1. StackOverflow 文档
  2. azure-active-directory 教程
  3. 使用 ADAL Cordova 插件实现 Azure Active Directory B2C
  4. 使用 ADAL Cordova 插件实现 Azure Active Directory B2C

使用 ADAL Cordova 插件实现 Azure Active Directory B2C

Created: November-22, 2018

请参考此处的示例: https//github.com/NewtonJoshua/Azure-ADB2C-Angularjs-sample

Azure AD B2C

Azure AD B2C 是适用于你的 Web 和移动应用程序的云身份管理解决方案。它是一种高度可用的全球服务,可扩展到数亿个身份。

移动应用程序 - ADAL 插件

移动应用程序实现使用 ADAL Cordova Plugin Patch For B2C 。这是适用于 Apache Cordova 应用程序的 Active Directory 身份验证库(ADAL)插件的切割版本, cordova-plugin-ms-adal 可与 Azure AD B2C 配合使用。原始的 cordova-plugin-ms-adal 插件利用 Active Directory 为你的 Apache Cordova 应用程序提供易于使用的身份验证功能。

找到下面的 angularjs / ionicframework 示例

安装依赖项:

cordova plugin add https://github.com/jospete/azure-activedirectory-library-for-cordova --save

bower install angular-jwt --save

我们有一个 LoginController

.controller('LoginController', function($scope, $state, $ionicPopup, jwtHelper, AdalService) {

    $scope.login = function(){
        AdalService.login().then(function(authResponse) {
        displayUserDetails(getUserData(authResponse));
    });

    $scope.logout = AdalService.logout;

    // Decode decode the token and diaplay the user details
    function getUserData(response) {
        var user = {};
        user.token = response.access_token || response.token;
        var data = jwtHelper.decodeToken(user.token);
        user.expires_in = new Date(response.expires * 1000) || response.expiresOn;
        user.name = data.name;
        user.email = data.emails ? data.emails[0] : '';
        user.id = data.oid;
        return user;
    };

    function displayUserDetails(user) {
        $scope.user = user;
        $ionicPopup.alert({
            title: user.name,
            template: '<b>Email:</b> ' + user.email + '<br> <b>Id:</b> <code>' + user.id + '</code>'
        });
    }

});

在此处输入 Azure AD B2C 设置

.value('settings', {
    // ADAL-B2C configuration
    adalB2C: {
        tenantName: 'Enter your tenant name',
        clientId: 'Enter your client id',
        policy: 'Enter your policy name'
    }
});

这是使用 ADAL 插件实现 Azure AD B2C 的 adal.service

angular .module(‘azureADB2C’)。service(‘AdalService’,function($ q,$ http,settings){

    var extraQueryParams = 'nux=1';
    var userId = null;
    var redirectUri = 'https://login.microsoftonline.com/tfp/oauth2/nativeclient';
    var authority = 'https://login.microsoftonline.com/' + settings.adalB2C.tenantName;
    var resourceUri = 'https://graph.windows.net';

    this.login = function() {
        var deferredLoginResponse = $q.defer();
        var authContext = new Microsoft.ADAL.AuthenticationContext(authority);
        // Attempt to authorize user silently
        authContext.acquireTokenSilentAsync(resourceUri, settings.adalB2C.clientId, userId, redirectUri, settings.adalB2C.policy)
            .then(function(authResponse) {
                deferredLoginResponse.resolve(authResponse);
            }, function() {
                // We require user credentials so triggers authentication dialog
                authContext.acquireTokenAsync(resourceUri, settings.adalB2C.clientId, redirectUri, userId, extraQueryParams, settings.adalB2C.policy)
                    .then(function(authResponse) {
                        deferredLoginResponse.resolve(authResponse);
                    }, function(err) {
                        deferredLoginResponse.reject(err);
                    });
            });
        return deferredLoginResponse.promise;
    };

    this.logout = function() {
        // Step1: clear cache
        var authContext = new Microsoft.ADAL.AuthenticationContext(authority);
        authContext.tokenCache.clear();

        // Step2: make XmlHttpRequest pointing to the sign out url
        return $http.post(authority + '/oauth2/logout?post_logout_redirect_uri=' + redirectUri);
    };

});