Move To Cloud – ADAL.JS and Token Services

At this point I have pretty much stripped out the ADAL.JS library to include minimal code needed to acquire tokens based on user’s identity. The stripped file is only about 180 lines of code and 7 kb in size and its not even compressed.

Token Services is an azure website, I have hosted it at https://tokenservices.azurewebsites.net/adaltoken.html, the page adaltoken.html takes a query string parameter redirect_url=‘the page to receive the acquired token’, and and upon successful authentication puts the acquired token in another query string parameter called adal_token=‘token‘, it also puts the issue time for the token in a query string parameter called adal_token_issued=‘issue time’. This page can be called from any where needing an access token. As needed it prompts the user to enter the WAAD credentials, adal.js provided token has a lifetime of about an hour.

 

 

adaltoken1adaltoken2

 

Move To Cloud – Platform Website ADAL.JS and CORS

With the Authentication Team at Microsoft really keeping up with ADAL (Active Directory Authentication Library) and Vittorio’s excellent white board illustrations on the new ADAL for JavaScript made me redo the authentication mechanism from my previous post now using ADAL.JS instead. Our platform sites will use ADAL for Authentication and we will add OWIN and Katana support in our Web APIs. The assumption is that asp.net is shrinking down with just core .net framework components, no WCF and probably no IIS in the future.

In this first sample I will provide a simple api/controller that will be called presenting a Bearer token, previously acquired using a single html page with adal.js. We will host this page in a different domain and I will also add CORS support in the web api.

The two azure sites:
1 – https://tokenservices.azurewebsites.net (hosts the token issuer using adal.js)
2 – https://platform-core.azurewebsites.net (core apis with a demo controller api/id)

Steps:
In the Azure Portal Active Directory register the application. The ADAL.js on GIT lists all the steps needed for that.
Create the Azure Websites.
Publish the your solution.

Platform1

Platform2

Platform3

Platform4

Platform5

Now that we have the web/apis that are protected against AD, in the next post I will enhance the core project to provide some capabilities around Azure Management APIs for accessing Azure Websites and Azure Scheduler programmatically. I will also build an Office 365 SharePoint online App that will consume our api/id controller developed here. I will post that on a separate post that is related to SharePoint here.