Ad

What Is The Difference Between Oauth2 In Angular (client-side) And In The Node.js (server-side)? And When To Implement Each One?

- 1 answer

Due to the lack examples of oauth2 in node.js, I can't decide where to implement the oauth2 service. Also, I wanna know what is the meaning of provider in oauth2 and when to create a new one and when to use a pre-made one like google.

I tried to implement a provider in the server-side but I didn't know how to test it.

If there are any useful resources I would be happy to take them.

Ad

Answer

You should use Open Id Connect (Authorization Code Flow + PKCE) in your Angular app. You should validate OAuth 2.0 access tokens in your API. Both of these components should interact with a 3rd party Authorization Server. There is a learning curve and my tutorial + code sample may help you - feel free to post back if you get stuck: https://authguidance.com/2017/09/24/basicspa-overview/

Ad
source: stackoverflow.com
Ad