Nico Sabena nicosabena
nicosabena
/ azure-ad-groups-with-client-credentials.js
Created
July 6, 2018 14:55
Auth0 rule to retrieve Azure AD groups on login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This rule will get the groups for users coming from Azure AD | |
| // Auth0 already has the option to do that, but it (currently) won't work | |
| // if the user is coming from a different directory than the directory | |
| // where the app is registered (this can happen with multi-tenant apps). | |
| // This is a variation that gets an access token for Azure AD using the | |
| // client-credential grants instead of using the access token given to the user. | |
| // It's useful if a new access token from Azure AD is not obtained every time the rule runs, | |
| // or if WS-Federation is used instead of OIDC. | |
| // | |
| // After the rule runs, you will have the 'groups' property in the user |
nicosabena
/ azure-ad-groups.js
Last active
March 3, 2022 18:48
Auth0 rule to get user groups from Azure AD
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This rule will get the groups for users coming from Azure AD | |
| // Auth0 already has the option to do that, but it (currently) won't work | |
| // if the user is coming from a different directory than the directory | |
| // where the app is registered (this can happen with multi-tenant apps). | |
| // It uses the access_token provided by Azure AD, so this needs | |
| // the 'Open ID Connect' protocol selected in the Azure AD connection. | |
| // | |
| // After the rule runs, you will have the 'groups' property in the user | |
| // that you can use to add custom claims to the id_token. | |
| // |
nicosabena
/ redirect-rule.js
Last active
September 2, 2020 20:08
Redirect rule + webtask to do a reCaptcha after authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| // this rule requires the following configuration values: | |
| // CAPTCHA_SECRET: a 32 bytes string that will be the shared secret between | |
| // the rule and the webtask | |
| // AUTH0_DOMAIN: your auth0 domain (e.g. account.auth0.com) | |
| // CAPTCHA_REDIRECT: the URL for the webtask that will show and process CAPTCHA | |
| // Put a specific client ID if you dont want CAPTCHA for every client | |
| // if (context.clientID !== '[your client id]') |
nicosabena
/ Startup-for-OIDC-HS256.cs
Last active
October 28, 2016 12:07
ASP.Net Core startup settings for Auth0 OIDC with HS256 signed tokens
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using Microsoft.AspNetCore.Authentication.Cookies; | |
| using Microsoft.AspNetCore.Builder; | |
| using Microsoft.AspNetCore.Hosting; | |
| using Microsoft.AspNetCore.Http; | |
| using Microsoft.Extensions.Configuration; | |
| using Microsoft.Extensions.DependencyInjection; | |
| using Microsoft.Extensions.Logging; | |
| using Microsoft.Extensions.Options; | |
| using Microsoft.IdentityModel.Tokens; |
NewerOlder