Skip to content

Instantly share code, notes, and snippets.

@MarkLeMerise

MarkLeMerise/1 README.md

Last active October 21, 2019 15:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MarkLeMerise/07ad80dd58ae24f5f2f49cabe6a47a50 to your computer and use it in GitHub Desktop.
Save MarkLeMerise/07ad80dd58ae24f5f2f49cabe6a47a50 to your computer and use it in GitHub Desktop.
Download ZIP
Minimal React app with Azure AD authentication using react-adal
Raw
1 README.md

Your Azure AD instance must be configured to redirect any authentication request back to redirect.html upon successful authentication. redirect.html will handle sending the authenticated user to their intended destination.

For example, if an unauthenticated user navigates to "myapp.example/deep/link/to/somewhere/in/your/app", they will be taken through the normal Azure AD login process, sent to redirect.html, then properly routed to the deep link in your app.

This is what my deployable dist directory looks like: dist directory

Raw
authContextPromise.js
import { AuthenticationContext } from "react-adal";
// Our Azure AD keys come from an API so they're easier to adjust without a code change.
// However, they can just as easily be hardcoded to test without the use of a Promise.
export default fetch("/api/settings/auth")
.then(response => response.json())
.then(
config =>
new AuthenticationContext({
cacheLocation: "sessionStorage",
clientId: config.ClientId,
redirectUri: `${window.location.origin}/redirect.html`,
tenant: config.TenantId
})
);
Raw
index.js
// This is the entry point into the application.
// Using react-adal@0.4.22, react@16.8.6
import * as React from "react";
import { runWithAdal } from "react-adal";
import * as ReactDOM from "react-dom";
import authContextPromise from "./auth/authContextPromise";
import App from "./components/App";
authContextPromise.then(authContext => {
runWithAdal(
authContext,
() =>
// Pass the auth context into the app for logging out, user info, etc.
ReactDOM.render(
<App authContext={authContext} />,
document.getElementById("app-mount")
),
false
);
});
Raw
redirect.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Frame Redirect</title>
<script src="https://unpkg.com/adal-angular@1.0.17/dist/adal.min.js"></script>
</head>
<body>
<script>
fetch("/api/settings/auth")
.then(response => response.json())
.then(({ ClientId: clientId }) => {
var authContext = new AuthenticationContext({ clientId });
authContext.handleWindowCallback();
if (window === window.parent) {
window.location.replace(location.origin + location.hash);
}
});
</script>
</body>
</html>
@ChristopherHButler
Copy link

ChristopherHButler commented Oct 7, 2019
edited

Hey Mark,
Sorry for the late response, I've been away for a bit. I just wanted to say a big thank you for taking the time to set this up for me (and I'm sure others), it's greatly appreciated! 🙌🏻

I noticed a few similarities and differences in our code. You seem to be using react-adal while I am using adal-angular. And effectively our redirect.html files are the same with the exception of the if statement... but this adds the token to the url in my case. (localhotst:5000/#id_token=wiufvwrgidoiei...). Is this the intended behaviour?

@MarkLeMerise
Copy link
Author

You're welcome!

The intended behavior is that id_token is in the URL (as the hash) when going to redirect.html, but the adal plugin should then strip it out and redirect to wherever your user was originally going. If you're saying that you see the id_token in your final URL like my.app/users/1#id_token=..., then you may want to debug through redirect.html and see if the if is necessary, since id_token is part of location.hash.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment