# SDK for Single Sign-On
Authing SSO SDK is used to initiate SSO login, query SSO login status, and single sign out.
# Install
# Install via NPM
$ npm install @authing/sso --save
Then it can be used in the following ways
import AuthingSSO from "@authing/sso";
# Install via CDN
<script src="https://cdn.jsdelivr.net/npm/@authing/sso/dist/AuthingSSO.umd.min.js"></script>
<script>
console.log(AuthingSSO);
</script>
# Getting started
You need to register an Authing (opens new window) account first, and create an OIDC application.
# Initiate login
# Jump Login
import AuthingSSO from "@authing/sso";
let auth = new AuthingSSO({
appId: "APP_ID",
appType: "Fillable: oauth/oidc", // default oidc
appDomain: "APP_DOMAIN"
});
// Initiate single sign-on, it will jump to the login page, adopt the authorization code mode, need the relevant application to open the authorization code mode
auth.login();
# Window Login
import AuthingSSO from "@authing/sso";
let auth = new AuthingSSO({
appId: "APP_ID",
appType: "Fillable: oauth/oidc", // default oidc
appDomain: "APP_DOMAIN"
});
// Initiate single sign-on, a window will pop up, inside is the login page, the authorization code mode is used, and the relevant application needs to enable the authorization code mode
auth.windowLogin();
The business domain name callback address needs to host an html file, which is used to send the obtained code access_token id_token and other parameters to the parent window through postMessage, and then close the window.
For example, the callback address is https://example.com/handle.html (opens new window), this html needs to write a piece of code to send postMessage, which is responsible for taking out relevant parameters from the url and passing them to the parent window.
Github reference code: https://github.com/Authing/oidc-window (opens new window)
# Go to registration page
Sometimes you may want your users go to registration page first. Examples are as follows:
import AuthingSSO from '@authing/sso';
let auth = new AuthingSSO({
appId: 'APP_ID',
appType: 'fill in: oauth/oidc', // 默认 oidc
appDomain: 'APP_DOMAIN',
});
// Call this function to go to registration page
auth.register();
# Check login status
let res = await auth.trackSession();
/**
* {
* session: {appId:'xxx', type:'oidc/oauth', userId:'yyy'},
* userInfo: {
* "_id": "USER_ID",
* "email": "USER_EMAIL",
* "registerInClient": "CLIENT_ID",
* "token": "JTW_TOKEN",
* "tokenExpiredAt": "2019-10-28 10:15:32",
* "photo": "PICTURE",
* "company": "",
* "nickname": "NICKNAME",
* "username": "USERNAME",
* },
* urlParams: {
* code:'xxx', // These parameters are obtained from the url and need to be stored by the developer for use
* id_token:'ID_TOKEN',
* access_token:'ACCESS_TOKEN'
*}
*}
*
* If the session does not exist, return:
*
* {
* session: null
*}
* */
# Sign out
let res = await auth.logout();
/**
* {
* message: "Single point logout succeeded",
* code: 200
*}
* */
# API
# AuthingSSO.prototype.constructor
The constructor accepts an object as a parameter. The list of parameters in the object is as follows:
| Parameter name | Is it required | Description | default value |
|---|---|---|---|
| appId | Yes | SSO application ID | - |
| appDomain | Yes | SSO application domain name, such as app1.authing.cn | - |
| appType | No | SSO application type, optional value is oidc,oauth | oidc |
| scope | No | SSO authorized domain | 'openid profile email phone, see supported scope and custom scope |
| state | No | Custom string, callback address will also receive this parameter, the content is the same, can be used to pass information | Radom string |
| host | No | An object that specifies the address of GraphQL | { oauth: 'https://core.authing.cn/graphql' } |
| host.oauth | No | GraphQL correspondence address | https://core.authing.cn/graphql |
| responseType | No | SSO application authorization process, optional value is code,implicit | code |
| redirectUrl | No | SSO application callback domain name | The first business domain name configured in the Authing console |
| nonce | No | random number | random number |
| timestamp | No | Time stamp | Current timestamp |
let auth = new AuthingSSO({
appId: "APP_ID",
appType: "oidc",
appDomain: "APP_DOMAIN"
});
# AuthingSSO.prototype.login
Example
auth.login();
# AuthingSSO.prototype.trackSession
Example
let res = await auth.trackSession();
/**
* {
* session: {appId:'xxx', type:'oidc/oauth', userId:'yyy'},
* userInfo: {
* "_id": "USER_ID",
* "email": "USER_EMAIL",
* "registerInClient": "CLIENT_ID",
* "token": "JTW_TOKEN",
* "tokenExpiredAt": "2019-10-28 10:15:32",
* "photo": "PICTURE",
* "company": "",
* "nickname": "NICKNAME",
* "username": "USERNAME",
* },
* urlParams: {
* code:'xxx', // These parameters are obtained from the url and need to be stored by the developer for use
* id_token:'ID_TOKEN',
* access_token:'ACCESS_TOKEN'
*}
*}
*
* If the session does not exist, return:
*
* {
* session: null
*}
* */
# AuthingSSO.prototype.logout
Example
let res = await auth.logout();
/**
* {
* message: "Single point logout succeeded",
* code: 200
*}
* */
# Get help
- Join us on Gitter: #authing-chat (opens new window)