search

MicrosoftDocs / azure-docs

Open source documentation of Microsoft Azure
https://docs.microsoft.com/azure
Creative Commons Attribution 4.0 International
10.21k stars 21.36k forks source link

Infinite Redirects With Node.JS ADAL #13350

Closed Captainlonate closed 3 years ago

Captainlonate commented 6 years ago

Hello,

This is for the Node.JS ADAL with passport, using OIDC.

I am attempting to follow the instructions on this microsoft docs page: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v1-openid-connect-code

My problem is that, after completing the tutorial, I'm getting infinite redirects when I attempt to access: http://localhost:3000/login

I downloaded the sample code (zip) and did an 'npm install'.

I put my client secret in config.js. Next, I put my clientId in config.js.

Then, I tried to run "node app.js", but I got this error: "Invalid value for redirectUrl.The URL must be valid and be https:// or http://"

So then I added: "redirectUrl: config.creds.returnURL," to app.js, under "new OIDCStrategy()".

Still got the same error.

So then I added "allowHttpForRedirectUrl: true," to app.js, under new OIDCStrategy({}).

Then I ran "node app.js" again, and it finally booted up and listens for requests on localhost:3000.

I tried to access localhost:3000/login in a browser, and now I'm getting infinite redirects.

Also, I've added the following Reply Urls in my Azure AD Portal: http://localhost http://localhost:3000 http://localhost:3000/ http://localhost:3000/auth/openid/return

Next I even tried changing the "returnURL" within config.js to "http://localhost:3000/". Before changing it, it was 'http://localhost:3000/auth/openid/return' by default. Neither made a difference.

I also changed responseType from 'id_token code' to 'id_token'. But, it made no difference either.

I'm still getting infinite redirects. What gives?

For Clarity, here is my what 'passport.use()' statement currently looks like:

passport.use(new OIDCStrategy({
    callbackURL: config.creds.returnURL,
    redirectUrl: config.creds.returnURL,
    realm: config.creds.realm,
    clientID: config.creds.clientID,
    clientSecret: config.creds.clientSecret,
    oidcIssuer: config.creds.issuer,
    identityMetadata: config.creds.identityMetadata,
    skipUserProfile: config.creds.skipUserProfile,
    responseType: config.creds.responseType,
    allowHttpForRedirectUrl: true,
    responseMode: config.creds.responseMode
  },

This is sort of what my config.creds looks like (obviously I redacted my clientId and clientSecret):

exports.creds = {
    returnURL: 'http://localhost:3000/',
    identityMetadata: 'https://login.microsoftonline.com/common/.well-known/openid-configuration',
    clientID: 'this-is-my-client-id',
    clientSecret: 'my-client-secret', 
    skipUserProfile: true,
    responseType: 'id_token',
    responseMode: 'query'
 };
mike-urnun-msft commented 6 years ago

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

mike-urnun-msft commented 6 years ago

@Captainlonate Thank you for your feedback! We will investigate and get back to you with the relevant info.

MohitGargMSFT commented 6 years ago

@Captainlonate Thanks for reporting. I was getting the same error using the document steps. I made below modifications in my local solution -

  1. Added redirectUrl: config.creds.returnURL, in new OIDCStrategy
  2. Added allowHttpForRedirectUrl: true, in new OIDCStrategy
  3. Modified Step1.8 , to add reply URL in Azure Portal to http://localhost:3000/

Once, I did above change the solution in my local. I am able to run solution and login but it gives me Cannot Post/

s1

I will assign this issue to content author to further investigate and make required changes in documented steps.

usamamashkoor commented 5 years ago

I am facing the same issue has anyone figured this one out...?

CelesteDG commented 5 years ago

@Captainlonate and @usamamashkoor - Can you please confirm that this is the quickstart that you followed: https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS (the link in this thread should be redirecting to this now)?

CC @navyasric - This is related to the Node.js quickstart on Github

@MohitGargMSFT @SaurabhSharma-MSFT @mike-urnun-msft - Please reassign the issue to @navyasric as she owns the page on Github and can update if needed.

jameshkramer commented 5 years ago

@navyasric, you are the assignee for this open GitHub issue. I am investigating whether open issues should remain open and, if so, who the assignees should be. This issue has shown no activity since December of last year. Should it remain open? Are you the proper assignee; i.e. the one responsible for getting it fixed and closed?

Thank you.

Jim Kramer (v-jakram, Aquent)

MicrosoftGuyJFlo commented 3 years ago

please-close