Top 10 Examples of "passport-azure-ad in functional component" in JavaScript
Dive into secure and efficient coding practices with our curated list of the top 10 examples showcasing 'passport-azure-ad' in functional components in JavaScript. Our advanced machine learning engine meticulously scans each line of code, cross-referencing millions of open source libraries to ensure your implementation is not just functional, but also robust and secure. Elevate your React applications to new heights by mastering the art of handling side effects, API calls, and asynchronous operations with confidence and precision.
})
azureChaos.factory.Logger.configure({
// tslint:disable-next-line
logImpl: console.log
})
azureChaos.factory.AzureAuthenticator.configure({
msRestImpl: require('ms-rest-azure')
})
const proc = azureChaos.factory.RequestProcessor.create()
const registry = azureChaos.factory.ExtensionRegistry.create()
const app = express()
if (opts && opts.isProd) {
// in production, use Bearer Strategy for auth
passport.use(new BearerStrategy({
audience: opts.authAudience,
clientID: opts.authClientId,
identityMetadata: 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration',
issuer: opts.authIssuer,
loggingLevel: 'error'
}, (token, done) => {
done(null, token)
}))
} else {
// if !isProd the test suite is being run so mock authentication
const mockStrategy = new MockStrategy(
(token, done) => {
if (token === constants.MOCK_TOKEN) {
done(null, {})
} else {
done(null, false, { message: 'bad token' })var options = {
identityMetadata: "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration/",
clientID: "85327f73-fd44-46b9-a159-28544ff72288",
validateIssuer: false,
loggingLevel: 'warn',
passReqToCallback: false
};
// Check for client id placeholder
if (options.clientID === 'YOUR_CLIENT_ID') {
console.error("Please update 'options' with the client id (application id) of your application");
return;
}
var bearerStrategy = new BearerStrategy(options,
function (token, done) {
// Send user info using the second argument
done(null, {}, token);
}
);
var app = express();
app.use(morgan('dev'));
app.use(passport.initialize());
passport.use(bearerStrategy);
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type, Accept");
next();}
// ----------------------------------------------------------------------------
// GitHub Passport session setup.
// ----------------------------------------------------------------------------
let githubOptions = {
clientID: githubAppConfiguration.clientId,
clientSecret: githubAppConfiguration.clientSecret,
callbackURL: undefined,
scope: [],
userAgent: 'passport-azure-oss-portal-for-github' // CONSIDER: User agent should be configured.
};
if (githubAppConfiguration.callbackUrl) {
githubOptions.callbackURL = githubAppConfiguration.callbackUrl;
}
let githubPassportStrategy = new GitHubStrategy(githubOptions, githubResponseToSubset.bind(null, app, modernAppInUse));
let aadStrategy = new OIDCStrategy({
redirectUrl: config.activeDirectory.redirectUrl,
allowHttpForRedirectUrl: config.containers.docker || config.webServer.allowHttp,
realm: config.activeDirectory.tenantId,
clientID: config.activeDirectory.clientId,
clientSecret: config.activeDirectory.clientSecret,
oidcIssuer: config.activeDirectory.issuer,
identityMetadata: 'https://login.microsoftonline.com/' + config.activeDirectory.tenantId + '/.well-known/openid-configuration',
responseType: 'id_token code',
responseMode: 'form_post',
validateIssuer: true,
}, activeDirectorySubset.bind(null, app));
// Patching the AAD strategy to intercept a specific state failure message and instead
// of providing a generic failure message, redirecting (HTTP GET) to the callback page
// where we can offer a more useful message
const originalFailWithLog = aadStrategy.failWithLog;let userHash = require('crypto').createHash('sha256').update(password).digest('base64');
if (user.password !== userHash) {
return cb(null, false, { message: 'Incorrect login' });
}
return cb(null, user);
});
}));
if (process.env.AZURE_IDENTITY_METADATA) {
if (strategyConfig.loggingLevel) { log.levels("console", strategyConfig.loggingLevel); }
// Used by ADFS users
passport.use(new OIDCStrategy(strategyConfig,
function (profile, done) {
// Depending on the type of the account e.g. registered in live.com or kainos.com
// user's email may be returned in "unique_name" field instead of "email"
var email = profile._json.email || profile._json.unique_name
if (!email) {
return done(new Error("No email found"), null);
}
process.nextTick(function () {
// ADFS user's username is set to the email used in the authentication process
users.findByUsername(email, function (err, user) {
if (err) {
return done(err);
}
if (!user) {
registerUserUsingProfileData(profile._json, function (err, user) {for (var i = 0, len = users.length; i < len; i++) {
var user = users[i];
log.info('we are using user: ', user);
if (user.email === email) {
return fn(null, user);
}
}
return fn(null, null);
};
// Use the OIDCStrategy within Passport. (Section 2)
//
// Strategies in passport require a `validate` function, which accept
// credentials (in this case, an OpenID identifier), and invoke a callback
// with a user object.
passport.use(new OIDCStrategy({
callbackURL: config.creds.returnURL,
realm: config.creds.realm,
clientID: config.creds.clientID,
clientSecret: config.creds.clientSecret,
oidcIssuer: config.creds.issuer,
identityMetadata: config.creds.identityMetadata,
skipUserProfile: config.creds.skipUserProfile,
responseType: config.creds.responseType,
responseMode: config.creds.responseMode
},
function(iss, sub, profile, accessToken, refreshToken, done) {
if (!profile.email) {
return done(new Error("No email found"), null);
}
// asynchronous verification, for effect...
process.nextTick(function () {//
// Strategies in passport require a `verify` function, which accepts credentials
// (in this case, the `oid` claim in id_token), and invoke a callback to find
// the corresponding user object.
//
// The following are the accepted prototypes for the `verify` function
// (1) function(iss, sub, done)
// (2) function(iss, sub, profile, done)
// (3) function(iss, sub, profile, access_token, refresh_token, done)
// (4) function(iss, sub, profile, access_token, refresh_token, params, done)
// (5) function(iss, sub, profile, jwtClaims, access_token, refresh_token, params, done)
// (6) prototype (1)-(5) with an additional `req` parameter as the first parameter
//
// To do prototype (6), passReqToCallback must be set to true in the config.
//-----------------------------------------------------------------------------
passport.use(new OIDCStrategy({
identityMetadata: config.creds.identityMetadata,
clientID: config.creds.clientID,
responseType: config.creds.responseType,
responseMode: config.creds.responseMode,
redirectUrl: config.creds.redirectUrl,
allowHttpForRedirectUrl: config.creds.allowHttpForRedirectUrl,
clientSecret: config.creds.clientSecret,
validateIssuer: config.creds.validateIssuer,
isB2C: config.creds.isB2C,
issuer: config.creds.issuer,
passReqToCallback: config.creds.passReqToCallback,
scope: config.creds.scope,
loggingLevel: config.creds.loggingLevel,
nonceLifetime: config.creds.nonceLifetime,
nonceMaxAmount: config.creds.nonceMaxAmount,
useCookieInsteadOfSession: config.creds.useCookieInsteadOfSession,//
// Strategies in passport require a `verify` function, which accepts credentials
// (in this case, the `oid` claim in id_token), and invoke a callback to find
// the corresponding user object.
//
// The following are the accepted prototypes for the `verify` function
// (1) function(iss, sub, done)
// (2) function(iss, sub, profile, done)
// (3) function(iss, sub, profile, access_token, refresh_token, done)
// (4) function(iss, sub, profile, access_token, refresh_token, params, done)
// (5) function(iss, sub, profile, jwtClaims, access_token, refresh_token, params, done)
// (6) prototype (1)-(5) with an additional `req` parameter as the first parameter
//
// To do prototype (6), passReqToCallback must be set to true in the config.
// -----------------------------------------------------------------------------
passport.use(new passportAzureAD.OIDCStrategy({
identityMetadata: config.creds.identityMetadata,
clientID: config.creds.clientID,
responseType: config.creds.responseType as typeof OIDCStrategyTemplate.responseType,
responseMode: config.creds.responseMode as typeof OIDCStrategyTemplate.responseMode,
redirectUrl: config.creds.redirectUrl,
allowHttpForRedirectUrl: config.creds.allowHttpForRedirectUrl,
clientSecret: config.creds.clientSecret,
validateIssuer: config.creds.validateIssuer,
isB2C: config.creds.isB2C,
issuer: config.creds.issuer,
passReqToCallback: false,
scope: config.creds.scope,
loggingLevel: config.creds.logLevel as typeof OIDCStrategyTemplate.loggingLevel,
nonceLifetime: config.creds.nonceLifetime,
nonceMaxAmount: config.creds.nonceMaxAmount,
useCookieInsteadOfSession: config.creds.useCookieInsteadOfSession,// Below is an example after you have the key cert pair:
// const https = require('https');
// const certConfig = {
// key: fs.readFileSync('./utils/cert/server.key', 'utf8'),
// cert: fs.readFileSync('./utils/cert/server.crt', 'utf8')
// };
// const server = https.createServer(certConfig, app);
// authentication setup
var callback = function (iss, sub, profile, accessToken, refreshToken, done) {
done(null, {
profile: profile,
accessToken: accessToken,
refreshToken: refreshToken
});
};
passport.use(new OIDCStrategy(config.creds, callback));
var users = {};
passport.serializeUser(function (user, done) {
var id = uuid.v4();
users[id] = user;
done(null, id);
});
passport.deserializeUser(function (id, done) {
var user = users[id];
done(null, user);
});
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'hbs');
app.use(favicon(path.join(__dirname, 'public', 'img', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());//
// Strategies in passport require a `verify` function, which accepts credentials
// (in this case, the `oid` claim in id_token), and invoke a callback to find
// the corresponding user object.
//
// The following are the accepted prototypes for the `verify` function
// (1) function(iss, sub, done)
// (2) function(iss, sub, profile, done)
// (3) function(iss, sub, profile, access_token, refresh_token, done)
// (4) function(iss, sub, profile, access_token, refresh_token, params, done)
// (5) function(iss, sub, profile, jwtClaims, access_token, refresh_token, params, done)
// (6) prototype (1)-(5) with an additional `req` parameter as the first parameter
//
// To do prototype (6), passReqToCallback must be set to true in the config.
//-----------------------------------------------------------------------------
passport.use(new OIDCStrategy({
identityMetadata: config.creds.identityMetadata,
clientID: config.creds.clientID,
responseType: config.creds.responseType,
responseMode: config.creds.responseMode,
redirectUrl: config.creds.redirectUrl,
allowHttpForRedirectUrl: config.creds.allowHttpForRedirectUrl,
clientSecret: config.creds.clientSecret,
validateIssuer: config.creds.validateIssuer,
isB2C: config.creds.isB2C,
issuer: config.creds.issuer,
passReqToCallback: config.creds.passReqToCallback,
scope: config.creds.scope,
loggingLevel: config.creds.loggingLevel,
nonceLifetime: config.creds.nonceLifetime,
nonceMaxAmount: config.creds.nonceMaxAmount,
useCookieInsteadOfSession: config.creds.useCookieInsteadOfSession,var tenantID = tenantName + ".onmicrosoft.com";
var clientID = "25eef6e4-c905-4a07-8eb4-0d08d5df8b3f";
var policyName = "B2C_1_SUSI";
var domain = tenantName + ".b2clogin.com"
var options = {
identityMetadata: "https://" + domain + "/" + tenantID + "/v2.0/.well-known/openid-configuration/",
clientID: clientID,
policyName: policyName,
isB2C: true,
validateIssuer: true,
loggingLevel: 'info',
passReqToCallback: false
};
var bearerStrategy = new BearerStrategy(options,
function (token, done) {
// Send user info using the second argument
done(null, {}, token);
}
);
var app = express();
app.use(morgan('dev'));
app.use(passport.initialize());
passport.use(bearerStrategy);
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type, Accept");
next();