bitflower/authentication.ts

## authentication.ts
let moduleExports = (app: Application) => {
  const authentication = new AuthenticationService(app);

  // authentication.register('jwt', new JWTStrategy());
  // authentication.register('local', new LocalStrategy());
  // authentication.register('google', new GoogleStrategy());
  authentication.register('microsoft', new MicrosoftStrategy()); // TODO: Let add from the cloud-app?

  // authentication.register('microsoft', new OidcStrategy());

  app.use('/authentication', authentication);
  app.configure(expressOauth());

};

## custom-strategy.ts
import { getUuid } from '@case-os/commons';
import { AuthenticationRequest } from '@feathersjs/authentication';
import { OAuthStrategy } from '@feathersjs/authentication-oauth';
import { Params } from '@feathersjs/feathers';

import { User } from '../interfaces';

import { GoogleOAuthProfile } from './google.interface';

export class MicrosoftStrategy extends OAuthStrategy {
  // Overwrite `authenticate to return OIDC accessToken`
  async authenticate(
    authentication: AuthenticationRequest,
    originalParams: Params
  ) {
    const entity: string = this.configuration.entity;
    const { provider, ...params } = originalParams;
    const profile = await this.getProfile(authentication, params);
    const existingEntity =
      (await this.findEntity(profile, params)) ||
      (await this.getCurrentEntity(params));

    const authEntity = !existingEntity
      ? await this.createEntity(profile, params)
      : await this.updateEntity(existingEntity, profile, params);

    return {
      accessToken: authentication.raw.id_token, // the id-token taken from here works for the external API when used in Postman
      authentication: { strategy: this.name },
      [entity]: await this.getEntity(authEntity, originalParams)
    };
  }

  async getEntityData(profile: GoogleOAuthProfile, existingEntity, params) {
    // this will set 'microsoftId' => returns { microsoftId: <idFromProfile>}
    const baseData = await super.getEntityData(profile, existingEntity, params);

    const { mail, givenName, surname, userPrincipalName } = profile;

    const user: User = {
      ...baseData,
      email: mail,
      password: getUuid(),
      username: mail,
      isVerified: true,
      name: {
        first: givenName,
        last: surname
      }
    };

    return user;
  }
}

## default.json
  "authentication": {
    "authStrategies": ["microsoft"],
    "entity": "user",
    "service": "users",
    "secret": "...",
    "jwtOptions": {
      "header": { "typ": "access" },
      "audience": "https://yourdomain.com",
      "issuer": "CaseOS",
      "algorithm": "HS256",
      "expiresIn": "2h"
    },
    "oauth": {
      "redirect": "http://localhost:4200/",
      "microsoft": {
        "authorize_url": "https://login.microsoftonline.com/<MY-PARTNERS-HANDLE>/oauth2/v2.0/authorize",
        "access_url": "https://login.microsoftonline.com/<MY-PARTNERS-HANDLE>/oauth2/v2.0/token",
        "client_id": "...",
        "secret": "...",
        "scope": ["openid", "profile"],
        "nonce": true
      }
    }
  }
	let moduleExports = (app: Application) => {
	const authentication = new AuthenticationService(app);

	// authentication.register('jwt', new JWTStrategy());
	// authentication.register('local', new LocalStrategy());
	// authentication.register('google', new GoogleStrategy());
	authentication.register('microsoft', new MicrosoftStrategy()); // TODO: Let add from the cloud-app?

	// authentication.register('microsoft', new OidcStrategy());

	app.use('/authentication', authentication);
	app.configure(expressOauth());

	};
	import { getUuid } from '@case-os/commons';
	import { AuthenticationRequest } from '@feathersjs/authentication';
	import { OAuthStrategy } from '@feathersjs/authentication-oauth';
	import { Params } from '@feathersjs/feathers';

	import { User } from '../interfaces';

	import { GoogleOAuthProfile } from './google.interface';

	export class MicrosoftStrategy extends OAuthStrategy {
	// Overwrite `authenticate to return OIDC accessToken`
	async authenticate(
	authentication: AuthenticationRequest,
	originalParams: Params
	) {
	const entity: string = this.configuration.entity;
	const { provider, ...params } = originalParams;
	const profile = await this.getProfile(authentication, params);
	const existingEntity =
	(await this.findEntity(profile, params)) \|\|
	(await this.getCurrentEntity(params));

	const authEntity = !existingEntity
	? await this.createEntity(profile, params)
	: await this.updateEntity(existingEntity, profile, params);

	return {
	accessToken: authentication.raw.id_token, // the id-token taken from here works for the external API when used in Postman
	authentication: { strategy: this.name },
	[entity]: await this.getEntity(authEntity, originalParams)
	};
	}

	async getEntityData(profile: GoogleOAuthProfile, existingEntity, params) {
	// this will set 'microsoftId' => returns { microsoftId: <idFromProfile>}
	const baseData = await super.getEntityData(profile, existingEntity, params);

	const { mail, givenName, surname, userPrincipalName } = profile;

	const user: User = {
	...baseData,
	email: mail,
	password: getUuid(),
	username: mail,
	isVerified: true,
	name: {
	first: givenName,
	last: surname
	}
	};

	return user;
	}
	}
	"authentication": {
	"authStrategies": ["microsoft"],
	"entity": "user",
	"service": "users",
	"secret": "...",
	"jwtOptions": {
	"header": { "typ": "access" },
	"audience": "https://yourdomain.com",
	"issuer": "CaseOS",
	"algorithm": "HS256",
	"expiresIn": "2h"
	},
	"oauth": {
	"redirect": "http://localhost:4200/",
	"microsoft": {
	"authorize_url": "https://login.microsoftonline.com/<MY-PARTNERS-HANDLE>/oauth2/v2.0/authorize",
	"access_url": "https://login.microsoftonline.com/<MY-PARTNERS-HANDLE>/oauth2/v2.0/token",
	"client_id": "...",
	"secret": "...",
	"scope": ["openid", "profile"],
	"nonce": true
	}
	}
	}