively). - The
Redirectcomponent/route callsauth.handleRedirect()to handle the redirect and cause the calling window to close the tab.
The key files to look at are:
- auth.js–creates the auth singleton
- App.js–manages top-level routing
- AuthenticatedRoute.js–the authenticated route
- UnauthenticatedRoute.js–the unauthenticated route/login call to action
- Redirect.js–handles the redirect from the authorization server.
Enjoy!