Hi I am working on implementation of authentication and authorization for my client SPA application and .Net core back end API application. I have registred two application in azure ad for SPA and API app. I am able to get the token using Postman as below.
I am able to get the token with required details. Now I am trying same thing in front end react app. I am using react adal library.
I have below code to get token
/* istanbul ignore file */
import { adalGetToken, AuthenticationContext, UserInfo } from 'react-adal';
import { UserProfile } from '../common/models/userProfile';
class AdalContext {
private authContext: AuthenticationContext | any;
private appId: string = '';
private endpoints: any;
public initializeAdal(adalConfig: any) {
debugger;
this.authContext = new AuthenticationContext(adalConfig);
this.appId = adalConfig.clientId;
this.endpoints = adalConfig.endpoints.api;
}
get AuthContext() {
return this.authContext;
}
public getToken(): Promise<string | void | null> {
debugger;
return adalGetToken(this.authContext, this.appId, this.endpoints).catch((error: any) => {
if (error.msg === 'login_required' || error.msg === 'interaction_required') {
this.authContext.login();
}
});
}
public acquireToken(callback: Function) {
let user = this.AuthContext.getCachedUser();
if (user) {
this.authContext.config.extraQueryParameter = 'login_hint=' + (user.profile.upn || user.userName);
}
adalGetToken(this.authContext, this.appId, this.endpoints).then(
(token) => {
callback(token);
},
(error) => {
if (error) {
if (error.msg === 'login_required') this.authContext.login();
else {
console.log(error);
alert(error);
}
}
}
);
}
public getCachedToken(): string {
return this.authContext.getCachedToken(this.authContext.config.clientId);
}
public getCachedUser(): UserInfo {
return this.authContext.getCachedUser();
}
public getUserProfileData(): UserProfile {
const user = this.authContext.getCachedUser();
const userProfileData = new UserProfile();
if (user) {
userProfileData.name = user.profile.name;
userProfileData.firstName = user.profile.given_name;
userProfileData.surname = user.profile.family_name;
userProfileData.emailAddress = user.userName;
userProfileData.userProfileName = user.profile.name || user.userName;
}
return userProfileData;
}
public logOut() {
this.authContext.logOut();
}
}
const adalContext: AdalContext = new AdalContext();
export default adalContext;
export const getToken = () => adalContext.getToken();
I am able to generate token but problem here is in Aud field I am getting client id for SPA but my intention is to get Client Id of back end because I am generating token for my back end app. So I am struggling to set scope in react adal code. In Postman I am entering scope but here not sure how to pass cope. Does endpoints means scopes here? Also in postman I am passing client secrete of SPA app but here I do not see any option to pass client secrete. Can someone help me what wrong I am doing here or am I understood things in wrong way. any help would be appreciated. Thank you