Private _initializedProtected configProtected isReadonly typeProvider type identifier Must be implemented by concrete providers
Protected userProtected userStatic Readonly PROVIDER_Contains the initial path from window.location.pathname before any work was done by auth services
Contains the initial search/query string from window.location.search before any work was done by auth services
Classify an error into standard error type
Converts provider-specific errors into semantic categories. Eliminates need for consumers to check error.name or error types.
const authError = this.authBase.classifyError(err);
if (authError.type === AuthErrorType.TOKEN_EXPIRED) {
this.showMessage(authError.userMessage);
}
Protected classifyClassify Auth0-specific errors into semantic types
Maps Auth0 error patterns to AuthErrorType enum
Private ensureProtected extractProtected extractExtract complete token info from Auth0
Maps Auth0's token structure to StandardAuthToken
Protected extractExtract user info from Auth0 claims
Maps Auth0's user object structure to StandardUserInfo
Get ID token string (primary token method)
This is the clean abstraction - no provider-specific logic needed!
Replaces the old pattern of: claims?.__raw || claims?.idToken
const token = await this.authBase.getIdToken();
if (token) {
setupGraphQLClient(token, apiUrl);
}
Get profile picture URL from auth provider
Returns the user's profile picture URL if available from the auth provider. This abstracts away provider-specific logic:
Promise resolving to image URL or null if not available
const pictureUrl = await this.authBase.getProfilePictureUrl();
if (pictureUrl) {
this.userAvatar = pictureUrl;
}
Protected getGet complete token information
Returns full token details including expiration and scopes. Use this when you need more than just the token string.
Get user info as Observable stream
Returns standardized user info, hiding provider-specific claim structures. No more need for consumers to merge claims or check provider-specific fields!
Protected handleHandle session expiry - no-op for Auth0
Auth0 uses refresh tokens (offline_access scope), so it doesn't need interactive re-authentication when tokens expire. If refresh fails, the base class will throw an error and the user must log out/in manually.
Protected loginPrivate mapMap Auth0 User object to StandardUserInfo
Refresh authentication token
Attempts to obtain a fresh authentication token using the provider's refresh mechanism. If silent refresh fails due to session expiry, the provider will handle re-authentication automatically (which may involve redirecting to the auth provider's login page).
Returns StandardAuthToken on success, or throws on complete failure.
IMPORTANT: If the provider requires interactive re-authentication (redirect or popup), this method may never return. The app will reload after authentication completes and re-initialize with a fresh token.
Promise resolving to StandardAuthToken or throws on failure
const token = await this.authBase.refreshToken();
return token.idToken; // Always succeeds or throws
Protected refreshRefresh token using Auth0's silent authentication
Uses cacheMode: 'off' to bypass cache and force token refresh With useRefreshTokens: true and offline_access scope, this will use refresh tokens
Protected updateProtected updateUpdate user info
Subclasses should call this when user info is retrieved or updated. This automatically updates the email stream as well.
Static angularFactory function to provide Angular dependencies required by Auth0 Stored as a static property for the factory to access without instantiation
Auth0 authentication provider implementation - v3.0.0
Implements the abstract methods from MJAuthBase to hide Auth0-specific details. The key abstraction is that Auth0 stores the JWT in
idTokenClaims.__raw, but consumers never need to know this detail.