Closed nelsonic closed 1 year ago
nelsonic
commented
2 years ago https://www.theverge.com/2022/3/25/22995144/microsoft-foreign-corrupt-practices-bribery-whistleblower-contracting https://www.reuters.com/article/us-microsoft-settlement-idUSKCN1UH1P3 https://www.microsoft.com/en-us/legal/compliance/anticorruption https://www.business-humanrights.org/en/latest-news/microsoft-bosses-told-child-slavery-must-end/
nelsonic
commented
2 years ago Wish I'd had time to do this while I was still doing my FinTech Consulting ๐งโ๐ป [so I had a couple of MSFT accounts I could test with ...] ๐งช
But it's all good; still know plenty of people we can call to help Beta Test this once it's working. ๐
@LuchoTurtle how confident do you feel about your Elixir skills? ๐ฆ
Want to discuss this as a potential mini-project to work on? ๐ฌ
Much of the code can be "borrowed" from our existing repos as noted in the OP โฌ๏ธ
If we can get Microsoft Auth working ahead of the Auth Rebuild https://github.com/dwyl/auth/issues/207 ๐
it would be awesome to include it as the "3rd option" for people to authenticate to our App. ๐ค
nelsonic
commented
2 years ago @LuchoTurtle please remember to leave comments on the issue you're working on through the day. ๐ฌ ๐
And before you leave your desk/office git push your code to GitHub so that it's saved. ๐พ
I once lost a whole day's work when my I forgot to git push and my laptop died ... it was painful. ๐ข
LuchoTurtle
commented
2 years ago @nelsonic Sorry about that! Here's a quick rundown:
I spent most of the time actually battling with Azure Portal and understanding the flow of execution. I think I explained most of the setup needed so far in the guide I'm writing as I'm developing.
I realised that at first I was doing an implicit grant flow, where ID tokens and access tokens are returned directly from the /authorize endpoint instead of the /token endpoint.
But after scouring through the documentation, I realised this wasn't the best idea since it wasn't the most secure option when compared with the classic auth code flow thru OpenID Connect. So I had to redo some things to make it work.
And yes, I pushed most of my code to a different branch. I can't push directly to main because I don't have access and it's a protected branch ๐
nelsonic
commented
2 years ago Yeah, we don't tend to push to main.
Your microsoft-auth looks good. ๐
Does MSFT OAuth require you to use the Azure Portal? ๐ญ Not going to step on your toes while you're working. ๐ But make sure you share your progress as comments so you don't forget anything. โ๏ธ
LuchoTurtle
commented
2 years ago Does MSFT OAuth require you to use the Azure Portal? ๐ญ
Yes it does! The same way you have to register an application when authenticating with Google, you ought to use Active Directory so our application has something to authenticate into ๐ค (AD is inside Azure Portal, amongst a myriad of other services).
nelsonic
commented
2 years ago Cool. That was my suspicion through superficial reading of the docs, but you spent a lot more time with them yesterday - to the point of being our new "expert"! - so thank you for confirming. ๐
Create Microsoft Auth so that I can authenticate with my Microsoft Account.
There are 1.4 Billion active devices running Windows 10 or 11: https://news.microsoft.com/bythenumbers/en/windowsdevices
This doesn't actually tell us anything about how many "On Microsoft" accounts there are ... gotta keep digging.
Statista is usually pretty reliable. Over 1.3 Million companies use Microsoft Office 365: https://www.statista.com/statistics/983321/worldwide-office-365-user-numbers-by-country/
Some companies are much bigger than others. But if conservatively each company has 100 people, then it's over 100 million people.
https://www.lifewire.com/how-many-email-users-are-there-1171213
Understanding Microsoft Business And Personal Accounts: https://www.bruceb.com/2020/10/understanding-microsoft-business-and-personal-accounts/
Todo
newmixproject ๐hex.pmproject under the dwyl org. :shipit:Pick-up: