This repository was archived by the owner on May 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 273
/
Copy pathApp.jsx
106 lines (95 loc) · 4.5 KB
/
App.jsx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
import { useEffect } from 'react';
import { Route, Routes } from 'react-router-dom';
import { MsalProvider, useMsal } from '@azure/msal-react';
import { EventType } from '@azure/msal-browser';
import { PageLayout } from './components/PageLayout';
import { Home } from './pages/Home';
import { b2cPolicies } from './authConfig';
import { compareIssuingPolicy } from './utils/claimUtils';
import './styles/App.css';
const Pages = () => {
/**
* useMsal is hook that returns the PublicClientApplication instance,
* an array of all accounts currently signed in and an inProgress value
* that tells you what msal is currently doing. For more, visit:
* https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-react/docs/hooks.md
*/
const { instance } = useMsal();
useEffect(() => {
const callbackId = instance.addEventCallback((event) => {
if (
(event.eventType === EventType.LOGIN_SUCCESS || event.eventType === EventType.ACQUIRE_TOKEN_SUCCESS) &&
event.payload.account
) {
/**
* For the purpose of setting an active account for UI update, we want to consider only the auth
* response resulting from SUSI flow. "tfp" claim in the id token tells us the policy (NOTE: legacy
* policies may use "acr" instead of "tfp"). To learn more about B2C tokens, visit:
* https://docs.microsoft.com/en-us/azure/active-directory-b2c/tokens-overview
*/
if (event.payload.idTokenClaims['tfp'] === b2cPolicies.names.editProfile) {
// retrieve the account from initial sing-in to the app
const originalSignInAccount = instance
.getAllAccounts()
.find(
(account) =>
account.idTokenClaims.oid === event.payload.idTokenClaims.oid &&
account.idTokenClaims.sub === event.payload.idTokenClaims.sub &&
account.idTokenClaims['tfp'] === b2cPolicies.names.signUpSignIn
);
let signUpSignInFlowRequest = {
authority: b2cPolicies.authorities.signUpSignIn.authority,
account: originalSignInAccount,
};
// silently login again with the signUpSignIn policy
instance.ssoSilent(signUpSignInFlowRequest);
}
/**
* Below we are checking if the user is returning from the reset password flow.
* If so, we will ask the user to reauthenticate with their new password.
* If you do not want this behavior and prefer your users to stay signed in instead,
* you can replace the code below with the same pattern used for handling the return from
* profile edit flow
*/
if (compareIssuingPolicy(event.payload.idTokenClaims, b2cPolicies.names.forgotPassword)) {
let signUpSignInFlowRequest = {
authority: b2cPolicies.authorities.signUpSignIn.authority,
};
instance.loginRedirect(signUpSignInFlowRequest);
}
}
if (event.eventType === EventType.LOGIN_FAILURE) {
// Check for forgot password error
// Learn more about AAD error codes at https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-aadsts-error-codes
if (event.error && event.error.errorMessage.includes('AADB2C90118')) {
const resetPasswordRequest = {
authority: b2cPolicies.authorities.forgotPassword.authority,
scopes: [],
};
instance.loginRedirect(resetPasswordRequest);
}
}
});
return () => {
if (callbackId) {
instance.removeEventCallback(callbackId);
}
};
// eslint-disable-next-line
}, [instance]);
return (
<Routes>
<Route path="/" element={<Home />} />
</Routes>
);
};
const App = ({ instance }) => {
return (
<MsalProvider instance={instance}>
<PageLayout>
<Pages />
</PageLayout>
</MsalProvider>
);
}
export default App;