Froked from seanfisher/passport-microsoft to update dependencies and address Improper Access Control in passport-oauth2
Passport strategy for authenticating with Microsoft Graph using the OAuth 2.0 API.
This module lets you authenticate using Microsoft, in your Node.js applications.
By plugging into Passport, Microsoft authentication can be easily and unobtrusively
integrated into any application or framework that supports Connect-style
middleware, including Express.
Install via npm
$ npm install passport-microsoft
The microsoft authentication strategy authenticates users using a microsoft account and OAuth 2.0 tokens. The strategy requires a verify
callback, which
accepts these credentials and calls done
providing a user, as well as
options
specifying a client ID, client secret, and callback URL.
The consumer key and secret are obtained by creating an application at Microsoft's developer site.
var MicrosoftStrategy = require("passport-microsoft").Strategy;
passport.use(
new MicrosoftStrategy(
{
clientID: "applicationidfrommicrosoft",
clientSecret: "applicationsecretfrommicrosoft",
callbackURL: "http://localhost:3000/auth/microsoft/callback",
scope: ["user.read"],
},
function (accessToken, refreshToken, profile, done) {
User.findOrCreate({ userId: profile.id }, function (err, user) {
return done(err, user);
});
}
)
);
Use passport.authenticate()
, specifying the 'microsoft'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get("/auth/microsoft", passport.authenticate("microsoft"));
app.get(
"/auth/microsoft/callback",
passport.authenticate("microsoft", { failureRedirect: "/login" }),
function (req, res) {
// Successful authentication, redirect home.
res.redirect("/");
}
);
For a complete, working example, refer to the login example.
- Sean Fisher - passport-microsoft on Github
- Sluggy Bear - Original Microsoft OneDrive strategy, upon which this is based
Copyright (c) 2020 Sean Fisher <seafish.io>