diff --git a/README.md b/README.md index 21115cc..28ddbce 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ You'll first need to load the module and pass some configuration to the library. import authentication from 'react-azure-adb2c'; authentication.initialize({ // optional, will default to this - instance: 'https://login.microsoftonline.com/tfp/', + instance: 'https://login.microsoftonline.com/tfp/', // your B2C tenant tenant: 'myb2ctenant.onmicrosoft.com', // the policy to use to sign in, can also be a sign up or sign in policy @@ -42,15 +42,17 @@ You'll first need to load the module and pass some configuration to the library. redirectUri: 'http://localhost:3000', // optional, the URI to redirect to after logout postLogoutRedirectUri: 'http://myapp.com' + // optional, when ValidateAuthority is set to false, redirects are allowed to b2clogin.com. + validateAuthority: true }); - + ## Authenticating When The App Starts If you want to set things up so that a user is authenticated as soon as they hit your app (for example if you've got a link to an app from a landing page) then, in index.js, wrap the lines of code that launch the React app with the _authentication.run_ function: authentication.run(() => { ReactDOM.render(, document.getElementById('root')); - registerServiceWorker(); + registerServiceWorker(); }); ## Triggering Authentication Based on Components Mounting (and routing) @@ -62,7 +64,7 @@ If you want to set things up so that a user is authenticated as they visit a par import { BrowserRouter as Router, Route, Switch } from "react-router-dom"; import HomePage from './Homepage' import MembersArea from './MembersArea' - + class App extends Component { render() { return ( diff --git a/lib/react-azure-adb2c.js b/lib/react-azure-adb2c.js index 97cc7bb..28201ca 100644 --- a/lib/react-azure-adb2c.js +++ b/lib/react-azure-adb2c.js @@ -42,7 +42,8 @@ var appConfig = { applicationId: null, cacheLocation: null, redirectUri: null, - postLogoutRedirectUri: null + postLogoutRedirectUri: null, + validateAuthority: null }; function loggerCallback(logLevel, message, piiLoggingEnabled) { @@ -93,6 +94,7 @@ var authentication = { appConfig = config; var instance = config.instance ? config.instance : 'https://login.microsoftonline.com/tfp/'; var authority = '' + instance + config.tenant + '/' + config.signInPolicy; + var validateAuthority = config.validateAuthority !== null || undefined ? config.validateAuthority : true; var scopes = config.scopes; if (!scopes || scopes.length === 0) { console.log('To obtain access tokens you must specify one or more scopes. See https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens'); @@ -103,7 +105,9 @@ var authentication = { new Msal.UserAgentApplication(config.applicationId, authority, authCallback, { logger: logger, cacheLocation: config.cacheLocation, postLogoutRedirectUri: config.postLogoutRedirectUri, - redirectUri: config.redirectUri }); + redirectUri: config.redirectUri, + validateAuthority: validateAuthority + }); }, run: function run(launchApp) { state.launchApp = launchApp; diff --git a/src/react-azure-adb2c.js b/src/react-azure-adb2c.js index 8ec9671..0963dae 100644 --- a/src/react-azure-adb2c.js +++ b/src/react-azure-adb2c.js @@ -9,7 +9,7 @@ const state = { stopLoopingRedirect: false, launchApp: null, accessToken: null, - scopes: [] + scopes: [] } var appConfig = { instance: null, @@ -19,7 +19,8 @@ var appConfig = { applicationId: null, cacheLocation: null, redirectUri: null, - postLogoutRedirectUri: null + postLogoutRedirectUri: null, + validateAuthority: null, }; function loggerCallback(logLevel, message, piiLoggingEnabled) { @@ -35,7 +36,7 @@ function authCallback(errorDesc, token, error, tokenType) { state.stopLoopingRedirect = true; } else { acquireToken(); - } + } } function redirect() { @@ -45,7 +46,7 @@ function redirect() { } function acquireToken(successCallback) { - const localMsalApp = window.msal; + const localMsalApp = window.msal; const user = localMsalApp.getUser(state.scopes); if (!user) { localMsalApp.loginRedirect(state.scopes); @@ -65,7 +66,7 @@ function acquireToken(successCallback) { } }); } - + } const authentication = { @@ -73,28 +74,31 @@ const authentication = { appConfig = config; const instance = config.instance ? config.instance : 'https://login.microsoftonline.com/tfp/'; const authority = `${instance}${config.tenant}/${config.signInPolicy}`; + const validateAuthority = (config.validateAuthority !== null || undefined) ? config.validateAuthority : true let scopes = config.scopes; if (!scopes || scopes.length === 0) { console.log('To obtain access tokens you must specify one or more scopes. See https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens'); state.stopLoopingRedirect = true; - } + } state.scopes = scopes; - + new Msal.UserAgentApplication(config.applicationId, authority, authCallback, { logger: logger, cacheLocation: config.cacheLocation, postLogoutRedirectUri: config.postLogoutRedirectUri, - redirectUri: config.redirectUri } + redirectUri: config.redirectUri, + validateAuthority: validateAuthority, + } ); }, run: (launchApp) => { - state.launchApp = launchApp; + state.launchApp = launchApp; if (!window.msal.isCallback(window.location.hash) && window.parent === window && !window.opener) { if (!state.stopLoopingRedirect) { acquireToken(); - } + } } }, required: (WrappedComponent, renderLoading) => { @@ -112,7 +116,7 @@ const authentication = { this.setState({ signedIn: true }); - }); + }); } render() { @@ -127,4 +131,4 @@ const authentication = { getAccessToken: () => state.accessToken } -export default authentication; \ No newline at end of file +export default authentication;