search

juhanakristian / remix-auth-microsoft

Microsoft authentication strategy for remix-auth
MIT License
37 stars 19 forks source link

Accessing extra claims #15

Open jacobcritch opened 1 year ago

jacobcritch commented 1 year ago

Hi there,

I'm trying to access a roles claim (https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps) from the session using this package, and just wondering how I could get that/other claims thar aren't defined in the Strategy in my Profile, or do I need to access that somewhere else. Forgive me if it's a daft question, new to remix-auth.

Cheers

juhanakristian commented 1 year ago

Hi @jacobcritch, and thank you for submitting this issue. Can you show how you've defined your Strategy? IIRC the roles can be found in profile.__json.roles but this field is missing from MicrosoftProfile type at the moment.

jacobcritch commented 1 year ago

Thanks for the response - I was able to find the roles object in the extraParams object by parsing the JWT idToken. It's in there, but not the profile.__json - I guess since MicrosoftProfile is defined like this, the __json isn't typed for an optional number of fields here, i guess?

export interface MicrosoftProfile extends OAuth2Profile {
    id: string;
    displayName: string;
    name: {
        familyName: string;
        givenName: string;
    };
    emails: [{
        value: string;
    }];
    _json: {
        sub: string;
        name: string;
        family_name: string;
        given_name: string;
        email: string;
    };
}