further changes due to reviews

Author: derisen

CHANGELOG.md

@@ -9,5 +9,3 @@
 * Corrected README.md.
 * Added login with redirect.
 * Authentication decoupled from access token request.
-
-## 3/06/2020

JavaScriptSPA/api.js

@@ -1,20 +1,20 @@
 // helper function to access the resource with the token
 function callApiWithAccessToken(endpoint, token) {
-    const headers = new Headers();
-    const bearer = `Bearer ${token}`;
-  
-    headers.append("Authorization", bearer);
-  
-    const options = {
-        method: "GET",
-        headers: headers
-      };
+  const headers = new Headers();
+  const bearer = `Bearer ${token}`;
 
-    fetch(endpoint, options)
-      .then(response => response.json())
-      .then(response => {
-        logMessage("Web API returned:\n" + JSON.stringify(response));
-      }).catch(error => {
-        logMessage("Error calling the Web api:\n" + error);
-      });
+  headers.append("Authorization", bearer);
+
+  const options = {
+      method: "GET",
+      headers: headers
+    };
+
+  fetch(endpoint, options)
+    .then(response => response.json())
+    .then(response => {
+      logMessage("Web API returned:\n" + JSON.stringify(response));
+    }).catch(error => {
+      logMessage("Error calling the Web api:\n" + error);
+    });
 }

JavaScriptSPA/apiConfig.js

@@ -1,5 +1,5 @@
 // The current application coordinates were pre-registered in a B2C tenant.
 const apiConfig = {
-    b2cScopes: ["https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read"],
-    webApi: "https://fabrikamb2chello.azurewebsites.net/hello"
-  };
+  b2cScopes: ["https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read"],
+  webApi: "https://fabrikamb2chello.azurewebsites.net/hello"
+};

JavaScriptSPA/authConfig.js

@@ -1,21 +1,25 @@
+
+// Config object to be passed to Msal on creation.
+// For a full list of msal.js configuration parameters, 
+// visit https://azuread.github.io/microsoft-authentication-library-for-js/docs/msal/modules/_authenticationparameters_.html
 const msalConfig = {
-    auth: {
-        clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902",
-        authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/b2c_1_susi",
-        validateAuthority: false
-    },
-    cache: {
-        cacheLocation: "localStorage",
-        storeAuthStateInCookie: true
-    }
+  auth: {
+    clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902",
+    authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/b2c_1_susi",
+    validateAuthority: false
+  },
+  cache: {
+    cacheLocation: "localStorage", // This configures where your cache will be stored
+    storeAuthStateInCookie: true // Set this to "true" if you are having issues on IE11 or Edge
+  }
 };
 
-// request to sign-in (returns an idToken)
+// Add here scopes for id token to be used at the MS Identity Platform endpoints.
 const loginRequest = {
-    scopes: ["openid", "profile"],
+  scopes: ["openid", "profile"],
 };
 
-// request to acquire a token for resource access
+// Add here scopes for access token to be used at the API endpoints.
 const tokenRequest = {
-    scopes: apiConfig.b2cScopes
+  scopes: ["https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read"]
 };

JavaScriptSPA/authPopup.js

@@ -4,8 +4,9 @@ const myMSALObj = new Msal.UserAgentApplication(msalConfig);
 
 function signIn() {
   myMSALObj.loginPopup(loginRequest)
-    .then(loginResponse => {  
+    .then(loginResponse => {
         console.log('id_token acquired at: ' + new Date().toString());
+        console.log(loginResponse);  
 
         if (myMSALObj.getAccount()) {
           updateUI();
@@ -26,28 +27,28 @@ function getTokenPopup(request) {
   return myMSALObj.acquireTokenSilent(request)
     .catch(error => {
       console.log("silent token acquisition fails. acquiring token using popup");
-      
+      console.log(error);
       // fallback to interaction when silent call fails
       return myMSALObj.acquireTokenPopup(request)
         .then(tokenResponse => {
           console.log('access_token acquired at: ' + new Date().toString());
-        })
-        .catch(error => {
+          return tokenResponse;
+        }).catch(error => {
           console.log(error);
         });
     });
 }
 
-//calls the resource API with the token
+// Acquires and access token and then passes it to the API call
 function passTokenToApi() {
   getTokenPopup(tokenRequest)
-      .then(tokenResponse => {
-          console.log('access_token acquired at: ' + new Date().toString());
-          try {
-            logMessage("Request made to Web API:")
-            callApiWithAccessToken(apiConfig.webApi, tokenResponse.accessToken);
-          } catch(err) {
-            console.log(err);
-          }
-      });
+    .then(tokenResponse => {
+        console.log('access_token acquired at: ' + new Date().toString());
+        try {
+          logMessage("Request made to Web API:")
+          callApiWithAccessToken(apiConfig.webApi, tokenResponse.accessToken);
+        } catch(err) {
+          console.log(err);
+        }
+    });
 }

JavaScriptSPA/authRedirect.js

@@ -8,59 +8,60 @@ let accessToken;
 myMSALObj.handleRedirectCallback(authRedirectCallBack);
 
 function authRedirectCallBack(error, response) {
-    if (error) {
-        console.log(error);
+  if (error) {
+    console.log(error);
+  } else {
+    if (response.tokenType === "id_token") {
+      console.log('id_token acquired at: ' + new Date().toString());
+      myMSALObj.getAccount();
+      getTokenRedirect(tokenRequest);
+    } else if (response.tokenType === "access_token") {
+      console.log('access_token acquired at: ' + new Date().toString());
+      accessToken = response.accessToken;
+      logMessage("Request made to Web API:")
+      callApiWithAccessToken(apiConfig.webApi, accessToken)
     } else {
-        if (response.tokenType === "id_token") {
-            console.log('id_token acquired at: ' + new Date().toString());
-            myMSALObj.getAccount();
-            getTokenRedirect(tokenRequest);
-        } else if (response.tokenType === "access_token") {
-            console.log('access_token acquired at: ' + new Date().toString());
-            accessToken = response.accessToken;
-            logMessage("Request made to Web API:")
-            callApiWithAccessToken(apiConfig.webApi, accessToken)
-        } else {
-            console.log("token type is:" + response.tokenType);
-        }
+      console.log("token type is:" + response.tokenType);
     }
+  }
 }
 
 // Redirect: once login is successful and redirects with tokens, update UI
 if (myMSALObj.getAccount()) {
-    updateUI();
+  updateUI();
 }
 
 function signIn() {
-    myMSALObj.loginRedirect(loginRequest)
+  myMSALObj.loginRedirect(loginRequest)
 }  
 
 
 // sign-out the user
 function logout() {
-    // Removes all sessions, need to call AAD endpoint to do full logout
-    myMSALObj.logout();
+  // Removes all sessions, need to call AAD endpoint to do full logout
+  myMSALObj.logout();
 }
 
 // This function can be removed if you do not need to support IE
 function getTokenRedirect(request) {
 return myMSALObj.acquireTokenSilent(request)
-    .then((response) => {
-        if (response.accessToken) {
-            accessToken = response.accessToken
-            logMessage("Request made to Web API:")
-            callApiWithAccessToken(apiConfig.webApi, accessToken)
-        }
-    }).catch(error => {
-        console.log("silent token acquisition fails. acquiring token using redirect");
-        // fallback to interaction when silent call fails
-        return myMSALObj.acquireTokenRedirect(request)
-    });
+  .then((response) => {
+    if (response.accessToken) {
+      accessToken = response.accessToken
+      logMessage("Request made to Web API:")
+      callApiWithAccessToken(apiConfig.webApi, accessToken)
+    }
+  }).catch(error => {
+    console.log("silent token acquisition fails. acquiring token using redirect");
+    console.log(error);
+    // fallback to interaction when silent call fails
+    return myMSALObj.acquireTokenRedirect(request)
+  });
 }
 
 
 // calls the resource API with the token
-function passTokenToAPI() {
+function passTokenToApi() {
   if (accessToken === null || accessToken === undefined) {
     getTokenRedirect(tokenRequest);
   } else {

JavaScriptSPA/index.html

@@ -4,15 +4,12 @@
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
   <title>AAD B2C | MSAL.JS Vanilla JavaScript SPA</title>
-
-  <!-- bluebird only needed if this page needs to run on Internet Explorer -->
-  <script type="text/javascript" src="//cdn.jsdelivr.net/npm/bluebird@3.7.2/js/browser/bluebird.min.js"></script>
 
   <!-- msal.min.js can be used in the place of msal.js; included msal.js to make debug easy -->
-  <script type="text/javascript" src="https://alcdn.msftauth.net/lib/1.2.1/js/msal.js" integrity="sha384-9TV1245fz+BaI+VvCjMYL0YDMElLBwNS84v3mY57pXNOt6xcUYch2QLImaTahcOP" crossorigin="anonymous"></script>
-  
+  <script type="text/javascript" src="https://alcdn.msauth.net/lib/1.2.1/js/msal.js" integrity="sha384-9TV1245fz+BaI+VvCjMYL0YDMElLBwNS84v3mY57pXNOt6xcUYch2QLImaTahcOP" crossorigin="anonymous"></script>
+  <!-- msal.js with a fallback to backup CDN -->
   <script type="text/javascript">
-    if(typeof Msal === 'undefined')document.write(unescape("%3Cscript src='https://alcdn.msftauth.net/lib/1.2.1/js/msal.js' type='text/javascript' integrity='sha384-9TV1245fz+BaI+VvCjMYL0YDMElLBwNS84v3mY57pXNOt6xcUYch2QLImaTahcOP' crossorigin='anonymous'%3E%3C/script%3E"));
+    if(typeof Msal === 'undefined')document.write(unescape("%3Cscript src='https://alcdn.msftauth.net/lib/1.2.1/js/msal.js' type='text/javascript' integrity='sha384-m/3NDUcz4krpIIiHgpeO0O8uxSghb+lfBTngquAo2Zuy2fEF+YgFeP08PWFo5FiJ' crossorigin='anonymous'%3E%3C/script%3E"));
   </script>
 
   <!-- adding Bootstrap 4 for UI components  -->
@@ -26,7 +23,7 @@
     <a class="navbar-brand" href="/">Azure AD B2C</a>
     <div class="btn-group ml-auto dropleft">
         <button type="button" id="signIn" class="btn btn-secondary" onclick="signIn()">Sign In</button>
-        <button type="button" id="signOut" class="btn btn-success" onclick="logout()" style="display:none">Sign Out</button>
+        <button type="button" id="signOut" class="btn btn-success d-none" onclick="logout()">Sign Out</button>
     </div>
   </nav>
 
@@ -36,7 +33,7 @@ <h5 class="card-header text-center">Getting an access token with Azure AD B2C an
     <div class="card-body text-center">
       <h5 id="label" class="card-title">Sign-in with Microsoft Azure AD B2C</h5>
       <pre id="response" class="card-text"></pre>
-      <button type="button" id="callApiButton" class="btn btn-primary" onclick="callApi()" style="display:none">Call API</button>
+      <button type="button" id="callApiButton" class="btn btn-primary d-none" onclick="passTokenToApi()">Call API</button>
     </div>
   </div>
 
@@ -49,7 +46,9 @@ <h5 id="label" class="card-title">Sign-in with Microsoft Azure AD B2C</h5>
   <script type="text/javascript" src="./authConfig.js"></script>
   <script type="text/javascript" src="./apiConfig.js"></script>
   <script type="text/javascript" src="./ui.js"></script>
-  <!-- replace next with authRedirect if you would like to use redirect flow -->
+  
+  <!-- replace next line with authRedirect.js if you would like to use the redirect flow -->
+  <!-- <script type="text/javascript" src="./authRedirect.js"></script>   -->
   <script type="text/javascript" src="./authPopup.js"></script>
   <script type="text/javascript" src="./api.js"></script>
 </body>

JavaScriptSPA/ui.js

@@ -10,14 +10,14 @@ function updateUI() {
     const userName = myMSALObj.getAccount().name;
     logMessage("User '" + userName + "' logged-in");
 
-    signInButton.style.display = 'none';
-    signOutButton.style.display = 'initial';
+    signInButton.classList.add('d-none');
+    signOutButton.classList.remove('d-none');
 
     // greet the user - specifying login
     label.innerText = "Hello " + userName;
 
     // add the callWebApi button
-    callWebApiButton.style.display = 'initial';
+    callWebApiButton.classList.add('d-none');
     callWebApiButton.setAttribute('class', 'btn btn-primary');
 }