Add validateAuthority as a property

README.md

@@ -25,7 +25,7 @@ You'll first need to load the module and pass some configuration to the library.
     import authentication from 'react-azure-adb2c';
     authentication.initialize({
         // optional, will default to this
-        instance: 'https://login.microsoftonline.com/tfp/', 
+        instance: 'https://login.microsoftonline.com/tfp/',
         // your B2C tenant
         tenant: 'myb2ctenant.onmicrosoft.com',
         // the policy to use to sign in, can also be a sign up or sign in policy
@@ -42,15 +42,17 @@ You'll first need to load the module and pass some configuration to the library.
         redirectUri: 'http://localhost:3000',
         // optional, the URI to redirect to after logout
         postLogoutRedirectUri: 'http://myapp.com'
+        // optional, when ValidateAuthority is set to false, redirects are allowed to b2clogin.com.
+        validateAuthority: true
     });
-    
+
 ## Authenticating When The App Starts
 
 If you want to set things up so that a user is authenticated as soon as they hit your app (for example if you've got a link to an app from a landing page) then, in index.js, wrap the lines of code that launch the React app with the _authentication.run_ function:
 
     authentication.run(() => {
       ReactDOM.render(<App />, document.getElementById('root'));
-      registerServiceWorker();  
+      registerServiceWorker();
     });
 
 ## Triggering Authentication Based on Components Mounting (and routing)
@@ -62,7 +64,7 @@ If you want to set things up so that a user is authenticated as they visit a par
     import { BrowserRouter as Router, Route, Switch } from "react-router-dom";
     import HomePage from './Homepage'
     import MembersArea from './MembersArea'
-    
+
     class App extends Component {
       render() {
         return (

lib/react-azure-adb2c.js

@@ -42,7 +42,8 @@ var appConfig = {
   applicationId: null,
   cacheLocation: null,
   redirectUri: null,
-  postLogoutRedirectUri: null
+  postLogoutRedirectUri: null,
+  validateAuthority: null
 };
 
 function loggerCallback(logLevel, message, piiLoggingEnabled) {
@@ -93,6 +94,7 @@ var authentication = {
     appConfig = config;
     var instance = config.instance ? config.instance : 'https://login.microsoftonline.com/tfp/';
     var authority = '' + instance + config.tenant + '/' + config.signInPolicy;
+    var validateAuthority = config.validateAuthority !== null || undefined ? config.validateAuthority : true;
     var scopes = config.scopes;
     if (!scopes || scopes.length === 0) {
       console.log('To obtain access tokens you must specify one or more scopes. See https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens');
@@ -103,7 +105,9 @@ var authentication = {
     new Msal.UserAgentApplication(config.applicationId, authority, authCallback, { logger: logger,
       cacheLocation: config.cacheLocation,
       postLogoutRedirectUri: config.postLogoutRedirectUri,
-      redirectUri: config.redirectUri });
+      redirectUri: config.redirectUri,
+      validateAuthority: validateAuthority
+    });
   },
   run: function run(launchApp) {
     state.launchApp = launchApp;

src/react-azure-adb2c.js

@@ -9,7 +9,7 @@ const state = {
   stopLoopingRedirect: false,
   launchApp: null,
   accessToken: null,
-  scopes: []  
+  scopes: []
 }
 var appConfig = {
   instance: null,
@@ -19,7 +19,8 @@ var appConfig = {
   applicationId: null,
   cacheLocation: null,
   redirectUri: null,
-  postLogoutRedirectUri: null
+  postLogoutRedirectUri: null,
+  validateAuthority: null,
 };
 
 function loggerCallback(logLevel, message, piiLoggingEnabled) {
@@ -35,7 +36,7 @@ function authCallback(errorDesc, token, error, tokenType) {
     state.stopLoopingRedirect = true;
   } else {
     acquireToken();
-  }  
+  }
 }
 
 function redirect() {
@@ -45,7 +46,7 @@ function redirect() {
 }
 
 function acquireToken(successCallback) {
-  const localMsalApp = window.msal; 
+  const localMsalApp = window.msal;
   const user = localMsalApp.getUser(state.scopes);
   if (!user) {
     localMsalApp.loginRedirect(state.scopes);
@@ -65,36 +66,39 @@ function acquireToken(successCallback) {
       }
     });
   }
-  
+
 }
 
 const authentication = {
   initialize: (config) => {
     appConfig = config;
     const instance = config.instance ? config.instance : 'https://login.microsoftonline.com/tfp/';
     const authority = `${instance}${config.tenant}/${config.signInPolicy}`;
+    const validateAuthority = (config.validateAuthority !== null || undefined) ? config.validateAuthority : true
     let scopes = config.scopes;
     if (!scopes || scopes.length === 0) {
       console.log('To obtain access tokens you must specify one or more scopes. See https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens');
       state.stopLoopingRedirect = true;
-    }  
+    }
     state.scopes = scopes;
-    
+
     new Msal.UserAgentApplication(config.applicationId,
       authority,
       authCallback,
       { logger: logger,
         cacheLocation: config.cacheLocation,
         postLogoutRedirectUri: config.postLogoutRedirectUri,
-        redirectUri: config.redirectUri }
+        redirectUri: config.redirectUri,
+        validateAuthority: validateAuthority,
+      }
     );
   },
   run: (launchApp) => {
-    state.launchApp = launchApp; 
+    state.launchApp = launchApp;
     if (!window.msal.isCallback(window.location.hash) && window.parent === window && !window.opener) {
       if (!state.stopLoopingRedirect) {
         acquireToken();
-      }    
+      }
     }
   },
   required: (WrappedComponent, renderLoading) =>  {
@@ -112,7 +116,7 @@ const authentication = {
           this.setState({
             signedIn: true
           });
-        });        
+        });
       }
 
       render() {
@@ -127,4 +131,4 @@ const authentication = {
   getAccessToken: () => state.accessToken
 }
 
-export default authentication;
+export default authentication;