1.0.10 • Published 6 months ago
@sivaprakash_rajaram/azure-auth-manager v1.0.10
NestJS Azure AD B2C Authentication Library with PKCE
This library simplifies authentication with Azure AD B2C in your NestJS applications using the PKCE (Proof Key for Code Exchange) flow. It handles the complexities of the OAuth 2.0 flow, allowing you to focus on building your application's features.
Features
- 🔒 Secure PKCE flow implementation
- 🚀 Seamless NestJS integration
- 🔄 Automatic token management
- 🛠 Customizable configuration
- 📊 Comprehensive error handling and logging
Architecture Diagram
PKCE Flow
Installation
$ npm install @nest-js/azure-auth-managerUsage
Module Configuration
Import and configure the AuthManager in your app.module.ts:
import { Module } from '@nestjs/common';
import { AuthManager } from './module';
@Module({
imports: [AuthManager],
providers: [AuthLoginInterceptor]
})
export class AppModule {
}Configuration
Env based configuration
HTTP_PROXY=http://internet.ford.com:83
ADB2C_DOMAIN_NAME={tenant}.b2clogin.com
ADB2C_TENANT_NAME={tenant}
ADB2C_POLICY_NAME={tenant_policy}
ADB2C_CLIENT_ID= xxxxxxxx-f1e4-44f0-xxxxxx-4f3483xxxxxxx
ADB2C_SCOPE={scope}
ADB2C_TOKEN_SCOPE=https://{tenant}.onmicrosoft.com/{tenant}/SelfAccess
ADB2C_REDIRECT_URI=http://localhost:8080/{app_context}/v1/auth/redirect
FRONT_END_BASE_URL=http://localhost:3000
FRONT_END_ERROR_PAGE=http://localhost:3000/error
COOKIE_OPTION_SAME_SITE=none
COOKIE_OPTION_DOMAIN=localhost
COOKIE_OPTION_PARTITIONED=false
COOKIE_OPTION_PATH=/
COOKIE_OPTION_HTTP_ONLY=true
COOKIE_OPTION_SECURE=true
SESSION_EXPIRY_IN_MILLISECONDS=3000000USING DECORATORS
Inject and use the decorators in your controllers:
import { Controller} from '@nestjs/common';
import { Login, Redirect, SessionInfo } from '../auth-manager/module';
@Controller('v1/auth')
export class AuthController {
@Login('login')
async login() {}
@Redirect('redirect')
async redirectToDashboard(){}
@SessionInfo('sessionInfo')
async getSessionInfo() {}
}USING INTERCEPTORS
Inject and use the decorators in your controllers:
import { Controller, UseInterceptors } from '@nestjs/common';
import { Login, Redirect, SessionInfo } from '../auth-manager/module';
import { AuthLoginInterceptor, AuthRedirectInterceptor, AuthSessionInfoInterceptor } from './auth.interceptors';
@Controller('v1/auth')
export class AuthController {
@UseInterceptors(AuthLoginInterceptor)
@Get('login')
async login() {
//your application functionality here
}
@UseInterceptors(AuthRedirectInterceptor)
@Post('redirect')
async redirectToDashboard() {
//your application functionality here
}
@UseInterceptors(AuthSessionInfoInterceptor)
@Get('sessionInfo')
async getSessionInfo() {
//your application functionality here
}
}Protecting Routes
Use the AuthGuard to protect routes that require authentication:
import { Controller, UseGuards, UseInterceptors } from '@nestjs/common';
import { AuthGuard } from './auth.interceptors';
// Guard at Controller level
@UseGuards(AuthGuard)
@Controller('v1/produts')
export class ProductsController {
@Get()
async getProducts() {
//your application functionality here
}
}import { Controller, UseGuards, UseInterceptors } from '@nestjs/common';
import { ValidateSession } from './auth.decorators';
@Controller('v1/produts')
export class ProductsController {
// Guard at function level
@ValidateSession()
@Get()
async getProducts() {
//your application functionality here
}
}Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
Fork the repository
Create your feature branch (git checkout -b feature/AmazingFeature)
Commit your changes (git commit -m 'Add some AmazingFeature')
Push to the branch (git push origin feature/AmazingFeature)
Open a Pull RequestContact
Prasanna Radhakrishnan
pradhak4@ford.com
Ford - Integrated Services