UNPKG

@blitzritz/passport-microsoft/lib/strategy.js

Version:

3.71 kBJavaScriptView Raw

1/****************
* IMPORTS
*/
4
5var util = require('util');
6var OAuth2Strategy = require('passport-oauth2');
7var InternalOAuthError = require('passport-oauth2').InternalOAuthError;
8
9/**
* `Strategy` constructor.
*
* The Microsoft authentication strategy authenticates requests by delegating to
* Microsoft using the OAuth 2.0 protocol.
*
* Applications must supply a `verify` callback which accepts an `accessToken`,
* `refreshToken` and service-specific `profile`, and then calls the `done`
* callback supplying a `user`, which should be set to `false` if the
* credentials are not valid.  If an exception occured, `err` should be set.
*
* Options:
*   - `clientId`      	your Microsoft application's client id
*   - `clientSecret`  	your Microsoft application's client secret
*   - `callbackURL`   	URL to which Microsoft will redirect the user after granting authorization in your Microsoft Application
*
* Examples:
*
*     var MicrosoftStrategy = require('passport-microsoft').Strategy;
*
*     passport.use(new MicrosoftStrategy({
*         clientID: '123-456-789',
*         clientSecret: 'shhh-its-a-secret'
*         callbackURL: 'https://www.example.net/auth/microsoft/callback'
*       },
*       function(accessToken, refreshToken, profile, done) {
*         User.findOrCreate(..., function (err, user) {
*           done(err, user);
*         });
*       }
*     ));
*
* @param {Object} options
* @param {Function} verify
* @api public
*/
45
46function MicrosoftStrategy(options, verify) {
options = options || {};
const tenant = options.tenant || 'common';
options.authorizationURL = options.authorizationURL || `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize`;
options.tokenURL = options.tokenURL || `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/token`;
options.scopeSeparator = options.scopeSeparator || ' ';
options.customHeaders = options.customHeaders || {};
53
OAuth2Strategy.call(this, options, verify);
this.name = 'microsoft';
56}
57
58/**
* Inherit from `OAuth2Strategy`.
*/
61
62util.inherits(MicrosoftStrategy, OAuth2Strategy);
63
64/**
* Retrieve user profile from Microsoft Graph.
*
* This function constructs a normalized profile, with the following properties:
*
*   - `provider`         always set to `microsoft`
*   - `id`
*   - etc..
*
* @param {String} accessToken
* @param {Function} done
* @api protected
*/
77
78MicrosoftStrategy.prototype.authorizationParams = function(options) {
var params = {};

['locale', 'display', 'prompt', 'login_hint', 'domain_hint'].forEach(function(name) {
  if (options[name]) {
    params[name] = options[name];
  }
});
86
return params;
88};
89
90MicrosoftStrategy.prototype.userProfile = function (accessToken, done) {
91
this._oauth2.useAuthorizationHeaderforGET(true);
this._oauth2.get(
  'https://graph.microsoft.com/v1.0/me/',
  accessToken,
  // eslint-disable-next-line no-unused-vars
  function (err, body, res) {
98
    if (err) {
      return done(new InternalOAuthError('failed to fetch user profile', err));
    }
    try {
      var json = JSON.parse(body);
104
      var profile = {
        provider: 'microsoft',
        name: {}
      };
      profile.id = json.id;
      profile.displayName = json.displayName;
      profile.name.familyName = json.surname;
      profile.name.givenName = json.givenName;
      profile.emails = [{ type: 'work', value: json.mail || json.userPrincipalName }];
114
      profile._raw = body;
      profile._json = json;
117
      done(null, profile);
    }
    catch (e) {
      done(e);
    }
  }
);
125};
126
127/**
* Expose `Strategy`.
*/
130
131module.exports = MicrosoftStrategy;

1	`/****************`
2	`* IMPORTS`
3	`*/`
4
5	`var util = require('util');`
6	`var OAuth2Strategy = require('passport-oauth2');`
7	`var InternalOAuthError = require('passport-oauth2').InternalOAuthError;`
8
9	`/**`
10	* `Strategy` constructor.
11	`*`
12	`* The Microsoft authentication strategy authenticates requests by delegating to`
13	`* Microsoft using the OAuth 2.0 protocol.`
14	`*`
15	* Applications must supply a `verify` callback which accepts an `accessToken`,
16	* `refreshToken` and service-specific `profile`, and then calls the `done`
17	* callback supplying a `user`, which should be set to `false` if the
18	* credentials are not valid. If an exception occured, `err` should be set.
19	`*`
20	`* Options:`
21	* - `clientId` your Microsoft application's client id
22	* - `clientSecret` your Microsoft application's client secret
23	* - `callbackURL` URL to which Microsoft will redirect the user after granting authorization in your Microsoft Application
24	`*`
25	`* Examples:`
26	`*`
27	`* var MicrosoftStrategy = require('passport-microsoft').Strategy;`
28	`*`
29	`* passport.use(new MicrosoftStrategy({`
30	`* clientID: '123-456-789',`
31	`* clientSecret: 'shhh-its-a-secret'`
32	`* callbackURL: 'https://www.example.net/auth/microsoft/callback'`
33	`* },`
34	`* function(accessToken, refreshToken, profile, done) {`
35	`* User.findOrCreate(..., function (err, user) {`
36	`* done(err, user);`
37	`* });`
38	`* }`
39	`* ));`
40	`*`
41	`* @param {Object} options`
42	`* @param {Function} verify`
43	`* @api public`
44	`*/`
45
46	`function MicrosoftStrategy(options, verify) {`
47	`options = options \|\| {};`
48	`const tenant = options.tenant \|\| 'common';`
49	options.authorizationURL = options.authorizationURL \|\| `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize`;
50	options.tokenURL = options.tokenURL \|\| `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/token`;
51	`options.scopeSeparator = options.scopeSeparator \|\| ' ';`
52	`options.customHeaders = options.customHeaders \|\| {};`
53
54	`OAuth2Strategy.call(this, options, verify);`
55	`this.name = 'microsoft';`
56	`}`
57
58	`/**`
59	* Inherit from `OAuth2Strategy`.
60	`*/`
61
62	`util.inherits(MicrosoftStrategy, OAuth2Strategy);`
63
64	`/**`
65	`* Retrieve user profile from Microsoft Graph.`
66	`*`
67	`* This function constructs a normalized profile, with the following properties:`
68	`*`
69	* - `provider` always set to `microsoft`
70	* - `id`
71	`* - etc..`
72	`*`
73	`* @param {String} accessToken`
74	`* @param {Function} done`
75	`* @api protected`
76	`*/`
77
78	`MicrosoftStrategy.prototype.authorizationParams = function(options) {`
79	`var params = {};`
80
81	`['locale', 'display', 'prompt', 'login_hint', 'domain_hint'].forEach(function(name) {`
82	`if (options[name]) {`
83	`params[name] = options[name];`
84	`}`
85	`});`
86
87	`return params;`
88	`};`
89
90	`MicrosoftStrategy.prototype.userProfile = function (accessToken, done) {`
91
92	`this._oauth2.useAuthorizationHeaderforGET(true);`
93	`this._oauth2.get(`
94	`'https://graph.microsoft.com/v1.0/me/',`
95	`accessToken,`
96	`// eslint-disable-next-line no-unused-vars`
97	`function (err, body, res) {`
98
99	`if (err) {`
100	`return done(new InternalOAuthError('failed to fetch user profile', err));`
101	`}`
102	`try {`
103	`var json = JSON.parse(body);`
104
105	`var profile = {`
106	`provider: 'microsoft',`
107	`name: {}`
108	`};`
109	`profile.id = json.id;`
110	`profile.displayName = json.displayName;`
111	`profile.name.familyName = json.surname;`
112	`profile.name.givenName = json.givenName;`
113	`profile.emails = [{ type: 'work', value: json.mail \|\| json.userPrincipalName }];`
114
115	`profile._raw = body;`
116	`profile._json = json;`
117
118	`done(null, profile);`
119	`}`
120	`catch (e) {`
121	`done(e);`
122	`}`
123	`}`
124	`);`
125	`};`
126
127	`/**`
128	* Expose `Strategy`.
129	`*/`
130
131	`module.exports = MicrosoftStrategy;`