3. 3
One User - (too) many User-Accounts
Folie 8
One Client - (too) many User-Accounts
Folie 9
4. 4
OVERVIEW OF OAUTH 2.0
Page 10
What is OAuth?
Developed at Twitter and Ma.gnolia
Standard for the delegation of (restricted) rights
Used by companies like Google, Facebook, Flickr,
Microsoft, Salesforce.com and Yahoo!
Folie 11
7. 7
OpenId Connect (OIDC)
Extension of OAuth 2.0
Defines how to use OAuth 2.0 for Authentication
Defines how to query User Profile
Client also gets ID-Token
JWT-Token with information about user
Can be signed by the issuer
Shuts down some security holes
Folie 45
OIDC
Folie 46
Authorization-Server
Client 1 Service 1
Access-Token
ID-Token
/service-url + Access-Token
9. 9
What are Guards?
Services
Can get other services via DI
Router triggers Guards before activating/
deactivating Components
Can prevent activation/ deactivation
Page 53
Guards
CanActivate canActivate
CanDeactivate<T> canDeactivate
Result: boolean | Observable<boolean>