Is it possible to use Azure AD B2C authentication on wiki.js? #7006
-
I'm trying to implement a Azure AD B2C authentication using the Azure AD strategy, and I can't make it to work. I configured everything as it says in the wiki js auth docs. I always get the same error: "Invalid email / username or password on sign in". When I search for examples of B2C auth in wiki js, I can't find any answer. Can anyone tell me if its possible and how? Wiki.js: v2.5.300 |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
I'm configuring everything in the wiki.js admin area under the /authentication. I'm following this docs. Looking at the wiki.js source code I found this condition under the
It seems that with an azure ad b2c auth, I can't get this values PS: When I use a azure ad auth I can login |
Beta Was this translation helpful? Give feedback.
-
SOLUTION The issue came from the JWT sent by AZURE AD B2C auth which do not contains I fix this by changing the following lines in "/server/modules/authentication/azure/authentication.js" file. we changed:
for:
PS: we can only add other emails from the azure ad b2c portal, so it's a valid solution |
Beta Was this translation helpful? Give feedback.
SOLUTION
The issue came from the JWT sent by AZURE AD B2C auth which do not contains
email
orpreferred_username
fields expected by Azure AD authentication.The JWT from b2c returns an array
emails
.I fix this by changing the following lines in "/server/modules/authentication/azure/authentication.js" file.
we changed:
const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username')
for:
const emails = _.get(profile, '_json.emails', null)
const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username') || emails[0]
PS: we can only add other emails from the azure ad b2c portal, so it's a valid solution