working on callback, which will send the idp to the callback url to trade it for an application jwt.

frontend/src/app/app-routing.module.ts

@@ -15,7 +15,9 @@ import {EncryptionManagerComponent} from './pages/encryption-manager/encryption-
 const routes: Routes = [
 
   { path: 'auth/signin', component: AuthSigninComponent },
+  { path: 'auth/signin/callback/:idp_type', component: AuthSigninComponent },
   { path: 'auth/signup', component: AuthSignupComponent },
+  { path: 'auth/signup/callback/:idp_type', component: AuthSignupComponent },
 
   { path: '', redirectTo: '/dashboard', pathMatch: 'full' },
   { path: 'dashboard', component: DashboardComponent, canActivate: [ IsAuthenticatedAuthGuard, EncryptionEnabledAuthGuard] },

frontend/src/app/pages/auth-signin/auth-signin.component.ts

@@ -1,11 +1,12 @@
 import {Component, OnInit} from '@angular/core';
 import {User} from '../../../lib/models/fasten/user';
 import {FastenDbService} from '../../services/fasten-db.service';
-import {Router} from '@angular/router';
+import {ActivatedRoute, Router} from '@angular/router';
 import {ToastService} from '../../services/toast.service';
 import {ToastNotification, ToastType} from '../../models/fasten/toast';
 import {environment} from '../../../environments/environment';
 import {AuthService} from '../../services/auth.service';
+import {Location} from '@angular/common';
 
 @Component({
   selector: 'app-auth-signin',
@@ -18,9 +19,25 @@ export class AuthSigninComponent implements OnInit {
   errorMsg: string = ""
   showExternalIdP: boolean = environment.is_cloud
 
-  constructor(private fastenDb: FastenDbService, private authService: AuthService,  private router: Router, private toastService: ToastService) { }
+  constructor(
+    private fastenDb: FastenDbService,
+    private authService: AuthService,
+    private router: Router,
+    private route: ActivatedRoute,
+    private location: Location,
+    private toastService: ToastService,
+  ) { }
 
   ngOnInit(): void {
+
+    const idpType = this.route.snapshot.paramMap.get('idp_type')
+    if(idpType){
+      const params = new URLSearchParams(window.location.hash.substring(1))
+      const idToken = params.get('id_token') // eyJhbGciOiJSUzI1...rest_of_ID_Token
+      this.resetUrlOnCallback()
+      this.authService.IdpCallback(idpType, idToken).then(console.log)
+    }
+
   }
 
   signinSubmit(){
@@ -34,15 +51,24 @@ export class AuthSigninComponent implements OnInit {
         } else{
           this.errorMsg = "an unknown error occurred during sign-in"
         }
-        const toastNotificaiton = new ToastNotification()
+        const toastNotification = new ToastNotification()
-        toastNotificaiton.type = ToastType.Error
+        toastNotification.type = ToastType.Error
-        toastNotificaiton.message = this.errorMsg
+        toastNotification.message = this.errorMsg
-        this.toastService.show(toastNotificaiton)
+        this.toastService.show(toastNotification)
       })
   }
 
+  resetUrlOnCallback(){
+    //reset the url, removing the params and fragment from the current url.
+    const urlTree = this.router.createUrlTree(["/auth/signin"],{
+      relativeTo: this.route,
+    });
+    this.location.replaceState(urlTree.toString());
+  }
+
   idpConnectHello($event){
-    this.authService.Connect('hello')
+
+    this.authService.IdpConnect('hello')
       .then(console.log)
   }
 }

frontend/src/app/services/auth.service.ts

@@ -15,21 +15,29 @@ export class AuthService {
   }
 
 
-  /**
+  public async IdpConnect(idp_type: string) {
-   * Signup  (and Signin) both require an "online" user.
-   * @param newUser
-   * @constructor
-   */
-  public async Connect(idpType: string) {
     console.log("Connecting to external Idp")
 
     let fastenApiEndpointBase = GetEndpointAbsolutePath(globalThis.location,environment.fasten_api_endpoint_base)
 
-    let resp = await this._httpClient.get<ResponseWrapper>(`${fastenApiEndpointBase}/auth/connect/${idpType}`).toPromise()
+    let resp = await this._httpClient.get<ResponseWrapper>(`${fastenApiEndpointBase}/auth/connect/${idp_type}`).toPromise()
     console.log(resp)
 
     const authorizeUrl = new URL(resp.data)
-    authorizeUrl.searchParams.append('redirect_uri', window.location.href); //only auth/signup and /auth/signin urls are allowed
+    authorizeUrl.searchParams.append('redirect_uri', window.location.href + '/callback/'+ idp_type ); //only auth/signup and /auth/signin urls are allowed
     window.location.href = authorizeUrl.toString();
   }
+
+  public async IdpCallback(idp_type: string, id_token: string) {
+
+    var payload = {
+      id_token: id_token
+    }
+
+    let fastenApiEndpointBase = GetEndpointAbsolutePath(globalThis.location,environment.fasten_api_endpoint_base)
+
+    let resp = await this._httpClient.post<ResponseWrapper>(`${fastenApiEndpointBase}/auth/callback/${idp_type}`, payload).toPromise()
+    console.log(resp)
+
+  }
 }