Fetching contributors…
Cannot retrieve contributors at this time
236 lines (161 sloc) 8.58 KB


  • added oauthOptions to the exchange for token flow in oauth 1.0a


  • using angular cli version 6 to build the library
  • StorageType is now a proper enum
  • Universal might be working now
  • Update providers function


  • fixed facebook and twitter config
  • fixed a bug in JwtInterceptor


  • added storage type 'none' and 'memory' and added StorageType "enum".
  • forRoot without options will give you the ability to inject your own config
  • you can decide to not inject the JwtInterceptor view forRoot function
  • issue #124: export IProviders
  • issue #121: ability to inject config
  • issue #122: ability to decode unicode characters
  • Angular 5.0.0 (for <5.0.0 use version 7.0.2)
  • Rxjs lettables
  • Total refactor, code is much cleaner, shorter and easier to read

    • Using HttpClient instead of Http
    • Using HttpClient Interceptor instead of JwtHttp
    • In the exchangeForToken flow (when you want to exchange authorization code given by the authorization endpoint with your server's token) this library now sends a body that looks like this instead of a flat mesh of the oauth options, oauth result and user data:
    "authorizationData": {
        //the same data sent to the auth endpoint
    "oauthData": {
        //the data received from the oauth endpoint
    "userData": {
        //additional data you've provided
  • You don't need a class for the options and several options were removed (mostly because you can't make requests while you intercept requests...):
    • defaultHeaders - No need, you can create your own interceptor.
    • tryTokenRefreshIfUnauthorized, refreshBeforeExpiration, autoRefreshToken, refreshUrl - Removed since can't refresh while intercepting (if you come up with a clever idea how please send a pull request / issue)
  • changed the OauthOptions
    • removed exchangeForToken - was hard to use and nobody was using it
    • removed responseParams - was not in use
    • removed scopePrefix - you can just add it as the first param in scope
    • scope is only an array
    • No more requiredUrlParams/optionalUrlParams confusion! introducing additionalUrlParams - just add a param name, and value and it will be added to the request, if the value is undefined the param will not be added, if the value is null it will be added without a value, if the value is a function, it will run the function.


  • issue #105: Make the library FESM15 includeable by using ng-packagr.


  • issue #98: responseType = 'token' not returning control to client app
  • pull request #103: update packages + fixed support for TypeScript 2.4
  • logout now removes the token only if subscribing to it, to logout syncronically use removeToken instead.
  • issue #100: added visibleToolbar to popup options
  • removed defaultUrlParams customization, use optionalUrlParams instead
  • issue #81: support for 'cookie' & 'sessionCookie' (cookie without expiration) storage types

BREAKING CHANGE: This version drops official support for angular 2.0


  • pull request #91: rename StorageService to BrowserStorageService + add BaseStorage.


  • fixed google new login 500 issue with undefined optional params


  • supporting angular 4 in package.json


  • pull request #83: avoid import Type from src.


  • pull request #82: throw 'Authentication Canceled' when on a cordova app
  • issue #78: added optional params on google provider
  • issue #77: added ability to change the exchangeForToken request method


  • pull request #73: universal support
  • throwing new Error('Authentication Canceled') when popup is closed prematurely so you could stop your spinners on subscribe({..., error: err => <stop spinners here>, complete: () => <and here>})


  • issue #68 - fixed issue with responseType='token'
  • issue #65 - added tryTokenRefreshIfUnauthorized (off by default)
  • pull request #64 & pull request #67 - added ability to change the httpService Ng2UiAuthModule.forRootWithCustomHttp(config, {provide: JwtHttp, useClass: MyHttp, deps: [Http, SharedService, ConfigService]})
  • BREAKING CHANGE: Replaced Ng2UiAuthModule.getWithConfig(MyAuthConfig) with Ng2UiAuthModule.forRoot(MyAuthConfig) to look more like other modules


  • might be breaking: changed out folder names, not linking to the bundled version by default because of webpack issues with the pre-bundled version
  • pull request #63 set token only when it's available
  • pull request #61 [expiration date] check payload is defined.
  • pull request #60 allow string as a scope option.
  • pull request #57 allow any type in http body.


  • cordova variable defaults to window.cordova
  • fixed issue with oauth 1


  • fix issue #47 using this library without server url causes exception.
  • switched concatMap with switchMap (should be a better fit for that scenerio)
  • added ability to force "exchangeForToken" by setting it to true in IOauthOptions
  • added ability to force "exchangeForToken" and provide your own implementation by providing an exchangeForToken function in IOauthOptions
  • fix issue #50 added ability to manually configure the resolveToken method via config
  • fix issue #50 tokenRoot and tokens received from data property did not resolve.


  • Aligned default config with Satellizer (added Spotify)
  • AOT compilation now works
  • Peer dependency is now ^2.0.0
  • BREAKING CHANGE: Changed service names to have "Service" postfix ("Auth" is now AuthService) all except JwtHttp which remains the same.
  • BREAKING CHANGE: Initializing the library works like this now:
export class MyAuthConfig extends CustomConfig {
    providers = {google: {clientId: GOOGLE_CLIENT_ID}};

    imports: [


  • Added "refresh token" flow, if you configure 'autoRefreshToken' to true then if you call a webservice when the token expires this library automatically sends it to the server using 'refreshUrl' endpoint (can be set in config default = '/auth/refresh') first and then sets a new token if it receives it and tries to call the original request. (issue #41)
  • Added 'state' to the 'optionalUrlParams' of google according to issue #43


  • after testing issue #29 should be fixed


  • reverting to 3.1.2 since the 3.2.0 fix was not enough


  • fixed issue #29: extend() did not work causing custom options of popup window size to not work and authenticate('provider', userCustomData) with user custom data to not work properly


  • fixed issue #27: added missing authHeader to ICustomConfig interface


  • support rc2 "withCredentials" http flag


  • fixed issue #25: signup should accept "string" user and custom body


  • made a different folder for declarations so typescript won't try to re-compile the library


  • fixed issue: Not able to send a string user, or the user in the options body.


  • updated to support rc.0 and hopefully above


  • using rollup to bundle (fixes warning in webpack import)
  • breaking change: adding default headers even without authentication
  • removed dependency on "flatMap"
  • updated peer dependencies to beta.12


  • breaking change: removed JWT_HTTP_PROVIDER, JwtHttp is provided in the default provider,
  • breaking change: all internal calls use JwtHttp for their calls instead of Http
  • added configurable default headers (NG2_UI_AUTH_PROVIDERS({ defaultHeaders: {'Content-Type': 'application/json'}, providers: {google: {clientId: GOOGLE_CLIENT_ID}}}))
  • added configurable token seperator (NG2_UI_AUTH_PROVIDERS({ tokenSeparator: '-', providers: {google: {clientId: GOOGLE_CLIENT_ID}}}))
  • fix for JwtHttp to support "Request" class as a parameter.


  • bundled the entire sources to dist/ng2-ui-auth.js and provided a minified version
  • added a provider for plain JwtHttp (JWT_HTTP_PROVIDER)
  • bumped peer dependency to beta.7


  • bumped to angular 2.0.0-beta.2
  • changed dependencies to angular2 being a "peerDependency"


  • fixed http "unlink" call


  • changed module from system to commonjs


  • Removed dependency on angular-jwt (you can now use the included JwtHttp)
  • Readded "authHeader" to the configuration
  • Added an api for getting token expiration date (auth.getExpirationDate())
  • changed default token prefix and the name of the providers from SATELLIZER_PROVIDERS to NG2_UI_AUTH_PROVIDERS


  • everything is working!