remix-auth-microsoft
Version:
The Microsoft strategy is used to authenticate users against an account on [Microsoft Active Directory](https://docs.microsoft.com/en-us/azure/active-directory/develop/) using [Remix Auth](https://github.com/sergiodxa/remix-auth). This can be a work/schoo
53 lines (52 loc) • 1.78 kB
JavaScript
import { OAuth2Strategy } from "remix-auth-oauth2";
const USER_INFO_URL = "https://graph.microsoft.com/oidc/userinfo";
export const MicrosoftStrategyDefaultScopes = [
"openid",
"profile",
"email",
];
export const MicrosoftStrategyDefaultName = "microsoft";
export const MicrosoftStrategyScopeSeparator = " ";
export class MicrosoftStrategy extends OAuth2Strategy {
name = MicrosoftStrategyDefaultName;
prompt;
scopes;
constructor({ clientId, clientSecret, redirectURI, scopes = MicrosoftStrategyDefaultScopes, prompt, tenantId = "common", }, verify) {
super({
clientId,
clientSecret,
redirectURI,
authorizationEndpoint: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`,
tokenEndpoint: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`,
scopes,
}, verify);
this.scopes = scopes;
this.prompt = prompt;
}
authorizationParams(params) {
params.set("scope", this.scopes.join(MicrosoftStrategyScopeSeparator));
if (this.prompt) {
params.set("prompt", this.prompt);
}
return params;
}
static async userProfile(accessToken) {
const response = await fetch(USER_INFO_URL, {
headers: {
Authorization: `Bearer ${accessToken}`,
},
});
const data = await response.json();
const profile = {
displayName: data.name,
id: data.sub,
name: {
familyName: data.family_name,
givenName: data.given_name,
},
emails: [{ value: data.email }],
_json: data,
};
return profile;
}
}