sync

Author: derisen

2-Authorization/1-call-graph/App/controllers/mainController.js

@@ -3,8 +3,14 @@ exports.getHomePage = (req, res, next) => {
     res.render('home', { isAuthenticated: isAuthenticated });
 }
 
-exports.getProfile = (req, res, next) => {
+exports.getProfilePage = (req, res, next) => {
+    const isAuthenticated = req.session.isAuthenticated;
+    const profile = req.session.graphAPI["resourceResponse"]; // the name of your api in auth.json
+    res.render('profile', {isAuthenticated: isAuthenticated, profile: profile});
+}
+
+exports.getIdPage = (req, res, next) => {
     const isAuthenticated = req.session.isAuthenticated;
     const claims = req.session.idTokenClaims;
-    res.render('profile', {isAuthenticated: isAuthenticated, claims: claims});
+    res.render('id', {isAuthenticated: isAuthenticated, claims: claims});
 }

2-Authorization/1-call-graph/App/routes/router.js

@@ -21,7 +21,8 @@ router.get('/signout', msal.signOut);
 router.get('/redirect', msal.handleRedirect);
 
 // protected routes
-router.get('/profile', msal.isAuthenticated, msal.getToken, mainController.getProfile); // get token for this route to call web API
+router.get('/profile', msal.isAuthenticated, msal.getToken, mainController.getProfilePage); // get token for this route to call web API
+router.get('/id', msal.isAuthenticated, mainController.getIdPage);
 router.get('/write', msal.isAuthenticated, todoController.writeNote);
 router.post('/write', msal.isAuthenticated, todoController.postNote);
 router.get('/notes/:noteId', msal.isAuthenticated, todoController.seeNote);

2-Authorization/1-call-graph/App/views/id.ejs

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" status="width=device-width, initial-scale=1.0">
+
+        <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
+        <link rel="stylesheet" href="/style.css">
+        <title>ID</title>
+    </head>
+    <body>
+
+        <%- include('includes/navbar', {isAuthenticated: isAuthenticated}); %>
+
+        <div class="table-area-div">
+            <table class="table">
+                <thead class="thead-dark">
+                    <tr>
+                        <th scope="col">Claim</th>
+                        <th scope="col">Value</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <% for (const [key, value] of Object.entries(claims)) { %>
+                        <tr>
+                            <td><%= key %></td>
+                            <td><%= value %></td>
+                        </tr>
+                    <% } %>
+                </tbody>
+            </table>
+        </div> 
+
+        <%- include('includes/footer'); %>
+
+        <script src="https://code.jquery.com/jquery-3.4.1.slim.min.js" integrity="sha384-J6qa4849blE2+poT4WnyKhv5vZF5SrPo0iEjwBvKU7imGFAV0wwj1yYfoRSJoZ+n" crossorigin="anonymous"></script>
+        <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js" integrity="sha384-Q6E9RHvbIyZFJoft+2mJbHaEWldlvI9IOYy5n3zV9zzTtmI3UksdQRVvoxMfooAo" crossorigin="anonymous"></script>  
+        <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script>
+    </body>
+</html>

2-Authorization/1-call-graph/App/views/includes/navbar.ejs

@@ -3,6 +3,7 @@
     <div class="btn-group ml-auto dropleft">
         <% if (isAuthenticated) { %>
             <a class="btn btn-secondary" href="/profile" role="button">Profile</a>
+            <a class="btn btn-secondary" href="/id" role="button">ID</a>
             <a class="btn btn-success" href="/signout" role="button">Sign-out</a>
         <% } else { %>
             <a class="btn btn-secondary" href="/signin" role="button">Sign-in</a>

2-Authorization/1-call-graph/App/views/profile.ejs

@@ -21,7 +21,7 @@
                     </tr>
                 </thead>
                 <tbody>
-                    <% for (const [key, value] of Object.entries(claims)) { %>
+                    <% for (const [key, value] of Object.entries(profile)) { %>
                         <tr>
                             <td><%= key %></td>
                             <td><%= value %></td>

2-Authorization/1-call-graph/AppCreationScripts/sample.json

@@ -0,0 +1,51 @@
+{
+    "Sample": {
+        "Title": "A Node.js & Express Web App calling Microsoft Graph API using MSAL Node",
+        "Level": 100,
+        "Client": "Node.js Express Web App",
+        "RepositoryUrl": "ms-identity-javascript-nodejs-tutorial",
+        "Endpoint": "AAD v2.0"
+    },
+    "AADApps": [
+      {
+        "Id": "webApp",
+        "Name": "ExpressWebApp-3",
+        "Kind": "WebApp",
+        "Audience": "AzureADMyOrg",
+        "HomePage": "https://localhost:4000/",
+        "ReplyUrls": "http://localhost:4000/redirect",
+        "PasswordCredentials": "Auto",
+        "RequiredResourcesAccess": [
+          {
+            "Resource": "Microsoft Graph",
+            "DelegatedPermissions": [ "User.Read" ]
+          }
+        ]
+      }
+    ],
+    "CodeConfiguration": [
+      {
+        "App": "webApp",
+        "SettingKind": "JSON",
+        "SettingFile": "\\..\\auth.json",
+        "Mappings": [
+          {
+            "key": "clientId",
+            "value": ".AppId"
+          },
+          {
+            "key": "tenantId",
+            "value": "$tenantId"
+          },
+          {
+            "key": "clientSecret",
+            "value": ".AppKey"
+          },
+          {
+            "key": "redirectUri",
+            "value": ".ReplyUrls"
+          }
+        ]
+      }
+    ]
+  }