Skip to content

Commit

Permalink
switch to domain name for tenant ID + README update
Browse files Browse the repository at this point in the history
  • Loading branch information
@mmacy
mmacy committed Mar 21, 2020
1 parent 17618cb commit 8e178ea
Show file tree
Hide file tree
Showing 4 changed files with 58 additions and 75 deletions.
9 changes: 7 additions & 2 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,13 @@
# CHANGELOG

## 3/04/2020
## 2020-03-21

* Switch to using the tenant domain name for the tenant ID in [config.js](config.js).
* Update README to reflect current state of sample and the articles referenced on [docs.microsoft.com](https://docs.microsoft.com/azure/active-directory-b2c).

## 2020-03-04

* Dependencies updated.
* Configuration parameters separated.
* Readme improved.
* README improved.
* ES6 conventions introduced.
21 changes: 0 additions & 21 deletions LICENSE copy
View file

This file was deleted.

95 changes: 47 additions & 48 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,106 +12,105 @@ urlFragment: "active-directory-b2c-javascript-nodejs-webapi"

# Node.js Web API with Azure AD B2C

This sample demonstrates how to protect a Node.js web API with Azure AD B2C using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, you will need to replace the client ID.
This sample demonstrates how to protect a Node.js web API with Azure AD B2C using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, replace the client ID.

To see how to call this web API from a client application, refer to this [B2C Single Page Application sample](https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp).

## Contents

| File/folder | Description |
|-------------------|--------------------------------------------|
| `process.json` | Contains configuration parameters for logging via Morgan. |
| `index.js` | Main application logic resides here. |
| `config.js` | Contains configuration parameters for the sample. |
| `.gitignore` | Defines what to ignore at commit time. |
| `CHANGELOG.md` | List of changes to the sample. |
| `CODE_OF_CONDUCT.md` | Code of Conduct information. |
| `CONTRIBUTING.md` | Guidelines for contributing to the sample. |
| `LICENSE` | The license for the sample. |
| `package.json` | Package manifest for npm. |
| `README.md` | This README file. |
| `SECURITY.md` | Security disclosures. |

## Steps to Run

1. Clone the code.
| File/folder | Description |
|:---------------------|:----------------------------------------------------------|
| `.gitignore` | Defines what to ignore at commit time. |
| `CHANGELOG.md` | List of changes to the sample. |
| `CODE_OF_CONDUCT.md` | Code of Conduct information. |
| `config.js` | Contains configuration parameters for the sample. |
| `CONTRIBUTING.md` | Guidelines for contributing to the sample. |
| `index.js` | Main application logic resides here. |
| `LICENSE` | The license for the sample. |
| `package.json` | Package manifest for npm. |
| `process.json` | Contains configuration parameters for logging via Morgan. |
| `README.md` | This README file. |
| `SECURITY.md` | Security disclosures. |
``

## Steps to run

1. Clone this repository.

```console
git clone https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi.git
```
```config

2. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
2. Install [Node.js](https://nodejs.org/en/download/) if you don't already have it.

3. Install the node dependencies:
3. Install the Node dependencies:

```console
npm install && npm update
```

4. Run the Web API! By default it will run on `http://localhost:5000`
4. Run the Web API. By default, it runs on `http://localhost:5000`

```console
npm start
```

## Next Steps
## Using your own Azure AD B2C tenant

### Using your own Azure AD B2C Tenant
To have a proper understanding of Azure AD B2C as a developer, follow the tutorials in the official [Azure AD B2C documentation](https://docs.microsoft.com/azure/active-directory-b2c/). In the rest of this guide, we summarize the steps you need to go through.

To have a proper understanding of Azure AD B2C as a developer, follow the tutorials on Azure [AD B2C documentation](https://docs.microsoft.com/en-us/azure/active-directory-b2c/). In the rest of this guide, we summarize the steps you need to go through.
### Step 1: Get your own Azure AD B2C tenant

#### Step 1: Get your own Azure AD B2C Tenant
You first need an Azure AD B2C tenant. If you don't already have one you can use for testing purposes, create your own by following the steps in [Tutorial: Create an Azure Active Directory B2C tenant](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-tenant).

First, you'll need an Azure AD B2C tenant. If you don't have an existing Azure AD B2C tenant that you can use for testing purposes, you can create your own by following [these instructions](https://azure.microsoft.com/documentation/articles/active-directory-b2c-get-started).
### Step 2: Create your own policies

#### Step 2: Create your own policies
This sample uses a unified sign-up/sign-in policy. You can create [your own unified sign-up/sign-in policy](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-user-flows). You may choose to include as many or as few identity providers as you wish.

This sample uses a unified sign-up/sign-in policy. You can create [your own unified sign-up/sign-in policy](https://azure.microsoft.com/documentation/articles/active-directory-b2c-reference-policies). You may choose to include as many or as few identity providers as you wish.

If you already have existing policies in your Azure AD B2C tenant, feel free to re-use those policies in this sample.
If you already have existing policies in your Azure AD B2C tenant, feel free to reuse those policies in this sample.

#### Step 3: Register your own web API with Azure AD B2C

Follow the instructions at [register a Web API with Azure AD B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/add-web-application?tabs=applications) to register the Node.js Web API sample with your tenant. Registering your Web API allows you to define the scopes that your single page application will request access tokens for.
Follow the steps in [Protect and grant access to a Node.js web API](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-single-page-app-webapi) to register the web API application in your tenant, define scopes, and grant a web application access to the API. By following the steps in the tutorial, you define the scopes that your single-page application will request access tokens for.

#### Step 4: Configure your application source code

You can now fill in the variables in the `config.js` file of the Node.js Web API sample with the parameters you've obtained from the Azure Portal during the steps above.
You can now fill in the variables in the *config.js* file of the Node.js web API sample with the parameters you've obtained from the Azure portal by following the steps above.

Configure the following variables:

```javascript
const clientID = "<Application ID for your Node.js Web API - found on Properties page in Azure portal e.g. 93733604-cc77-4a3c-a604-87084dd55348>";
const b2cDomainHost = "<Domain of your B2C host eg. fabrikamb2c.b2clogin.com>";
const tenantIdGuid = "<Application ID for your Node.js Web API - found on Properties page in Azure portal e.g. 775527ff-9a37-4307-8b3d-cc311f58d925>";
const policyName = "<Name of your sign in / sign up policy, e.g. B2C_1_SUSI>";
const clientID = "<Application (client) ID of your Node.js web API, e.g. 93733604-0000-0000-0000-87084dd55348>"
const b2cDomainHost = "<Domain name of your B2C authority, e.g. fabrikamb2c.b2clogin.com>";
const tenantId = "<Domain name of your B2C tenant, e.g. fabrikamb2c.onmicrosoft.com>";
const policyName = "<Name of your sign in / sign up policy. Example: B2C_1_SUSI>";
```

> **NOTE**
>
>Developers using the [Azure China Environment](https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud), MUST use <your-tenant-name>.b2clogin.cn authority, instead of `login.chinacloudapi.cn`.
> Developers using the [Azure China](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) environment MUST use `<your-tenant-name>.b2clogin.cn` authority instead of `login.chinacloudapi.cn`.
>
> In order to use <your-tenant-name>.b2clogin.*, you will need to configure you application and set `validateAuthority: false`. Learn more about using [b2clogin](https://docs.microsoft.com/en-us/azure/active-directory-b2c/b2clogin#set-the-validateauthority-property).
> To use `<your-tenant-name>.b2clogin.*`, you need set `validateIssuer: false`. Learn more about using [b2clogin.com](https://docs.microsoft.com/azure/active-directory-b2c/b2clogin).
### Step 5: Run the application

Lastly, to run your Node.js Web API, run the following command from your shell or command line
Lastly, to run your Node.js Web API, execute the following commands in your shell or terminal:

```bash
npm install && npm update
npm start
```

Your Node.js Web API sample is now running on Port 5000.
Your Node.js web API is now running on port 5000.

## Questions & Issues
## Questions & issues

Please file any questions or problems with the sample as a GitHub issue. You can also post on Stack Overflow with the tag `azure-ad-b2c`. For OAuth2.0 library issues, please see note below.
Please file any questions or problems with the sample as a GitHub issue. You can also post on Stack Overflow with the tag `azure-ad-b2c`.

## Contributing

If you'd like to contribute to this sample, see [CONTRIBUTING.MD](./CONTRIBUTING.md).
If you'd like to contribute to this sample, see [CONTRIBUTING.md](./CONTRIBUTING.md).

## Code of Conduct
## Code of conduct

This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
For details, see [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
8 changes: 4 additions & 4 deletions config.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
// Update these four variables with your values from the B2C portal
const clientID = "93733604-cc77-4a3c-a604-87084dd55348";
// Update these four variables with values from your B2C tenant in the Azure portal
const clientID = "93733604-cc77-4a3c-a604-87084dd55348"; // Application (client) ID of your API's application registration
const b2cDomainHost = "fabrikamb2c.b2clogin.com";
const tenantIdGuid = "775527ff-9a37-4307-8b3d-cc311f58d925"; // alternatively, you can use your tenant name as well
const tenantId = "fabrikamb2c.onmicrosoft.com"; // Alternatively, you can use your Directory (tenant) ID (a GUID)
const policyName = "B2C_1_SUSI";

const config = {
identityMetadata: "https://" + b2cDomainHost + "/" + tenantIdGuid + "/" + policyName + "/v2.0/.well-known/openid-configuration/",
identityMetadata: "https://" + b2cDomainHost + "/" + tenantId + "/" + policyName + "/v2.0/.well-known/openid-configuration/",
clientID: clientID,
policyName: policyName,
isB2C: true,
Expand Down

0 comments on commit 8e178ea

Please sign in to comment.