MAJ des commentaires

4 years ago · 087463e3ff
parent 22520add64
commit 087463e3ff
2 changed files with 11 additions and 13 deletions
--- a/src/app/shared/auth/auth.module.ts
+++ b/src/app/shared/auth/auth.module.ts
@ -7,15 +7,15 @@ import { authModuleConfig } from './auth-module-config';
 import { AuthService } from './auth.service';

 /**
- * Nous avons besoin d'une usine de stockage car le localStorage 
- * n'est pas disponible au moment de la compilation de l'AOT. (Ahead-of-time)
+ * Utilisation du localstorage pour stocker le token
+ * Voir: https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/configure-custom-oauthstorage.html
 */
 export function storageFactory(): OAuthStorage {
  return localStorage;
 }

 /**
- * Exécute la méthode qui permet d'afficher la page de connexion.
+ * Fonction permettant d'appeler la méthode qui va démarrer la séquence de connexion initiale
 * @param authService Service d'authentification
 */
 export function init_app(authService: AuthService) {
@ -44,8 +44,8 @@ export class AuthModule {
        { provide: OAuthModuleConfig, useValue: authModuleConfig },
        { provide: OAuthStorage, useFactory: storageFactory },
        {
-          provide: APP_INITIALIZER,
-          useFactory: init_app, // Affiche la page de connexion au démarrage de l'application
+          provide: APP_INITIALIZER, // Gestion de l'authentification au démarrage de l'application
+          useFactory: init_app, 
          deps: [ AuthService ],
          multi: true
        }
--- a/src/environments/environment.ts
+++ b/src/environments/environment.ts
@ -21,21 +21,19 @@ const keycloakConfig: AuthConfig = {
  //dummyClientSecret: 'f27746f4-e603-441e-a256-3ddd5b19ba54',
  dummyClientSecret: '82702d7b-e44b-4415-9c80-54774a58e1dc',

-  responseType: 'code',
-  silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html' ,
+  // To configure your solution for code flow + PKCE you have to set the responseType to code
+  responseType: 'code', 

  // set the scope for the permissions the client should request
  // The first four are defined by OIDC.
  // Important: Request offline_access to get a refresh token
  // The api scope is a usecase specific one
  scope: 'openid profile email',
-  showDebugInformation: true,
-  useSilentRefresh: true, // Needed for Code Flow to suggest using iframe-based refreshes
-  silentRefreshTimeout: 5000, // For faster testing
-  timeoutFactor: 0.25, // For faster testing
+  useSilentRefresh: true, // Activate silent refresh for code flow
+  silentRefreshTimeout: 5000, 
+  timeoutFactor: 0.25,
  sessionChecksEnabled: true,
-  clearHashAfterLogin: false, // https://github.com/manfredsteyer/angular-oauth2-oidc/issues/457#issuecomment-431807040,
-  nonceStateSeparator : 'semicolon' // Real semicolon gets mangled by IdentityServer's URI encoding
+  nonceStateSeparator : 'semicolon' // Real semicolon gets mangled by Keycloak's URI encoding
 };

 export const environment = {