Skip to content

Commit

Permalink
msal fix
Browse files Browse the repository at this point in the history
  • Loading branch information
xeroxis-xs committed Oct 7, 2024
1 parent e5d9a27 commit 801bc5d
Showing 6 changed files with 23 additions and 119 deletions.
11 changes: 2 additions & 9 deletions src/app/msal/msal-config.ts
Original file line number Diff line number Diff line change
@@ -11,11 +11,7 @@ export const msalConfig = {
clientId,
authority: `https://login.microsoftonline.com/common`,
redirectUri
},
cache: {
cacheLocation: "localStorage", // This configures where your cache will be stored
storeAuthStateInCookie: false // Set this to true if you are having issues on IE11 or Edge
},
}
};

// export const API_SCOPE = "User.ReadBasic.All";
@@ -26,16 +22,13 @@ export const msalConfig = {
* For more information about OIDC scopes, visit:
* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#openid-connect-scopes
*/
export const loginRequest = {
scopes: ["api://778ca789-6293-4ad6-8bae-04fb1a9d9943/.default"]
};

export const userDataLoginRequest = {
scopes: [scope]
};

export const graphLoginRequest = {
scopes: ["User.Read"]
scopes: ["User.Read", "User.ReadBasic.All"], // Graph API scopes
};
/**
* Add here the scopes to request when obtaining an access token for MS Graph API. For more information, see:
34 changes: 14 additions & 20 deletions src/app/msal/msal.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
// msal.ts

import { AuthenticationResult, InteractionRequiredAuthError, PublicClientApplication } from "@azure/msal-browser";
import { msalConfig, loginRequest } from "./msal-config";
import { type AuthenticationResult, InteractionRequiredAuthError, PublicClientApplication } from "@azure/msal-browser";
import { msalConfig, userDataLoginRequest, graphLoginRequest } from "./msal-config";
import { logger } from '@/lib/default-logger';

export const msalInstance = new PublicClientApplication(msalConfig);
@@ -34,21 +34,6 @@ export async function initializeMsal(): Promise<void> {
}
}

// /**
// * Handles the login response.
// */
// export async function handleLoginResponse(loginResponse: AuthenticationResult): Promise<void> {
// const account = loginResponse.account;
// msalInstance.setActiveAccount(account);
// // logger.debug("MSAL: Active account set:", account);
// const token = await getToken();
// if (token) {
// logger.debug("MSAL: Token acquired:", token);
// } else {
// logger.warn("MSAL: No token acquired.");
// }
// }

/**
* Acquires a token silently, or triggers a login if necessary.
*/
@@ -63,7 +48,7 @@ export async function getToken(): Promise<string | null> {
}

const response = await msalInstance.acquireTokenSilent({
...loginRequest,
...userDataLoginRequest,
account: activeAccount,
});
logger.debug("MSAL: Token acquired silently.");
@@ -85,13 +70,22 @@ export async function getToken(): Promise<string | null> {
*/
export async function handleLoginRedirect(): Promise<void> {
try {
await msalInstance.loginRedirect(loginRequest);
await msalInstance.loginRedirect(userDataLoginRequest);
logger.debug("MSAL: Redirecting to login...");
} catch (error) {
logger.error("MSAL: Error during login redirect:", error);
}
}

export async function handleAcquireTokenRedirect(): Promise<void> {
try {
await msalInstance.acquireTokenRedirect(graphLoginRequest);
logger.debug("MSAL: Redirecting to acquire token...");
} catch (error) {
logger.error("MSAL: Error during token acquisition redirect:", error);
}
}

/**
* Handles the logout process.
*/
@@ -103,7 +97,7 @@ export const handleLogout = (logoutType = "redirect"): void => {
} else if (logoutType === "redirect") {
const logoutRequest = {
account: msalInstance.getActiveAccount(),
postLogoutRedirectUri: "/",
postLogoutRedirectUri: "/auth/sign-in",
};
msalInstance.logoutRedirect(logoutRequest).catch((e: unknown) => {
logger.error("MSAL: logoutRedirect failed:", e);
44 changes: 0 additions & 44 deletions src/app/msal/token-fetcher.ts

This file was deleted.

43 changes: 0 additions & 43 deletions src/app/msal/user-helper.ts

This file was deleted.

1 change: 0 additions & 1 deletion src/components/dashboard/layout/main-nav.tsx
Original file line number Diff line number Diff line change
@@ -38,7 +38,6 @@ export function MainNav(): React.JSX.Element {
if (eduquestUser) {
try {
const response = await authClient.getUserPhotoAvatar();
// const response = await getUserPhotoAvatar();
logger.debug("User Avatar: ", response);
if (response === '') {
setShowUserInitials(true);
9 changes: 7 additions & 2 deletions src/lib/auth/client.ts
Original file line number Diff line number Diff line change
@@ -155,11 +155,16 @@ class AuthClient {
...graphLoginRequest,
account: activeAccount,
});
logger.debug("MSAL: Graph API token acquired silently.");
return response.accessToken;
} catch (error) {
if (error instanceof InteractionRequiredAuthError) {
logger.warn('MSAL: Interaction required for Graph API token, redirecting to login.');
await this.signInWithMsal();
logger.error('MSAL: Interaction required for Graph API token, redirecting to login.');
// You might want to use acquireTokenRedirect here instead of login
await msalInstance.acquireTokenRedirect({
...graphLoginRequest,
account: activeAccount,
});
} else {
logger.error('MSAL: Unexpected error acquiring Graph API token silently:', error);
}

0 comments on commit 801bc5d

Please sign in to comment.