This project is a Node.js & Express web application that authenticates users against Azure Active Directory (Azure AD) and obtains Access Tokens to call the Xbox Live API and the Mojang API, with the help of Microsoft Authentication Library for Node.js (MSAL Node). It uses Redis for caching sessions and tokens.
Discord's oAuth2 system is used just for accessing Discord profile information, which is used for saving who you are in DiscordSRV's MySQL database.
- The client application uses the MSAL Node to sign-in a user redirects them to the Discord oAuth2 page
- User gets redirected to Microsoft authorization page to obtain an JWT Access Token from Microsoft.
- The Access Token is used as a bearer token to authorize the server to access the Xbox Live API.
- The Xbox Access Token is used as a bearer token to authorize the server to access Mojang's API
- The server responds with the data that the server has access to.
| File/folder | Description |
|---|---|
App/app.js |
Application entry point. |
App/appSettings.json |
Application settings and authentication parameters. |
App/routes/router.js |
Application routes are defined here. |
App/controllers/mainController.js |
Main application controllers. |
- Node.js must be installed to run this project.
- Visual Studio Code is recommended for running and editing this project.
- Redis for caching persist sessions.
- MariaDB/MySQL for accessing DiscordSRV's database.
- Minecraft Server running DiscordSRV with MariaDB/MySQL as the database for linking.
- PM2 if you want to run this web application clustered.
- An Azure AD tenant. For more information, see: How to get an Azure AD tenant
- A user account in your Azure AD tenant.
Locate the root of the project folder (i.e. AuthApp). Then:
npm install
cd TestApp
vim example.appSettings.json
mv example.appSettings.json appSettings.json
cd App
vim example.ormconfig.js
vim example.redisconfig.js
mv example.ormconfig.js ormconfig.js
mv example.redisconfig.js redisconfig.js- Open your Discord applications, create or select an application, and head over to the "OAuth2" page.
- Take note of the
client idandclient secretfields. Copy these values into your appSettings.json file; you'll need them later. Next, add a redirect URL to http://localhost:4545/callback
- Navigate to the Azure portal and select the Azure AD service.
- Select the App Registrations blade on the left, then select New registration.
- In the Register an application page that appears, enter your application's registration information:
- In the Name section, enter a meaningful application name that will be displayed to users of the app, for example
AuthApp. - Under Supported account types, select Personal Microsoft account users.
- In the Redirect URI (optional) section, select Web in the combo-box and enter the following redirect URI:
http://localhost:4545/redirect.
- In the Name section, enter a meaningful application name that will be displayed to users of the app, for example
- Select Register to create the application.
- In the app's registration screen, find and note the Application (client) ID. You use this value in your app's configuration file(s) later in your code.
- Select Save to save your changes.
- In the app's registration screen, select the Certificates & secrets blade in the left to open the page where we can generate secrets and upload certificates.
- In the Client secrets section, select New client secret:
- Type a key description (for instance
app secret), - Select one of the available key durations (In 1 year, In 2 years, or Never Expires) as per your security posture.
- The generated key value will be displayed when you select the Add button. Copy the generated value for use in the steps later.
- You'll need this key later in your code's configuration files. This key value will not be displayed again, and is not retrievable by any other means, so make sure to note it from the Azure portal before navigating to any other screen or blade.
- Type a key description (for instance
- In the app's registration screen, select the Authentication blade in the left to open the page where we add access to the APIs that your application needs.
- Scroll down to the Advanced settings section.
- Ensure that the Live SDK support button set as Yes.
Open the project in your IDE (like Visual Studio or Visual Studio Code) to configure the code.
In the steps below, "ClientID" is the same as "Application ID" or "AppId".
- Open the
./App/appSettings.jsonfile. - Find the key
clientIdand replace the existing value with the application ID (clientId) of theAuthAppapplication copied from the Azure Portal. - Find the key
tenantIdand replace the existing value with your Azure AD tenant ID. - Find the key
clientSecretand replace the existing value with the key you saved during the creation of theAuthAppapp, in the Azure Portal. - Find the key
homePageRouteand replace the existing value with the route that you wish to be redirected after sign-in, e.g./home. - Find the key
redirectUriand replace the existing value with the Redirect URI forAuthAppapp. For example,http://localhost:4545/redirect. - Find the
postLogoutRedirectUriand replace the existing value with the URI that you wish to be redirected after sign-out, e.g.http://localhost:4545/ - Find example.ormconfig.js and change the data to your liking and rename the file name to ormconfig.js
- Find example.redisconfig.js and change the data to your setup for Redis and rename the file name to redisconfig.js
Make sure that Redis server is currently running. Start the Redis server if needed. You will need WSL if on Windows:
redis-server: information_source: On Windows, you may use WSL to run above
Locate the root of the project folder (i.e. TestApp). Then:
npm start- Open your browser and navigate to
http://localhost:4545. - Click the Sign-in button on the top right corner.
- Once you sign-in, click on the See my Xbox profile button to call Xbox Live.
- Once you sign-in, click on the See my Java account button to call Mojang's API.
- Once you sign-in, click on the See my Discord account button to call Discord's API