I'm developing an application in React, I'm using MSAL for the application login and once the user is authenticated I want to use the card component of a person but I can't make it work.
I tell you what I have implemented in case I forgot some steps. I have added the following tag in the component itself:
<mgt-msal-provider client-id={process.env.REACT_APP_MSALCLIENTID}></mgt-msal-provider>
where that client I'm using on MSal to authenticate the user. I have also tried to define it in the builder itself:
Providers.globalProvider = new MsalProvider({clientId:process.env.REACT_APP_MSALCLIENTID});
Now if I put the login tag on the card component and click it, it works perfectly.
Is it possible to use the same msal of my application with the graph toolkit msal provider?
The toolkit components need to have a way to call the graph, and that's accomplished through a provider. If you are already authenticated with your own msal, you don't need to use the MsalProvider and you can create a SimpleProvider or create your own provider. The provider has two main purposes - to notify the component when the authenticate state changes (signed in/signed out), and to get accessToken for calling the graph with a provided scope. For example, at a minimum, you can do this:
Providers.globalProvider = new SimpleProvider((scopes) => {
//return accessToken for scopes using your msal instance
});
// when the user signs in, set the provider state to signedIn
// this will notify all components that the user is signed in
// and they can call the graph
Providers.globalProvider.setState(ProviderState.SignedIn);
Related
I'm using Supabase for auth, and I want to set a user as logged-in using my custom logic. I'm looking for something like the following:
if (logic-that-checks-if-user-performed-authentication-criteria) {
supabase.auth.setUserAsLoggedIn({email: "user#email.com"});
}
Is there some way I can do this?
Clarification:
logic-that-checks-if-user-performed-authentication-criteria would be my own custom authentication criteria, not Supabase's.
More context:
I want to add Twitter OAuth2 support as Supabase doesn't support it by default. I want to have my own API routes for handling Twitter OAuth2, and the related credentials would be stored either as user_metadata in Supabase's auth table or in my custom user table.
The user would be required to sign up with email-with-magic-link (usual Supabase code). But once they have signed up, they would have an option to connect their Twitter account (my code).
After they have connected their Twitter, they would be given an option to sign in with Twitter alongside the usual email-with-magic-link method. This part would require my original question, I would need to set the user as logged-in after I verify that the user has logged in with Twitter and the Twitter profile matches with the one I have saved in my DB.
As far as Supabase is concerned, a user is signed in if they are signed in with magic link.
It sounds like what you want to know is whether a user has gone through the Twitter OAuth flow or not. In that case, user metadata might be a good place to store that information.
Once a user goes through the Twitter OAuth flow, you could call the following code to store the fact that the user has gone through Twitter's OAuth flow.
const { data, error } = await supabase.auth.updateUser({
data: { hasLinkedTwitter: true }
})
You would be able to retrieve this information from the User object like this:
const { data, error } = await supabase.auth.getUser();
data.user?.user_metadata.hasLinkedTwitter
I have been using the B2CModeFragment class from the Use MSAL in an Android app to sign-in users and call Microsoft Graph which has been very helpful in getting B2C running in my app and I can call a web api which requires authentication. However, I am struggling with how to implement the solution in other areas. I need to call web apis throughout my app from multiple fragments. I currently have all the B2C functions working in a settings fragment where I can select the user. At that point I have the B2C user and have authenticated silently. Using:
user.acquireTokenSilentAsync(b2cApp, B2CConfiguration.getPolicy(), B2CConfiguration.getScopes(), new SilentAuthenticationCallback()
The b2cApp is a private variable in the settings fragment:
private IMultipleAccountPublicClientApplication b2cApp;
Should I call the the acquireTokenSilentAsync before every api call? The tokens only last for an hour so I can't assume I have a token and I read this article showing:
headers.put("Authorization", "Bearer " + authResult.getAccessToken());
I was previously storing the token in SharedPreferences and using it but it only lasts an hour and I have to refresh the token from another fragment when it fails. I could keep the b2cuser object around but would still need the b2cApp to make a silent call.
What was the intent of the b2capp and b2cuser. Do I keep them in the MainActivity, do I extend the Application and keep them there, do I encapsulate them in an object and instantiate it on authentication failure when calling an api to get another one?
I also want to note that the app can work offline completely so successful api calls need to happen at some point but are not required for the app to function.
I am installed custom app in Microsoft Teams. In custom app i want to get/change the user presence status by using Javascript/C#.net. I followed below way but here we need to pass authProvider. Instead of authProvider, get the user presence why because my custom app already installed in the microsoft Teams why again i need to pass the authProvider Details.
In C#.net side followed below way.
Please provide the solution to get the user presence. or provide other solutions to do this.
For any graph api to access and to provide user details such as presence of an user, Auth provider is mandatory as it secures the details through an access token.
So Auth provider is necessary irrespective of the custom app uploaded in Teams.
Is there any way to override the default social login providers and add some additonal functionality?
I would like to create an account directly as soon as the first login takes place.
Also I would like to know where the auth controller is implemented. Could not find it within https://github.com/Azure/azure-mobile-apps-net-server repository.
Where are these login/auth controllers are coming from?
The authentication providers are in a module sitting in front of your service, so the authentication already happens before you get there. You cannot add functionality to this module.
What you can do is call a custom API on login. Normally, you would use the client.loginAsync() or client.loginWithProvider() methods (depending on the SDK in use). Immediately after the login routine returns, call the client.invokeApi() (or the Async version) to call a custom API to do whatever you need to.
I'm new to Laravel.
I already have an API that authenticates users and creates a JWT token for it. Now in my new app, I want to outsource authentication and authorization to this API.
this new app acts like a front-end for the API, and API handles the logic of app.
I'm not completely familiar with this type of architecture, but I think it's a 3-layer architecture that has been divided physically.
the main problem for me is to handle authentication of users and how to turn the stateless logic of API into a web app.
Should I create a custom auth provider?
How? could you provide an example!
thanks to everyone,
But the final solution was Creating a middleware that handles authentication. for example, the middleware authenticates user through a form and saves the JWT token on a session.
this easy step solved my all problems.
I think what you're looking for is creating a custom guard. See docs here.