@elanderson
I was happy to find your blog and this project in GitHub.
I'm currently implementing an Angular application that needs to use IdentityServer4 collecting username and password as well as accepting other OIDC providers (in my initial case only Facebook).
It looks like what you've got written almost does all that already (of course, without Facebook and there are several other requirements I'll have to add to IdentityServer but the stub requirements are there).
One of my requirements is to fully understand whatever I implement :-)
So, with that in mind, I wanted to know how the Angular application knows which Url to load a login window on the OIDC provider?
Looking through the code I can see that angular-auth-oidc-client module is included. And that whenever the Angular application calls its login() (in navMenu.component.tst) that it references authService.login which ultimate references oidcSecurityService.authorize()!
Then in oidcSecurityService.authorize() it generates a url by calling createAuthorizeUrl. That url ultimately gets stuffed into a window.location.href which initiates my first question:
Is this a window which triggers a popup akin to the Facebook popup login page?
My last question(s) is about the url itself. When I look at createAuthorizeUrl, the first thing that I notice is that it uses this.authWellKnownEndpoints.authorization_endpoint which I know it is getting from querying IdentityServer ala OIDC discovery protocol.
When I look into IdentityServer, I do not see IdentityServer it defines an actual login page url?
In my own project's .well-known/openid-configuration results, authorization_endpoint contains "http://localhost:5000/connect/authorize" which I assume is a standard address. I've looked around the Config.js of the IdentityServer and this only makes me more perplexed :-) The RedirectUrl of the mvc and ng clients are http://localhost:5002/signin-oidc and http://localhost:5002/callback respectively.
Thanks in advance. Your series is probably been one of the most useful (in the top 3 of the dozens I've reviewed).
Matthew