A Ember Simple Auth addon which implements the OpenID Connect Authorization Code Flow.
Last updated a month ago by kaldras .
MIT · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install ember-simple-auth-oidc 
SYNC missed versions from official npm registry.


npm version Build Status semantic-release

A Ember Simple Auth addon which implements the OpenID Connect Authorization Code Flow.


$ ember install ember-simple-auth-oidc


To use the oidc authorization code flow add at least the following mixins to their respective routes:

The oidc-application-route-mixin replaces the Ember Simple Auth application-route-mixin.

// app/routes/application.js

import Route from "@ember/routing/route";
import OIDCApplicationRouteMixin from "ember-simple-auth-oidc/mixins/oidc-application-route-mixin";

export default Route.extend(OIDCApplicationRouteMixin, {});

The oidc-authentication-route-mixin must cover the login / authentication route (for example the Ember Simple Auth default /login).

// app/routes/login.js

import Route from "@ember/routing/route";
import OIDCAuthenticationRouteMixin from "ember-simple-auth-oidc/mixins/oidc-authentication-route-mixin";

export default Route.extend(OIDCAuthenticationRouteMixin, {});

The oidc-end-session-route-mixin must cover the logout / end session route (for example /logout).

// app/routes/logout.js

import Route from "@ember/routing/route";
import OIDCEndSessionRouteMixin from "ember-simple-auth-oidc/mixins/oidc-end-session-route-mixin";

export default Route.extend(OIDCEndSessionRouteMixin, {});

To include authorization info in all Ember Data requests add the oidc-adapter-mixin into the application adapter.

// app/adapters/application.js

import DS from "ember-data";
import OIDCAdapterMixin from "ember-simple-auth-oidc/mixins/oidc-adapter-mixin";

export default DS.JSONAPIAdapter.extend(OIDCAdapterMixin, {});


The addon can be configured in the project's environment.js file with the key ember-simple-auth-oidc.

A minimal configuration includes the following options:

// config/environment.js

module.exports = function(environment) {
  let ENV = {
    // ...
    "ember-simple-auth-oidc": {
      host: "http://authorization.server/openid",
      clientId: "test",
      authEndpoint: "/authorize",
      tokenEndpoint: "/token",
      userinfoEndpoint: "/userinfo"
    // ...
  return ENV;

Here is a complete list of all possible config options:

host <String>
A relative or absolute URI of the authorization server.

clientId <String>
The oidc client identifier valid at the authorization server.

authEndpoint <String>
Authorization endpoint at the authorization server.

tokenEndpoint <String>
Token endpoint at the authorization server.

endSessionEndpoint <String> (optional)
End session endpoint at the authorization server. Optional if oidc-end-session-route-mixin is not used.

userinfoEndpoint <String>
Userinfo endpoint at the authorization server.

afterLogoutUri <String> (optional)
A relative or absolute URI to which will be redirected after logout / end session. Optional if oidc-end-session-route-mixin is not used.

scope <String> (optional)
The oidc scope value. Default is openid.

expiresIn <Number> (optional)
Milliseconds after which the token expires. This is only a fallback value if the authorization server does not return a expires_in value. Default is 1 hour.

refreshLeeway <Number> (optional)
Milliseconds before expire time at which the token is refreshed. Default is 30 seconds.

tokenPropertyName <String> (optional)
Name of the property which holds the token in a successful authenticate request. Default is access_token.

authHeaderName <String> (optional)
Name of the authentication header holding the token used in requests. Default is Authorization.

authPrefix <String> (optional)
Prefix of the authentication token. Default is Bearer.

loginHintName <String> (optional)
Name of the login_hint query paramter which is being forwarded to the authorization server if it is present. This option allows overriding the default name login_hint.

amountOfRetries <Number> (optional)
Amount of retries should be made if the request to fetch a new token fails. Default is 3.

retryTimeout <Number> (optional)
Timeout in milliseconds between each retry if a token refresh should fail. Default is 3000.



  • git clone <repository-url>
  • cd ember-simple-auth-oidc
  • yarn install


  • yarn lint:js
  • yarn lint:js --fix

Running tests

  • ember test – Runs the test suite on the current Ember version
  • ember test --server – Runs the test suite in "watch mode"
  • ember try:each – Runs the test suite against multiple Ember versions

Running the dummy application

For more information on using ember-cli, visit https://ember-cli.com/.


This project is licensed under the MIT License.

Current Tags

  • 0.4.2                                ...           latest (a month ago)

10 Versions

  • 0.4.2                                ...           a month ago
  • 0.4.1                                ...           a month ago
  • 0.4.0                                ...           3 months ago
  • 0.3.0                                ...           5 months ago
  • 0.2.0                                ...           8 months ago
  • 0.1.5                                ...           a year ago
  • 0.1.3                                ...           a year ago
  • 0.1.2                                ...           a year ago
  • 0.1.1                                ...           a year ago
  • 0.1.0                                ...           a year ago

Copyright 2014 - 2016 © taobao.org |