Getting Started

Introduction

Welcome to Nuxt OIDC Auth

Welcome to Nuxt OIDC Auth, a Nuxt module focusing on native OIDC (OpenID Connect) based authentication for Nuxt with a high level of customizability and security for SSR applications. This module doesn't use any external dependencies outside of the unjs ecosystem except for token validation (the well known and tested jose library for JWT interactions). This module's session implementation is based on nuxt-auth-utils.

This module and it's authors are in no way or form connected to the OpenID Foundation (OIDF). More

Nuxt OIDC Auth Features

🔒  Secure

  • Session expiration check based on token expiration
  • Automatic session renewal based on token expiration and refresh tokens
  • Secured & sealed cookies sessions
  • Access and ID token cryptographic validation (if supported by provider)
  • Encrypted server side refresh/access token storage powered Nitro storage layer

⚙️  Nuxt integrated

  • Global middleware with automatic redirection to default provider or custom login page
  • useOidcAuth composable for getting the user information, logging in and out, refetching the current session and triggering a token refresh
  • Server side session and middleware integration

📝  Compatible

  • Generic spec compatible OpenID connect provider with fully configurable OIDC flow (state, nonce, PKCE, token request, ...)
  • Presets for popular OIDC providers
  • Multi provider support with auto registered routes (/auth/<provider>/login, /auth/<provider>/logout, /auth/<provider>/callback)

Recent breaking changes

Since 0.16.0, the data from the providers userInfo endpoint is written into userInfo on the user object instead of providerInfo. Please adjust your nuxt.config.ts and .env/environment files and configurations accordingly. If you are using the user object from the useOidcAuth composable change the access to providerInfo to userInfo.

Disclaimer

OpenID Connect

This project and its authors are not affiliated with, endorsed by, or in any way officially connected with the OpenID Foundation (OIDF) or any of its subsidiaries or affiliates. Any references to OpenID or the OpenID Foundation are purely for descriptive purposes, and the use of their name does not imply any form of association or endorsement.

Furthermore, the logo and branding used in this project are the property of the authors and are not derived from or related to any logos or trademarks of the OpenID Foundation. All rights to the project logo are owned exclusively by the authors.

Status

This module is still in development, feedback and contributions are welcome! Use at your own risk.


Copyright © 2024