Microsoft Sign In

[rugulous]

Add a configurable login with Microsoft option.

Configuring:

1. Admin goes to "Authentication" config section
2. Admin logs in with their Microsoft account (in this instance our @byba.online emails) and grants permissions
3. A request is made to the organization endpoint and the following details are captured:
   • TenantID - this is the id returned from the request
   • Realm - this is the verifiedDomain with isDefault = true We don't necessarily need to show the TenantID, but the Realm should be an editable text field.

Logging In: If TenantID is set then display a "Login with Microsoft" button that redirects to https://login.microsoftonline.com/{TenantID}/oauth2/v2.0/authorize, so that we can log the user in.

Additionally, we can use the Realm to detect and redirect based on the email address that the user enters - if the user enters user@byba.online then this could be picked up in JS and redirect to the same link but with an additional login_hint=${email} - this then means that the user only needs to enter their password to complete their Microsoft login (perhaps this should be an additional config option?)

In addition, the Realm and TenantID parameters can be used for other integrations with the Graph API - we don't currently use any of them, and I'm not sure that any of the other associations we are targeting have Office 365 accounts, but may be worth keeping for future developments?

[rugulous]

Now that this page is in Vue, it will be relatively easy to hook up the front end of this - if an email is entered that ends with "@byba.online", redirect to the oauth endpoint - so we don't even need a separate "login" button.

I'll put this in the next sprint!