This repository was archived by the owner on May 17, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 174
Expand file tree
/
Copy pathauth-config.ts
More file actions
79 lines (72 loc) · 3.64 KB
/
auth-config.ts
File metadata and controls
79 lines (72 loc) · 3.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
/**
* This file contains authentication parameters. Contents of this file
* is roughly the same across other MSAL.js libraries. These parameters
* are used to initialize Angular and MSAL Angular configurations in
* in app.module.ts file.
*/
import { LogLevel, Configuration, BrowserCacheLocation } from '@azure/msal-browser';
const isIE = window.navigator.userAgent.indexOf("MSIE ") > -1 || window.navigator.userAgent.indexOf("Trident/") > -1;
/**
* Configuration object to be passed to MSAL instance on creation.
* For a full list of MSAL.js configuration parameters, visit:
* https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md
*/
export const msalConfig: Configuration = {
auth: {
clientId: 'Enter_the_Application_Id_Here', // This is the ONLY mandatory field that you need to supply.
authority: 'https://login.microsoftonline.com/Enter_the_Tenant_Info_Here', // Defaults to "https://login.microsoftonline.com/common"
redirectUri: '/auth', // Points to window.location.origin by default. You must register this URI on Azure portal/App Registration.
postLogoutRedirectUri: '/', // Points to window.location.origin by default.
},
cache: {
cacheLocation: BrowserCacheLocation.LocalStorage, // Configures cache location. "sessionStorage" is more secure, but "localStorage" gives you SSO between tabs.
storeAuthStateInCookie: isIE, // Set this to "true" if you are having issues on IE11 or Edge. Remove this line to use Angular Universal
},
system: {
/**
* Below you can configure MSAL.js logs. For more information, visit:
* https://docs.microsoft.com/azure/active-directory/develop/msal-logging-js
*/
loggerOptions: {
loggerCallback(logLevel: LogLevel, message: string) {
console.log(message);
},
logLevel: LogLevel.Verbose,
piiLoggingEnabled: false
}
}
}
/**
* Add here the endpoints and scopes when obtaining an access token for protected web APIs. For more information, see:
* https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/resources-and-scopes.md
*/
export const protectedResources = {
apiTodoList: {
endpoint: "https://localhost:44351/api/todolist",
scopes: ["api://Enter_the_Web_Api_Application_Id_Here/access_via_group_assignments"]
},
apiGraph: {
endpoint: "https://graph.microsoft.com/v1.0/me/checkMemberGroups",
scopes: ["User.Read", "GroupMember.Read.All"]
}
}
/**
* Scopes you add here will be prompted for user consent during sign-in.
* By default, MSAL.js will add OIDC scopes (openid, profile, email) to any login request.
* For more information about OIDC scopes, visit:
* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#openid-connect-scopes
*/
export const loginRequest = {
scopes: [...protectedResources.apiTodoList.scopes]
};
export const groups = {
groupAdmin: "Enter the object ID for GroupAdmin group copied from Azure Portal",
groupMember: "Enter the object ID for GroupMember group copied from Azure Portal"
}
/**
* IMPORTANT: In case of overage, group list is cached for 1 hr by default, and thus cached groups
* will miss any changes to a users group membership for this duration. For capturing real-time
* changes to a user's group membership, consider implementing Microsoft Graph change notifications.
* For more information, visit: https://learn.microsoft.com/graph/api/resources/webhooks
*/
export const CACHE_TTL_IN_MS = 60 * 60 * 1000; // 1 hour in milliseconds