review requests

Author: derisen

JavaScriptSPA/api.js

@@ -1,7 +1,7 @@
 // helper function to access the resource with the token
-function callApiWithAccessToken(endpoint, accessToken) {
+function callApiWithAccessToken(endpoint, token) {
     const headers = new Headers();
-    const bearer = `Bearer ${accessToken}`;
+    const bearer = `Bearer ${token}`;
 
     headers.append("Authorization", bearer);
 
@@ -32,4 +32,14 @@ function callApi() {
             console.log(err);
           }
       });
-}
+}
+
+// calls the resource API with the token
+// use this instead if you're doing redirect flow
+// function callApi() {
+//   if (accessToken === null || accessToken === undefined) {
+//     getTokenRedirect(tokenRequest);
+//   } else {
+//     callApiWithAccessToken(apiConfig.webApi, accessToken)
+//   }
+// }

JavaScriptSPA/auth.js

@@ -1,7 +1,7 @@
 const msalConfig = {
     auth: {
         clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902", //This is your client ID
-        authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/b2c_1_susi", //This is your tenant info
+        authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/" + b2cPolicies.signUpSignIn, //This is your tenant info
         validateAuthority: false
     },
     cache: {

JavaScriptSPA/authConfig.js

@@ -0,0 +1,39 @@
+// Create the main myMSALObj instance
+// configuration parameters are located at authConfig.js
+const myMSALObj = new Msal.UserAgentApplication(msalConfig);
+
+function signIn() {
+  myMSALObj.loginPopup(loginRequest)
+    .then(loginResponse => {  
+        console.log(loginResponse);
+        console.log('id_token acquired at: ' + new Date().toString());
+        
+        if (myMSALObj.getAccount()) {
+          updateUI();
+        }
+        
+    }).catch(function (error) {
+      console.log(error);
+    });
+}
+
+// sign-out the user
+function logout() {
+  // Removes all sessions, need to call AAD endpoint to do full logout
+  myMSALObj.logout();
+}
+
+function getTokenPopup(request) {
+  return myMSALObj.acquireTokenSilent(request)
+    .catch(error => {
+      console.log("silent token acquisition fails. acquiring token using popup");
+      
+      // fallback to interaction when silent call fails
+      return myMSALObj.acquireTokenPopup(request)
+        .then(tokenResponse => {
+
+        }).catch(error => {
+          console.log(error);
+        });
+    });
+}

JavaScriptSPA/authPopup.js

@@ -0,0 +1,57 @@
+
+"use strict";
+
+// Create the main myMSALObj instance
+// configuration parameters are located at authConfig.js
+const myMSALObj = new Msal.UserAgentApplication(msalConfig);
+
+// Register Callbacks for Redirect flow
+myMSALObj.handleRedirectCallback(authRedirectCallBack);
+
+function authRedirectCallBack(error, response) {
+    if (error) {
+        console.log(error);
+    } else {
+        if (response.tokenType === "id_token" && myMSALObj.getAccount() && !myMSALObj.isCallback(window.location.hash)) {
+        console.log('id_token acquired at: ' + new Date().toString());
+        updateUI();
+        getTokenRedirect(tokenRequest);
+        } else if (response.tokenType === "access_token") {
+        console.log('access_token acquired at: ' + new Date().toString());
+        } else {
+        console.log("token type is:" + response.tokenType);
+        }
+    }
+}
+
+// Redirect: once login is successful and redirects with tokens, update UI
+if (myMSALObj.getAccount() && !myMSALObj.isCallback(window.location.hash)) {
+    // avoid duplicate code execution on page load in case of iframe and Popup window.
+    updateUI();
+}
+
+
+function signIn() {
+    myMSALObj.loginRedirect(loginRequest)
+}  
+
+
+// sign-out the user
+function logout() {
+    // Removes all sessions, need to call AAD endpoint to do full logout
+    myMSALObj.logout();
+}
+
+// This function can be removed if you do not need to support IE
+function getTokenRedirect(request) {
+return myMSALObj.acquireTokenSilent(request)
+    .then((response) => {
+        if (response.accessToken) {
+            accessToken = response.accessToken
+        }
+    }).catch(error => {
+        console.log("silent token acquisition fails. acquiring token using redirect");
+        // fallback to interaction when silent call fails
+        return myMSALObj.acquireTokenRedirect(request)
+    });
+}

JavaScriptSPA/authRedirect.js

@@ -23,21 +23,15 @@
   <nav class="navbar navbar-expand-lg navbar-dark bg-primary">
     <a class="navbar-brand" href="/">Azure AD B2C</a>
     <div class="btn-group ml-auto dropleft">
-        <button type="button" id="SignIn" class="btn btn-secondary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-          Sign In
-        </button>
-        <div class="dropdown-menu">
-          <button class="dropdown-item" id="Popup" onclick="signIn(this.id)">Sign in using Popup</button>
-          <button class="dropdown-item" id="Redirect" onclick="signIn(this.id)">Sign in using Redirect</button>
-        </div>
+        <button type="button" id="SignIn" class="btn btn-secondary">Sign In</button>
     </div>
   </nav>
   <div class="card">
     <h5 class="card-header text-center">Getting an access token with Azure AD B2C and calling a Web API</h5>
     <div class="card-body text-center">
       <h5 id="label" class="card-title">Sign-in with Microsoft Azure AD B2C</h5>
       <pre id="response" class="card-text"></pre>
-      <button type="button" id="callApiButton" class="btn btn-primary" style="display:none" onclick="callApi()">Call API</button>
+      <button type="button" id="callApiButton" class="btn btn-primary" style="display:none">Call API</button>
     </div>
   </div>
 
@@ -47,10 +41,11 @@ <h5 id="label" class="card-title">Sign-in with Microsoft Azure AD B2C</h5>
   <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script>
 
   <!-- importing app scripts -->
+  <script type="text/javascript" src="./poliConfig.js"></script>
   <script type="text/javascript" src="./authConfig.js"></script>
   <script type="text/javascript" src="./apiConfig.js"></script>
+  <script type="text/javascript" src="./authPopup.js"></script>
   <script type="text/javascript" src="./ui.js"></script>
-  <script type="text/javascript" src="./auth.js"></script>
   <script type="text/javascript" src="./api.js"></script>
 </body>
 </html>

JavaScriptSPA/index.html

@@ -0,0 +1,5 @@
+
+// add here b2c policies you have
+const b2cPolicies = {
+    signUpSignIn: "b2c_1_susi",
+}

JavaScriptSPA/poliConfig.js

@@ -1,27 +1,33 @@
-// updates the UI post login/token acquisition
-function updateUI() {
-    const userName = myMSALObj.getAccount().name;
-    logMessage("User '" + userName + "' logged-in");
+// UI elements to work with
+const signInButton = document.getElementById('SignIn');
+signInButton.addEventListener('click', signIn);
 
-    // add the logout button
-    const signInButton = document.getElementById('SignIn');
-    signInButton.nextElementSibling.style.display = 'none';
-    signInButton.innerHTML = 'logout';
-    signInButton.setAttribute('onclick', 'logout();');
-    signInButton.setAttribute('class', "btn btn-success ml-auto")
+const callWebApiButton = document.getElementById('callApiButton');
 
-    // greet the user - specifying login
-    const label = document.getElementById('label');
-    label.innerText = "Hello " + userName;
+const label = document.getElementById('label');
+const response = document.getElementById("response");
 
-    // add the callWebApi button
-    const callWebApiButton = document.getElementById('callApiButton');
-    callWebApiButton.style.display = 'initial';
-    callWebApiButton.setAttribute('class', 'btn btn-primary');
+// updates the UI post login/token acquisition
+function updateUI() {
+        const userName = myMSALObj.getAccount().name;
+        logMessage("User '" + userName + "' logged-in");
+    
+        // add the logout button
+        signInButton.innerHTML = 'logout';
+        signInButton.setAttribute('class', "btn btn-success ml-auto")
+        signInButton.removeEventListener('click', signIn);
+        signInButton.addEventListener('click', logout);
+    
+        // greet the user - specifying login
+        label.innerText = "Hello " + userName;
+    
+        // add the callWebApi button
+        callWebApiButton.style.display = 'initial';
+        callWebApiButton.setAttribute('class', 'btn btn-primary');
+        callWebApiButton.addEventListener('click', callApi);
 }
 
 // debug helper
 function logMessage(s) {
-    document.getElementById("response")
-        .appendChild(document.createTextNode('\n' + s));
+    response.appendChild(document.createTextNode('\n' + s));
 }

JavaScriptSPA/ui.js

@@ -42,7 +42,7 @@ From your shell or command line:
 ```bash
 cd active-directory-b2c-javascript-msal-singlepageapp
 npm install && npm update
-node server.js
+npm start
 ```
 
 The console window shows the port number for the web application
@@ -139,12 +139,14 @@ Provide the following values for the Single Page Application registration:
 
 Now in the sample code, you can replace the single-page application's demo environment configuration with your own tenant.  
 
-1. Open the `authConfig.js` file.
-2. Find the assignment for `clientID` and replace the value with the Application ID for the single page application you registered in Step 4, for example the Application ID found in `My Test SPA` application in the Azure portal.
-3. Find the assignment for `authority` and replacing `b2c_1_susi` with the name of the policy you created in Step 2, and `fabrikamb2c.onmicrosoft.com` by the name of your Azure AD B2C tenant, for example `https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-sign-in-sign-up-policy>`
-4. Open the `apiConfig.js` file.
-5. Find the assignment for the scopes `b2cScopes` replacing the URL by the scope URL you created for the Web API, e.g. `b2cScopes: ["https://<your-tenant-name>.onmicrosoft.com/helloapi/demo.read"]`
-6. Find the assignment for API URL `webApi` replacing the current URL by the URL where you deployed your Web API in Step 4, e.g. `webApi: "https://fabrikamb2chello.azurewebsites.net/hello`
+1. Open the `poliConfig.js` file.
+2. In the `b2cPolicies` object, replace the current signUp-signIn policy value with the name of the policy you created in Step 2 (if you have additional policies, you can add them here as well).
+3. Open the `authConfig.js` file.
+4. Find the assignment for `clientID` and replace the value with the Application ID for the single page application you registered in Step 4, for example the Application ID found in `My Test SPA` application in the Azure portal.
+5. Find the assignment for `authority` and replace `fabrikamb2c.onmicrosoft.com` by the name of your Azure AD B2C tenant, for example `https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-sign-in-sign-up-policy>`
+6. Open the `apiConfig.js` file.
+7. Find the assignment for the scopes `b2cScopes` replacing the URL by the scope URL you created for the Web API, e.g. `b2cScopes: ["https://<your-tenant-name>.onmicrosoft.com/helloapi/demo.read"]`
+8. Find the assignment for API URL `webApi` replacing the current URL by the URL where you deployed your Web API in Step 4, e.g. `webApi: "https://fabrikamb2chello.azurewebsites.net/hello`
 
 Your resulting code should look as follows:
 
@@ -167,8 +169,8 @@ const tokenRequest = {
 ```javascript
 const msalConfig = {
     auth: {
-        clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902", //This is your client ID
-        authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/b2c_1_susi", //This is your tenant info
+        clientId: "e760cab2-b9a1-4c0d-86fb-ff7084abd902",
+        authority: "https://fabrikamb2c.b2clogin.com/fabrikamb2c.onmicrosoft.com/" + b2cPolicies.signUpSignIn,
         validateAuthority: false
     },
     cache: {
@@ -178,6 +180,12 @@ const msalConfig = {
 };
 ```
 
+```javascript
+const b2cPolicies = {
+    signUpSignIn: "b2c_1_susi",
+}
+```
+
 ### Step 7: Run the sample
 
 1. Install the node dependencies if this is your first time running the app (e.g. if you skipped running in the demo environment):