Skip to content
/ ueberauth_azure_ad Public
forked from swelham/ueberauth_microsoft

Überauth Strategy covering single-tenant Azure AD

License

MIT license
0 stars 33 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bvandgrift/ueberauth_azure_ad

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits

config

config

 
 

example

example

 
 

lib/ueberauth/strategy

lib/ueberauth/strategy

 
 

test

test

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

mix.exs

mix.exs

 
 

mix.lock

mix.lock

 
 

Repository files navigation

About

Überauth Azure AD v2.0 Strategy

A simple implementation of OAuth that includes the tenant_id in the OAuth2 endpoint, facilitating the Microsoft identity platform version 2. Apart from the configurable tenant ID, this simply extends the OAuth implementation.

Originally forked in a hurry from swelhan/ueberauth_microsoft, with much gratitude.

License

Please see LICENSE for licensing details.

Setup

You can use this strategy by configuring it with your Azure AD tenant and secret information, then calling the local endpoints as follows:

Configuring

  1. Setup your application at the new Microsoft app registration portal.

  2. Add :ueberauth_azure_ad to your list of dependencies in mix.exs:

    def deps do
  [{:ueberauth_azure_ad, "~> 0.5"}]
end

  3. Add the strategy to your applications:

    def application do
  [applications: [:ueberauth_azure_ad]]
end

  4. Add Microsoft to your Überauth configuration:

    config :ueberauth, Ueberauth,
  providers: [
    azure: {Ueberauth.Strategy.AzureAD, []}
  ]

  5. Update your provider configuration:

    config :ueberauth, Ueberauth.Strategy.AzureAD.OAuth,
  client_id: System.get_env("AZURE_CLIENT_ID"),
  client_secret: System.get_env("AZURE_CLIENT_SECRET"),
  tenant_id: System.get_env("AZURE_TENANT_ID")

  6. Include the Überauth plug in your controller:

    defmodule MyApp.AuthController do
  use MyApp.Web, :controller
  plug Ueberauth
  ...
end

  7. Create the request and callback routes if you haven't already:

    scope "/auth", MyApp do
  pipe_through :browser

  get "/:provider", AuthController, :request
  get "/:provider/callback", AuthController, :callback
end

  8. Your controller needs to implement callbacks to deal with Ueberauth.Auth and Ueberauth.Failure responses.

For an example implementation see the Überauth Example application.

Calling

Depending on the configured url you can initial the request through:

/auth/azure

By default the scopes used are

Note: at least one service scope is required in order for a token to be returned by the Microsoft endpoint

You can configure additional scopes to be used by passing the extra_scopes option into the provider

config :ueberauth, Ueberauth,
  providers: [
    azure: {Ueberauth.Strategy.AzureAD, [extra_scopes: "https://graph.microsoft.com/calendars.read"]}
  ]

About

Überauth Strategy covering single-tenant Azure AD

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

4 tags

Packages

No packages published

Languages

  • Elixir 72.7%
  • CSS 16.6%
  • JavaScript 5.8%
  • HTML 4.9%