Skip to content

Latest commit

 

History

History
216 lines (154 loc) · 11.3 KB

README.md

File metadata and controls

216 lines (154 loc) · 11.3 KB
page_type languages products description urlFragment
sample
javascript
typescript
angular
azure-active-directory-b2c
An Azure AD B2C single-page application calling a web api using MSAL-Angular for authentication.
active-directory-b2c-javascript-angular-spa

Single-Page Application built on MSAL.js with Azure AD B2C

Warning: Silent renewing of access tokens is not supported by all social identity providers.

This sample demonstrates how to use the Microsoft Authentication Library for JavaScript (msal.js) to get an access token and call an API secured by Azure AD B2C.

Contents

File/folder Description
e2e End-to-end test files.
src Sample source code.
src/app/app-config.ts Contains authentication and authorization configuration parameters.
.editorconfig Defines editor config settings.
.gitignore Define what to ignore at commit time.
angular.json Angular configuration file.
browserslist BrowsersList configuration file.
CHANGELOG.md List of changes to the sample.
CODE_OF_CONDUCT.md Code of Conduct information.
CONTRIBUTING.md Guidelines for contributing to the sample.
karma.conf.js Configuration for the karma test runner.
LICENSE The license for the sample.
NG_README.md README auto-generated by the Angular CLI.
package-lock.json Lockfile for npm.
package.json Package manifest for npm.
README.md This README file.
SECURITY.md Security disclosures.
tsconfig.*.json TypeScript configuration files.
tslint.json TS Lint configuration files.

How to run this sample

There are two ways to run this sample:

  1. Using the demo environment - The sample is already configured to use a demo environment and can be run simply by downloading this repository and running the app on your machine. See steps below for Running with demo environment.
  2. Using your own Azure AD B2C tenant - If you would like to use your own Azure AD B2C configuration, follow the steps listed below for using your own Azure AD B2C tenant.

Using the demo environment

This sample demonstrates how to sign in or sign up for an account at "Fabrikam B2C" - the demo environment for this sample. Once signed-in, clicking on the Call Web API button shows the display name you used when you created your account.

Step 1: Clone or download this repository

From your shell or command line:

git clone https://github.com/Azure-Samples/active-directory-b2c-javascript-angular-spa.git

Step 2: Run the application

Make sure you've installed Node.

From your shell or command line:

cd active-directory-b2c-javascript-angular-spa
npm install && npm update
npm start

The console window shows the port number for the web application

Listening on port 8080...

You can visit http://localhost:8080 and perform the following actions:

  1. Click the Login button to start the Azure AD B2C sign in or sign up workflow.
  2. Once signed in, you can click the Call Web API button to have your display name returned from the Web API call as a JSON object.
  3. Click Logout to logout from the application.

Using your own Azure AD B2C Tenant

In the previous section, you learned how to run the sample application using the demo environment. In this section, you'll learn how to configure this single page application sample and the related Node.js Web API with Azure AD B2C sample to work with your own Azure AD B2C Tenant. This will be covered in two parts.

PART I: Configure the API

How to setup and register the Node.js Web API sample

Follow the instructions on the Node.js Web API with Azure AD B2C sample. Once you are done, you should have a Node.js web API running on the port 5000. While it runs, continue with Part II below.

PART II: Configure the Client

Step 1: Register your own Web Application with Azure AD B2C

Next, you need to register your single page application in your B2C tenant.

Provide the following values for the Single Page Application registration:

  • Provide a descriptive Name for the single page application, for example, My Test SPA. You will identify this application by its Name whenever working in the Azure portal.
  • Mark Yes for the Web App/Web API setting for your application.
  • Set the Reply URL for your app, for example http://localhost:8080. The sample provided in this repository is configured to run on port 8080.
  • Create the application.
  • Once the application is created, open your My Test SPA and open the API Access window (in the left nav menu). Click Add and select the name of the Node.js Web API you registered previously, My Test Node.js Web API. Select the scope(s) you defined previously, for example, demo.read and hit Save.

Step 2: Configure the sample code to use your Azure AD B2C tenant

Now in the sample code, you can replace the single page application's demo environment configuration with your own tenant.

  1. Open the src/app/app-config.ts file.
  2. Find the assignment for clientId and replace the value with the Application ID for the single page application you registered earlier, for example the Application ID found in My Test SPA application in the Azure portal.
  3. Find the assignment for authority and replacing b2c_1_susi with the name of the policy you created in Step 2, and fabrikamb2c.onmicrosoft.com by the name of your Azure AD B2C tenant, for example https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-sign-in-sign-up-policy>
  4. Find the assignment for redirectUri replacing the URL with redirect uri you that you assigned on Azure Portal>Authentication.
  5. Find the assignment for the scopes b2cScopes replacing the URL with the scope URL you created for the Web API, e.g. b2cScopes: ["https://<your-tenant-name>.onmicrosoft.com/helloapi/demo.read"]
  6. Find the assignment for API URL webApi replacing the current URL with the URL where you deployed your Web API, e.g. webApi: "http://localhost:5000/hello"

Your resulting code should look as follows:

const apiConfig = {
  b2cScopes: ["https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read"],
  webApi: "http://localhost:5000/hello"
};
const msalConfig = {
  auth: {
    clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902",
    authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/b2c_1_susi",
    validateAuthority: false,
    redirectUri: "http://localhost:8080/",
  },
  cache: {
    cacheLocation: "localStorage",
    storeAuthStateInCookie: true
  }
};

const loginRequest = {
  scopes: ["openid", "profile"],
};

const tokenRequest = {
  scopes: ["https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read"]
};

Step 3: Run the sample

  1. Install the node dependencies if this is your first time running the app (e.g. if you skipped running in the demo environment):

    cd active-directory-b2c-javascript-angular-spa
npm install && npm update

  2. Run the Web application:

    npm start

  3. Go to http://localhost:8080.

  4. Click the login button at the top of the application screen. The sample works exactly in the same way regardless of the account type you choose, apart from some visual differences in the authentication and consent experience. Upon successful sign in, the application screen will show buttons that allow you to call an API and sign out.

  5. Click on the Call Web API and see the textual representation of the JSON object that is returned. Make sure your Node.js Web API sample is still running on port 5000.

  6. Sign out by clicking the Logout button.

Optional

More information

For more information on Azure B2C, see:

Community Help and Support

We use Stack Overflow with the msal and azure-ad-b2c tags to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [msal.js].

If you find and bug or have a feature request, please raise the issue on GitHub Issues.

To provide a recommendation, visit our Feedback Forum.

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.