Category : jwt

I am using the @azure/msal-angular and @azure/msal-browser packages in order to try and get my angular webapp to retrieve msal tokens through the redirect flow. The way I have configured it is like so: export function msalInstanceFactory(): IPublicClientApplication { return new PublicClientApplication({ auth: { clientId: ‘my-client-id’, authority: ‘my-authority’, redirectUri: ‘/’ }, cache: { cacheLocation: BrowserCacheLocation.SessionStorage ..

Read more

If we are building new Angular application with authentication mechanism what is the recommended way to authenticate the user? I’ve seen a lot of Angular authentication tutorials and all of them are showing only jwt authentication approach. Is there a way to implement session-based authentication in Angular Applications along with some custom backend? Should we ..

Read more

In my recent encounter, I was trying to implement JWT Tokens storing securely in the Front-End. What my previous approach is to store access_token as well refresh_token in sessionStorage which is vulnerable to XSS attacks. Now, when access_token expires, I’ll call for /refresh endpoint to obtain a new access_token. Here I’m passing expired JWT into ..

Read more

Service.ts public welcome(token: any){ let tokenString = "Bearer "+token console.log("tokenString is: "+tokenString) let header = new HttpHeaders().set("Authorization",tokenString); const requestOptions = { headers: header}; return this.httpClient.get(‘http://localhost:8191/api/’,{ responseType: ‘text’ as ‘json’, headers: header }); } WebPage Console: tokenString is: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJqYXZhdGVjaGllIiwiZXhwIjoxNjIzMTMyNzc5LCJpYXQiOjE2MjMwOTY3Nzl9.h6aw8VBFHXWJQ5R2jRyn0MUqbe4rT3RvUCsELfcKHSU Access to XMLHttpRequest at ‘http://localhost:8191/api/’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: Response to ..

Read more