feat: azure ad auth (wip)

2019-07-20 00:16:29 -04:00
parent 08fd10603f
commit 9966a97bd3
7 changed files with 122 additions and 41 deletions
--- a/server/modules/authentication/azure/authentication.js
+++ b/server/modules/authentication/azure/authentication.js
@@ -4,23 +4,21 @@
 // Azure AD Account
 // ------------------------------------

-const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy
+const OIDCStrategy = require('passport-azure-ad').OIDCStrategy

 module.exports = {
  init (passport, conf) {
-    const jwt = require('jsonwebtoken')
-    passport.use('azure_ad_oauth2',
-      new AzureAdOAuth2Strategy({
+    passport.use('azure',
+      new OIDCStrategy({
+        identityMetadata: conf.entryPoint,
        clientID: conf.clientId,
-        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL,
-        resource: conf.resource,
-        tenant: conf.tenant
-      }, (accessToken, refreshToken, params, profile, cb) => {
-        console.info(params, profile)
-        let waadProfile = jwt.decode(params.id_token)
-        waadProfile.id = waadProfile.oid
-        waadProfile.provider = 'azure'
+        redirectUrl: conf.callbackURL,
+        responseType: 'id_token',
+        responseMode: 'form_post',
+        scope: ['profile', 'email', 'openid'],
+        allowHttpForRedirectUrl: WIKI.IS_DEBUG
+      }, (iss, sub, profile, cb) => {
+        console.info(iss, sub, profile)
        // WIKI.models.users.processProfile(waadProfile).then((user) => {
        //   return cb(null, user) || true
        // }).catch((err) => {