Skip to content
oidc-js

AuthController

AuthController is a Lit ReactiveController that manages OIDC authentication state. It wraps OidcClient and integrates with Lit’s reactive update lifecycle, calling host.requestUpdate() when the authentication state changes.

Installation

Section titled “Installation”
Terminal window
npm install oidc-js-lit

Usage

Section titled “Usage”
import { LitElement, html } from "lit";
import { AuthController } from "oidc-js-lit";


class MyApp extends LitElement {
  private auth = new AuthController(this, {
    config: {
      issuer: "https://auth.example.com",
      clientId: "my-app",
      redirectUri: "http://localhost:3000/callback",
      scopes: ["openid", "profile", "email"],
    },
  });


  render() {
    if (this.auth.isLoading) return html`<p>Loading...</p>`;
    if (!this.auth.isAuthenticated)
      return html`<button @click=${() => this.auth.login()}>Log in</button>`;
    return html`
      <p>Hello, ${this.auth.user?.claims.sub}</p>
      <button @click=${() => this.auth.logout()}>Log out</button>
    `;
  }
}


customElements.define("my-app", MyApp);

Constructor options

Section titled “Constructor options”
OptionTypeDefaultDescription
configOidcConfigrequiredOIDC configuration (issuer, clientId, redirectUri, etc.)
fetchProfilebooleantrueWhether to fetch the UserInfo endpoint after login
onLogin(returnTo: string) => void-Called after successful login with the URL to restore
onError(error: Error) => void-Called when an error occurs during initialization

Properties

Section titled “Properties”
PropertyTypeDescription
userAuthUser | nullThe authenticated user (claims + profile)
isAuthenticatedbooleanWhether the user is logged in
isLoadingbooleanWhether initialization is in progress
errorError | nullThe most recent auth error
tokensAuthTokensCurrent access, id, and refresh tokens
configOidcConfigThe OIDC configuration

Methods

Section titled “Methods”
MethodDescription
login(options?)Redirect to IdP login. Options: returnTo, extraParams
logout()Clear state and redirect to IdP logout endpoint
refresh()Exchange refresh token for new tokens
fetchProfile()Fetch the UserInfo endpoint and update user.profile

Lifecycle

Section titled “Lifecycle”

The controller hooks into Lit’s element lifecycle automatically:

  • hostConnected - Creates the OidcClient, subscribes to state changes, and calls init()
  • hostDisconnected - Unsubscribes and destroys the client