OAuth2 API Azure Auth and AuthZ
A node OAuth2 API on Azure Authentication and Authorization Role-Base-Access-Control (RBAC) wrapper providing support for OAuth2 token-based authentication and RBAC authorization scenarios for typescript.
;;;; let app = ;app; // load auth settingsconst authSettings: IAuthSettings ... const passportAuthOptions: IPassportOptions ... // init auth paramsoauth; // init auth middlewareconst authMiddleware = authSettingspassportAuthOptions apiHostname baseApiUrl; // add Auth routesapp = authMiddleware; app; appInstallation
This is a Node.js module available through the npm registry.
Before installing, download and install Node.js. Node.js 0.10 or higher is required.
Installation is done using the
npm install command:
$ npm install oauth2-api-azureBefore beginning, you must configure and register your Web API in your Azure AD subscription. It is also expected that you are a Global Admin on your Azure AD. Follow our Azure AD Configuration Guide for more details.
Then, use our sample projects with your Azure AD settings to run and test your secure Web API.
Features
- Hides complexity of OAuth2 implementation
- Focus on fast get started experience
- Supports interactive (user sign-in) and non-interactive (bearing the JWT token) authentication flow scenarios
- Test coverage
- Proven on multiple customer engagements
Docs & Community
- OAuth2 Azure API Documentation
- Microsoft Azure AD v2 on a new Azure AD 2.0
- OAuth 2.0 for Official OAuth 2.0 documentation
- Azure AD Authentication Libraries
Examples
To view and run the examples, clone the OAuth2-api-azure repo and install the dependencies:
$ git clone https://github.com/Microsoft-Projects/oauth2-api-azure.git --depth 1$ cd oauth2-api-node$ npm install First, you must configure each example, please make sure the .env file exists in each sample directory and contains the valid settings for the following environment variables:
- TENANT_ID="d197a05e-...."
- CLIENT_ID="3d95c..."
- CLIENT_SECRET="LMJ#])?..."
- RESOURCE_ID="0472a9...."
- RBAC_GROUP="API Users" // only required for the authorization flow
- PORT=3000
Authentication Example
To test the OAuth2 authentication scenario, go to the authentication sample folder. Make sure that you've completed the steps for Azure AD app registration shown in AzureADConfigurationGuide document. Create a .env file that should contain the environment variables for your Azure AD. Then install and run in the bash command line:
$ cd examples/authentication$ npm install$ npm startYou can test it from PostMan, Fiddler or any other UI where you could create the GET Http method and obtain the JWT token from Azure AD.
User Authorization (RBAC) Example
To test the Azure AD RBAC authorization scenario, go to the authorization sample folder. Make sure that you've completed the steps for Azure AD app registration shown in AzureADConfigurationGuide document. Create a .env file that should contain the environment variables for your Azure AD. Then install and run in the bash command line:
$ cd examples/authorization$ npm install$ npm startYou can run it any internet browser, by going into the address line and typing the following URL:
http://localhost:3000/api/hello/John If you've configured correctly your Azure AD and provided the valid environment settings, and after signing into your Azure AD with your credentials, you should expect to get the following message back:
Otherwise, if your user isn't member of the AD group specified in the environment variables .env file, or cannot be authenticated with Azure AD, you should expect to get the following message back:
Tests
To run the test suite, first install the dependencies, then run npm test:
$ npm install$ npm testYou can also constantly check for any changes to pass the test by running the following command:
$ npm run watch