search

AzureAD / azure-activedirectory-library-for-js

The code for ADAL.js and ADAL Angular has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.
https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular
Apache License 2.0
627 stars 374 forks source link

Authentication fails while accessing spring-boot service from Angular application , using Oauth2 #793

Closed Gopal-Git closed 4 years ago

Gopal-Git commented 6 years ago

I have 2 application

Angular Spring-boot application I have registered 2 different Apps in Azure App registrations one for Angular and one for Spring-boot

The Angular app runs on http://localhost:4200 which is my ui, The spring-boot runs on http://localhost:8080 where my service is running (v1/users is one of the flows of service which returns users from in built database.)

When I am running spring-boot application and accessing v1/users (providing Bearer as token in header) through postman, I get response correctly. To generate token use below url : https://login.microsoftonline.com/{tenant_id}/oauth2/authorize?client_id={spring_app_clinet_id_from_azure}&response_type=code&redirect_uri=http://localhost:8080/

Use below configuration for dev run for dev run -Dspring.profiles.active=dev -DAPPLICATION_INSIGHTS_IKEY= -Dazure.registered.application.id.as.client.id= -Dazure.registered.application.key.as.clientsecret= -Dazure.directory.id.as.tenant= -Dmicrosoft.sql.server.jdbc.url=jdbc:sqlserver://SQL12DEV:1433;databaseName=db_name;sendStringParametersAsUnicode=false -Dmicrosoft.sql.server.jdbc.username= -Dmicrosoft.sql.server.jdbc.password=

However if I access v1/users from my Angular application I get Invalid access token error. I have checked in developer tools that it generates token for both application and send correct generated token in request header. For this token I get 401 unauthorized response from service. Here I have used ADAL for generating the tokens and configured environment.ts with end point and client id. I have also provided the "Required Permission" in Azure application to access the service.

I have refered couple of blogs and microsoft documents. I could not find any solution for this problem. https://azure.microsoft.com/en-us/resources/samples/active-directory-angularjs-singlepageapp-dotnet-webapi/?cdn=disable

Please find code for both project in *.zip.

Any suggestions will be highly appreciated. angular_code.zip Spring_project.zip

jmckennon commented 4 years ago

All current authentication work from Microsoft is delivered through the msal js library here. adal js is still supported only for security fixes. We recommend moving to msal js for any advanced feature requests and bugfixes.

msal-angular is specifically being worked on and ported to the latest release, msal@1.2.0. The general flow and documentation of the angular wrapper should be immensely improved over adal-angular, and improved even more of the next few months.