Skip to content

An Authentication strategy for passport.js that uses the Microsoft Graph API

License

Notifications You must be signed in to change notification settings

afermon/passport-microsoft

 
 

Repository files navigation

Passport-microsoft

Froked from seanfisher/passport-microsoft to update dependencies and address Improper Access Control in passport-oauth2

Passport strategy for authenticating with Microsoft Graph using the OAuth 2.0 API.

This module lets you authenticate using Microsoft, in your Node.js applications.
By plugging into Passport, Microsoft authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Install

Install via npm

$ npm install passport-microsoft

Usage

Configure Strategy

The microsoft authentication strategy authenticates users using a microsoft account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a client ID, client secret, and callback URL.

The consumer key and secret are obtained by creating an application at Microsoft's developer site.

var MicrosoftStrategy = require("passport-microsoft").Strategy;
passport.use(
  new MicrosoftStrategy(
    {
      clientID: "applicationidfrommicrosoft",
      clientSecret: "applicationsecretfrommicrosoft",
      callbackURL: "http://localhost:3000/auth/microsoft/callback",
      scope: ["user.read"],
    },
    function (accessToken, refreshToken, profile, done) {
      User.findOrCreate({ userId: profile.id }, function (err, user) {
        return done(err, user);
      });
    }
  )
);

Authenticate Requests

Use passport.authenticate(), specifying the 'microsoft' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get("/auth/microsoft", passport.authenticate("microsoft"));

app.get(
  "/auth/microsoft/callback",
  passport.authenticate("microsoft", { failureRedirect: "/login" }),
  function (req, res) {
    // Successful authentication, redirect home.
    res.redirect("/");
  }
);

Examples

For a complete, working example, refer to the login example.

Credits

Copyright (c) 2020 Sean Fisher <seafish.io>

Thanks

License

About

An Authentication strategy for passport.js that uses the Microsoft Graph API

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 92.1%
  • EJS 7.1%
  • Makefile 0.8%