React Easy Auth is a react component wrapper that provides single sign-on experience to a React application.
Main features:
- Enabale Microsoft single sign-on using easy auth .
apiFetch
function handles getting and refreshing the token when required.graphApiFetch
helps to call graph/third party api
npm install @unicef/react-easyauth --save
// index.js
import { EasyAuthProvider } from "@unicef/react-easyauth"
ReactDOM.render(
<EasyAuthProvider url="appurl" graphUrl="graphUrl">
<App />
</EasyAuthProvider>,
document.getElementById("root")
)
// app.js or jsx
import React from "react"
import { EasyAuthContext, apiFetch, graphApiFetch } from "@unicef/react-easyauth"
export default function MyComponent() {
//initlialize the context
const authContext = React.useContext(EasyAuthContext)
//call the graph api
graphApiFetch(authContext, "/v1.0/users")
.then(function(res) {
if (res.ok) return res.json()
})
.then(json => {
console.log(json.value.length)
setCount(json.value.length)
})
//call the application api
apiFetch(authContext, url)
.then(function(res) {
if (res.ok) return res.json()
})
.then(json => {
console.log(json.value.length)
setCount(json.value.length)
})
return <React.Fragment></React.Fragment>
}
An example is available in the example folder
Although EasyAuth simplifies handling the auth token, it does not fully simplify the localhost development :( due to CORS issues.
A workaround is to tell your browser to skip CORS.
-
Open a command Window and run chrome with the following arguments:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --disable-gpu --user-data-dir=~/chromeTemp'
-
Open the react application on the new browser.
Note that creating a shortcut with that command in the target field may be pretty convenient.
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --disable-gpu --user-data-dir=~/chromeTemp
Optionally you can create an alias in your ~/bash_profile
:
echo Adding alias chromecors
alias chromecors='/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --disable-gpu --user-data-dir=~/chromeTemp'
After that whenever you open a terminal you will see Adding alias chromecors and you can run
chromecors
It is only required to install CORS Everywhere plugin
Initially, you can add third party APIs to your EasyAuth token so you don't need handle that yourself. However you need to do some changes in your App Service configuration:
In https://portal.azure.com
- In Azure AD Services / App Registrations, locate the application.
- In API Permissions / options, add MS Graph
User.Read.All
. - Check the box Admin consent.
In https://resources.azure.com
-
On the left browser click on subscriptions -> Subcription name -> resourceGroups -> resourceGroupName -> providers -> Microsoft.Web -> sites -> -> config -> authsettings -> Edit
-
Update property
additionalLoginParams
. Replace"additionalLoginParams": null,
with
"additionalLoginParams": [ "response_type=code id_token", "resource=https://graph.microsoft.com" ],
-
Click Put to save the settings.
In order to extend this component, clone the project and install the dependencies.
git clone https://github.com/unicef/react-easyauth.git
cd react-easyauth
npm install
The following commands are available:
Builds the component outputing it in the dist
folder. It is refreshed everytime you make changes in the code.
npm start
To see the output in the browser run the example app (/example)
cd example
npm install (only first time)
npm start
Runs the app in the development mode. Open http://localhost:3000 to view the app in the browser.
It will reload automatically upon edits. Lint errors are also displayed on the console.
Outputs the build for production to the dist
folder.
Generates the documentation available on.
Open http://localhost:6060 to view it in the browser.
It watches for changes and automatically reloads the browser.
We use styleguidelist for documenting our custom components.
Builds the styleguide documentation for production. The output targets the styleguide
folder.
Copyright (c) 2019 UNICEF.org
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.