Feature: Added possibility to start session using social OAuth provid…

…ers.
LeetABit · Dec 28, 2021 · f3edbb0 · f3edbb0
1 parent ee22e59
commit f3edbb0
Show file tree

Hide file tree

Showing 26 changed files with 765 additions and 113 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -11,11 +11,12 @@ on:
 
 jobs:
   build_and_deploy_job:
+    name: Build and Deploy Job
     if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
     runs-on: ubuntu-latest
-    name: Build and Deploy Job
     steps:
-      - uses: actions/checkout@v2
+      - name: Checkout repository
+        uses: actions/checkout@v2
         with:
           submodules: true
           fetch-depth: 0
@@ -45,17 +46,16 @@ jobs:
             })
 
       - name: Fetch tag
+        if: github.event_name == 'push'
         run: git fetch --tags
 
       - name: Cache node modules
         uses: actions/cache@v2
-        env:
-          cache-name: cache-node-modules
         with:
           path: ./node_modules
-          key: ${{ env.cache-name }}-${{ hashFiles('./yarn.json') }}
+          key: app-node-modules-${{ hashFiles('./yarn.json') }}
           restore-keys: |
-            ${{ env.cache-name }}-
+            app-node-modules-
 
       - name: Build And Deploy
         uses: Azure/static-web-apps-deploy@v1

diff --git a/.gitignore b/.gitignore
@@ -2,6 +2,8 @@
 # Visual Studo cache/options directory.
 ####################################################################
 
+local.settings.json
+
 ####################################################################
 # Autogenerated files.
 ####################################################################

diff --git a/.vscode/extensions.json b/.vscode/extensions.json
@@ -1,6 +1,11 @@
 {
   "recommendations": [
     "ms-azuretools.vscode-azurestaticwebapps",
-    "editorconfig.editorconfig"
+    "editorconfig.editorconfig",
+    "ms-vscode.azure-account",
+    "azureadb2ctools.aadb2c",
+    "ms-vscode.vscode-node-azure-pack",
+    "streetsidesoftware.code-spell-checker",
+    "npxms.hide-gitignored"
   ]
 }
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,9 @@
+{
+    "cSpell.words": [
+        "browserslist",
+        "dgtiles",
+        "jwks",
+        "leetabit",
+        "reduxjs"
+    ]
+}
diff --git a/calculate-version.js b/calculate-version.js
@@ -65,13 +65,13 @@ module.exports = async function() {
         version.commitCount = commits.length;
 
         const dateTime = new Date();
-        const year = dateTime.getFullYear();
-        const month = `${dateTime.getMonth() + 1}`.padStart(2, '0');
-        const day =`${dateTime.getDate()}`.padStart(2, '0');
-        const hours =`${dateTime.getHours()}`.padStart(2, '0');
-        const minutes =`${dateTime.getMinutes()}`.padStart(2, '0');
-        const seconds =`${dateTime.getSeconds()}`.padStart(2, '0');
-        const milliseconds =`${dateTime.getMilliseconds()}`.padStart(2, '0');
+        const year = dateTime.getUTCFullYear();
+        const month = `${dateTime.getUTCMonth() + 1}`.padStart(2, '0');
+        const day =`${dateTime.getUTCDate()}`.padStart(2, '0');
+        const hours =`${dateTime.getUTCHours()}`.padStart(2, '0');
+        const minutes =`${dateTime.getUTCMinutes()}`.padStart(2, '0');
+        const seconds =`${dateTime.getUTCSeconds()}`.padStart(2, '0');
+        const milliseconds =`${dateTime.getUTCMilliseconds()}`.padStart(2, '0');
         try {
             await executeCommandAsync('git diff-index --quiet HEAD --');
         }

diff --git a/oidc/B2C_1A_Common.xml b/oidc/B2C_1A_Common.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<TrustFrameworkPolicy
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
+  PolicySchemaVersion="0.3.0.0"
+  TenantId="dgtiles.onmicrosoft.com"
+  PolicyId="B2C_1A_COMMON"
+  PublicPolicyUri="http://dgtiles.onmicrosoft.com/B2C_1A_COMMON"
+  DeploymentMode="Development"
+  UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
+
+  <BuildingBlocks>
+    <ClaimsSchema>
+
+      <ClaimType Id="issuer">
+        <DataType>string</DataType>
+      </ClaimType>
+
+      <ClaimType Id="sub">
+        <DisplayName>Subject</DisplayName>
+        <DataType>string</DataType>
+        <DefaultPartnerClaimTypes>
+          <Protocol Name="OpenIdConnect" PartnerClaimType="sub" />
+        </DefaultPartnerClaimTypes>
+        <UserHelpText/>
+      </ClaimType>
+
+      <ClaimType Id="subjectWithIssuerCollection">
+        <DisplayName>subjectWithIssuerCollection</DisplayName>
+        <DataType>stringCollection</DataType>
+      </ClaimType>
+
+      <ClaimType Id="numericUserId">
+        <DisplayName>Numeric user Identifier</DisplayName>
+        <DataType>long</DataType>
+      </ClaimType>
+
+      <ClaimType Id="subjectWithIssuer">
+        <DisplayName>subjectWithIssuer</DisplayName>
+        <DataType>string</DataType>
+        <AdminHelpText />
+        <UserHelpText />
+      </ClaimType>
+
+    </ClaimsSchema>
+
+    <ClaimsTransformations>
+      <ClaimsTransformation Id="CreateIssuerUserId" TransformationMethod="ConvertNumberToStringClaim">
+        <InputClaims>
+          <InputClaim ClaimTypeReferenceId="numericUserId" TransformationClaimType="inputClaim" />
+        </InputClaims>
+        <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="sub" TransformationClaimType="outputClaim" />
+        </OutputClaims>
+      </ClaimsTransformation>
+
+      <ClaimsTransformation Id="CreateSubjectWithIssuerFromIssuer" TransformationMethod="AddItemToStringCollection">
+        <InputClaims>
+          <InputClaim ClaimTypeReferenceId="sub" TransformationClaimType="item" />
+          <InputClaim ClaimTypeReferenceId="subjectWithIssuerCollection" TransformationClaimType="collection" />
+        </InputClaims>
+        <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="subjectWithIssuerCollection" TransformationClaimType="collection" />
+        </OutputClaims>
+      </ClaimsTransformation>
+
+      <ClaimsTransformation Id="AddSubjectToSubjectWithIssuer" TransformationMethod="AddItemToStringCollection">
+        <InputClaims>
+          <InputClaim ClaimTypeReferenceId="issuer" TransformationClaimType="item" />
+          <InputClaim ClaimTypeReferenceId="subjectWithIssuerCollection" TransformationClaimType="collection" />
+        </InputClaims>
+        <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="subjectWithIssuerCollection" TransformationClaimType="collection" />
+        </OutputClaims>
+      </ClaimsTransformation>
+
+      <ClaimsTransformation Id="JoinIssuerWithSubject" TransformationMethod="StringJoin">
+        <InputClaims>
+        <InputClaim ClaimTypeReferenceId="subjectWithIssuerCollection" TransformationClaimType="inputClaim" />
+        </InputClaims>
+        <InputParameters>
+          <InputParameter DataType="string" Id="delimiter" Value=":" />
+        </InputParameters>
+        <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="subjectWithIssuer" TransformationClaimType="outputClaim" />
+        </OutputClaims>
+      </ClaimsTransformation>
+
+      <ClaimsTransformation Id="HashUserId" TransformationMethod="Hash">
+        <InputClaims>
+          <InputClaim ClaimTypeReferenceId="subjectWithIssuer" TransformationClaimType="plaintext" />
+          <InputClaim ClaimTypeReferenceId="subjectWithIssuer" TransformationClaimType="salt" />
+        </InputClaims>
+        <InputParameters>
+          <InputParameter Id="randomizerSecret" DataType="string" Value="B2C_1A_AccountTransformSecret" />
+        </InputParameters>
+        <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="sub" TransformationClaimType="hash" />
+        </OutputClaims>
+      </ClaimsTransformation>
+    </ClaimsTransformations>
+  </BuildingBlocks>
+
+  <ClaimsProviders>
+    <ClaimsProvider>
+      <!-- The technical profile(s) defined in this section is required by the framework to be included in all policies. -->
+      <DisplayName>Trustframework Policy Engine TechnicalProfiles</DisplayName>
+      <TechnicalProfiles>
+        <TechnicalProfile Id="TpEngine_c3bd4fe2-1775-4013-b91d-35f16d377d13">
+          <DisplayName>Trustframework Policy Engine Default Technical Profile</DisplayName>
+          <Protocol Name="None" />
+          <Metadata>
+            <Item Key="url">{service:te}</Item>
+          </Metadata>
+        </TechnicalProfile>
+      </TechnicalProfiles>
+    </ClaimsProvider>
+
+    <ClaimsProvider>
+      <!-- 
+      The technical profile(s) defined in this section specify Token Issuers that are used by the required SendClaims step of a User Journey 
+      to return a token to the caller.
+      -->
+      <DisplayName>Token Issuer Technical Profiles</DisplayName>
+      <TechnicalProfiles>
+        <TechnicalProfile Id="JwtIssuer">
+          <DisplayName>JWT Issuer</DisplayName>
+          <Protocol Name="None" />
+          <OutputTokenFormat>JWT</OutputTokenFormat>
+          <Metadata>
+            <Item Key="client_id">{service:te}</Item>
+            <Item Key="SendTokenResponseBodyWithJsonNumbers">true</Item>
+            <Item Key="issuer_refresh_token_user_identity_claim_type">sub</Item>
+          </Metadata>
+          <CryptographicKeys>
+            <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
+            <Key Id="issuer_refresh_token_key" StorageReferenceId="B2C_1A_TokenEncryptionKeyContainer" />
+          </CryptographicKeys>
+        </TechnicalProfile>
+      </TechnicalProfiles>
+    </ClaimsProvider> 
+  </ClaimsProviders>
+
+</TrustFrameworkPolicy>
diff --git a/oidc/B2C_1A_Facebook.xml b/oidc/B2C_1A_Facebook.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<TrustFrameworkPolicy
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
+  PolicySchemaVersion="0.3.0.0"
+  TenantId="dgtiles.onmicrosoft.com"
+  PolicyId="B2C_1A_FACEBOOK"
+  PublicPolicyUri="http://dgtiles.onmicrosoft.com/B2C_1A_FACEBOOK"
+  DeploymentMode="Development"
+  UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
+
+  <BasePolicy>
+    <TenantId>dgtiles.onmicrosoft.com</TenantId>
+    <PolicyId>B2C_1A_Common</PolicyId>
+  </BasePolicy>
+
+  <ClaimsProviders>
+    <ClaimsProvider>
+      <Domain>facebook.com</Domain>
+      <DisplayName>Facebook</DisplayName>
+
+      <TechnicalProfiles>
+        <TechnicalProfile Id="Facebook-OAUTH2">
+          <DisplayName>Facebook</DisplayName>
+          <Protocol Name="OAuth2" />
+          <Metadata>
+            <Item Key="ProviderName">facebook.com</Item>
+            <Item Key="authorization_endpoint">https://www.facebook.com/dialog/oauth</Item>
+            <Item Key="AccessTokenEndpoint">https://graph.facebook.com/oauth/access_token</Item>
+            <Item Key="HttpBinding">GET</Item>
+            <Item Key="UsePolicyInRedirectUri">0</Item>
+            <Item Key="client_id">300225215495897</Item>
+            <Item Key="auth_type">reauthenticate</Item>
+            <Item Key="scope">public_profile</Item>
+            <Item Key="prompt">select_account</Item>
+            <Item Key="ClaimsEndpoint">https://graph.facebook.com/me?fields=id</Item>
+            <Item Key="AccessTokenResponseFormat">json</Item>
+          </Metadata>
+          <CryptographicKeys>
+            <Key Id="client_secret" StorageReferenceId="B2C_1A_FacebookSecret" />
+          </CryptographicKeys>
+          <OutputClaims>
+          <OutputClaim ClaimTypeReferenceId="sub" PartnerClaimType="id" />
+            <OutputClaim ClaimTypeReferenceId="issuer" DefaultValue="facebook-oauth" />
+          </OutputClaims>
+          <OutputClaimsTransformations>
+            <OutputClaimsTransformation ReferenceId="CreateSubjectWithIssuerFromIssuer" />
+            <OutputClaimsTransformation ReferenceId="AddSubjectToSubjectWithIssuer" />
+            <OutputClaimsTransformation ReferenceId="JoinIssuerWithSubject" />
+            <OutputClaimsTransformation ReferenceId="HashUserId" />
+          </OutputClaimsTransformations>
+            </TechnicalProfile>
+      </TechnicalProfiles>
+    </ClaimsProvider>
+  </ClaimsProviders>
+
+  <UserJourneys>
+    <UserJourney Id="FacebookJourney">
+      <OrchestrationSteps>
+
+        <OrchestrationStep Order="1" Type="ClaimsExchange">
+          <ClaimsExchanges>
+            <ClaimsExchange Id="FacebookExchange" TechnicalProfileReferenceId="Facebook-OAUTH2" />
+          </ClaimsExchanges>
+        </OrchestrationStep>
+
+        <OrchestrationStep Order="2" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
+
+      </OrchestrationSteps>
+    </UserJourney>
+  </UserJourneys>
+
+  <RelyingParty>
+    <DefaultUserJourney ReferenceId="FacebookJourney"/>
+    <TechnicalProfile Id="FacebookPolicyProfile">
+      <DisplayName>Facebook Policy Profile</DisplayName>
+      <Protocol Name="OpenIdConnect" />
+      <OutputClaims>
+        <OutputClaim ClaimTypeReferenceId="sub" />
+      </OutputClaims>
+      <SubjectNamingInfo ClaimType="sub" />
+    </TechnicalProfile>
+  </RelyingParty>  
+</TrustFrameworkPolicy>