OpenID Connect with Azure AD using Torii

@genwip wrote:

I'm trying to create a custom Torii provider for AzureAD OpenID Connect. I'm getting

   "Error: The response from the provider is missing these required response params: id_token"

am I missing anything?? is there any way we could OpenID Connect working with Azure AD?

Here is my custom provider :

import Ember from 'ember';
import Oauth2 from 'torii/providers/oauth2-code';
import {configurable} from 'torii/configuration';

var computed = Ember.computed;

/**
 * This class implements authentication against AzureAD
 * using the OAuth2 authorization flow in a popup window.
 * @class
 */
export default Oauth2.extend({
  name: 'azure-ad-oidc',

  baseUrl: computed(function() {
      return 'https://login.windows.net/' + this.get('tennantId') + '/oauth2/authorize';
    }),

    tennantId: configurable('tennantId', 'common'),

    // additional url params that this provider requires
    requiredUrlParams: ['api-version','response_mode', 'nonce'],

    optionalUrlParams: ['scope'],

    responseMode: configurable('responseMode', null),

    responseParams: computed(function () {
      return [ this.get('responseType') ];
    }),

    state: 'STATE',

    apiVersion: '1.0',

    nonce : configurable('nonce', null),

    responseType: configurable('responseType', 'null'),

    redirectUri: configurable('redirectUri', function(){
      // A hack that allows redirectUri to be configurable
      // but default to the superclass
      return this._super();
    }),

    open: function(){
      var name        = this.get('name'),
          url         = this.buildUrl(),
          redirectUri = this.get('redirectUri'),
          responseParams = this.get('responseParams'),
          responseType = this.get('responseType'),
          state = this.get('state'),
          shouldCheckState = responseParams.indexOf('state') !== -1;

      return this.get('popup').open(url, responseParams).then(function(authData){
        var missingResponseParams = [];

        responseParams.forEach(function(param){
          if (authData[param] === undefined) {
            missingResponseParams.push(param);
          }
        });

        if (missingResponseParams.length){
          throw new Error("The response from the provider is missing " +
                "these required response params: " + missingResponseParams.join(', '));
        }

        if (shouldCheckState && authData.state !== state) {
          throw new Error('The response from the provider has an incorrect ' +
                          'session state param: should be "' + state + '", ' +
                          'but is "' + authData.state + '"');
        }

        return {
          authorizationCode: authData[responseType],
          provider: name,
          redirectUri: redirectUri
        };
      });
    }

});

configuration.js

torii: {
  sessionServiceName: 'toriiSession',
  providers: {
    'azure-ad-oidc' :{
      tennantId : 'tenant id',
      client_id : 'client_id',
      redirectUri : 'http://localhost:4200',
      nonce : 'my_nonce',
      responseMode : 'form_post',
      responseType : 'id_token',
      scope : 'openid',
      apiKey : ''
    }
  }
},

routes/application.js

import Ember from 'ember';

export default Ember.Route.extend({
  actions: {
    azureLogin: function() {
        this.get('torii').open('azure-ad-oidc').then(function(data) {
              var authCode = this.get('toriiSession.authorizationCode');
              console.log(authCode);
        });
    }
  }
});

Posts: 1

Participants: 1

Read full topic