Open AdamWorley opened 5 years ago
@AdamWorley sorry currently it's not supported
@Huachao No worries, still a really helpfull extension!
How easy would it be to implement oauth2 or use the MSAL package? If it's not too difficult I'd love to be able to help.
Does your request works for postman uses the oauth2 flow?
Hey @Huachao, To get the token from postman is does use the oauth2 and the implicit flow and uses the send client credentials in body option.
It's also possible to get a token directly for the application, so no user details, but it would seem that token doesn't include a signature .
@AdamWorley thanks for your quick response, and what's your grant type configured in postman which can work?
Hey @Huachao, the grant type is Implicit
@Huachao @AdamWorley has anything further happened with this? I'm trying to get B2C to work as well but I think ADAL is the issue. I have been using Postman with similar settings as above but would prefer to move to the REST Client extension.
@Huachao I see you are using adal-node for v1 auth. Would you be able to use @azure/msal-node for $aadV2Token? This should allow for easy B2C compatibility. It should also handle refreshing the token when expired which does not appear to be working currently with V2.
@darrelmiller does the $aadV2Token
work with AAD B2C authorization?
@Huachao In looking at the code here for $aadV2Token
, it would not work with B2C because it uses a different authority hostname. "https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token"
ADAL won't support it and has been deprecated anyway so ideally it could be replaced with the latest MSAL library.
You can still login into Azure B2C
POST https://contoso.b2clogin.com/tfp/contoso.onmicrosoft.com/B2C_1A_SignUpOrSignInWithAAD/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
username={{B2cUserName}}
&password={{B2cUserPassword}}
&grant_type=password
&scope=openid {{ScopeURL}}
&client_id={{ClientId}}
&response_type=token id_token
Reply is a token that can be used in 'Authorize' header for subsequent calls
If the password has special characters, it might need:
{ "rest-client.formParamEncodingStrategy": "always" }
Hey this extension seems great, and it would be nice to be able to remove the need to have postman but I'm having an issue with using Multi-tennant B2C domains.
Is there a way to provide a policy when using the
$aadToken
variable?I've tried using the following url format (the one swagger works with): https://contoso.b2clogin.com/tfp/contoso.onmicrosoft.com/B2C_1A_SignUpOrSignInWithAAD/oauth2/v2.0/authorize
But it responds saying that https://contoso.b2clogin.com is not an application in the domain my user account is in.
Any help with this would be great!