If you're looking for help with C#, .NET, Azure, Architecture, or would simply value an independent opinion then please get in touch here or over on Twitter.
Azure AD B2C is Microsoft’s identity provider for social and enterprise logins allowing you to, for example, unify the login process across Twitter, Facebook, and Azure AD / Office 365. It comes with a generous free tier and following that pricing is reasonable particularly compared to the pricing for “enterprise” logins with some of the competition.
However the downside is the documentation for B2C and integration with specific technologies isn’t that clear – there’s nothing particularly strange about B2C, ultimately its just an OpenID Connect identity provider, but there is some nuance in it.
In parallel Microsoft provide MSAL (MicroSoft Authentication Library) for handling authentication from JavaScript clients and here documentation is clearer but still a little incomplete and it can be difficult to figure out the implementation required for a particular scenario – not helped by the library reference having no content other than to repeat method definitions.
I’m currently working with a handful of projects based around React JS, Azure AD B2C, and a combination of ASP.Net Core MVC and Azure Functions and found myself grappling with this. What I was doing seemed eminently reusable (and I hope useful) and so I set some time aside to take what I’d learned and create a B2C specific npm package – react-azure-adb2c.
To install it if you’re using npm:
npm install react-azure-adb2c --save
Or if you’re using yarn:
yarn add react-azure-adb2c
Before continuing you’ll need to set up Azure AD B2C for API access and the three tutorials here are a reasonably easy to follow guide on how to do that. At the end of that process you should have a tenant name, a sign in and/or up policy, an application ID, and one or more scopes.
The first change to make in your app to use the package is to initialize it with your B2C details:
import authentication from 'react-azure-adb2c';
authentication.initialize({
// your B2C tenant
tenant: 'myb2ctenant.onmicrosoft.com',
// the policy to use to sign in, can also be a sign up or sign in policy
signInPolicy: 'mysigninpolicy',
// the the B2C application you want to authenticate with
applicationId: '75ee2b43-ad2c-4366-9b8f-84b7d19d776e',
// where MSAL will store state - localStorage or sessionStorage
cacheLocation: 'sessionStorage',
// the scopes you want included in the access token
scopes: ['https://myb2ctenant.onmicrosoft.com/management/admin'],
// optional, the URI to redirect to after logout
postLogoutRedirectUri: 'http://myapp.com'
});
There are then two main ways you can use the library. You can either protect the entire application (for example if you have a React app that is launched from another landing area) or specific components. To protect the entire application simply wrap the app startup code in index.js as shown below:
authentication.run(() => {
ReactDOM.render(<App />, document.getElementById('root'));
registerServiceWorker();
});
To require authentication for specific components the react-azure-adb2c library provides a function that will wrap a component in a higher order component as shown in the example below:
import React, { Component } from 'react';
import authentication from 'react-azure-adb2c'
import { BrowserRouter as Router, Route, Switch } from "react-router-dom";
import HomePage from './Homepage'
import MembersArea from './MembersArea'
class App extends Component {
render() {
return (
<Router basename={process.env.PUBLIC_URL}>
<Switch>
<Route exact path="/" component={HomePage} />
<Route exact path="/membersArea" component={authentication.required(MembersArea)}>
</Switch>
</Router>
);
}
}
And finally to get the access token to use with API calls:
import authentication from 'react-azure-adb2c' // ... const token = authentication.getAccessToken();
If you find any issues please let me know over on GitHub.
Hopefully that’s useful and takes some of the pain out of using ReactJS with Azure AD B2C and as ever I can be reached on Twitter for discussion.
Recent Comments