bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2025-12-15 15:53:41 +00:00
Code Issues Releases Wiki Activity

Add Azure Identity Authority Selector (#176)

Browse Source 
* New AzureSettings to select the Identity Authority

* Add fallback for existing customers

* Throw error if Identity Authority is set to invalid value
This commit is contained in:
Daniel James Smith
2021-11-18 19:02:33 +01:00
committed by GitHub
parent 660ee538ce
commit abc68e8ef9
4 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/app/tabs/settings.component.html
View File

@@ -134,6 +134,14 @@
</div> </div>
</div> </div>
<div [hidden]="directory != directoryType.AzureActiveDirectory"> <div [hidden]="directory != directoryType.AzureActiveDirectory">
<div class="form-group">
<label for="identityAuthority">{{'identityAuthority' | i18n}}</label>
<select class="form-control" id="identityAuthority" name="IdentityAuthority"
[(ngModel)]="azure.identityAuthority">
<option value="login.microsoftonline.com">Azure AD Public</option>
<option value="login.microsoftonline.us">Azure AD Government</option>
</select>
</div>
<div class="form-group"> <div class="form-group">
<label for="tenant">{{'tenant' | i18n}}</label> <label for="tenant">{{'tenant' | i18n}}</label>
<input type="text" class="form-control" id="tenant" name="Tenant" [(ngModel)]="azure.tenant"> <input type="text" class="form-control" id="tenant" name="Tenant" [(ngModel)]="azure.tenant">

3
src/locales/en/messages.json
View File

@@ -354,6 +354,9 @@
"rootPath": { "rootPath": {
"message": "Root Path" "message": "Root Path"
}, },
"identityAuthority": {
"message": "Identity Authority"
},
"tenant": { "tenant": {
"message": "Tenant" "message": "Tenant"
}, },

1
src/models/azureConfiguration.ts
View File

@@ -1,4 +1,5 @@
export class AzureConfiguration { export class AzureConfiguration {
identityAuthority: string;
tenant: string; tenant: string;
applicationId: string; applicationId: string;
key: string; key: string;

11
src/services/azure-directory.service.ts
View File

@@ -17,6 +17,9 @@ import { IDirectoryService } from './directory.service';
import { I18nService } from 'jslib-common/abstractions/i18n.service'; import { I18nService } from 'jslib-common/abstractions/i18n.service';
import { LogService } from 'jslib-common/abstractions/log.service'; import { LogService } from 'jslib-common/abstractions/log.service';
const AzurePublicIdentityAuhtority = 'login.microsoftonline.com';
const AzureGovermentIdentityAuhtority = 'login.microsoftonline.us';
const NextLink = '@odata.nextLink'; const NextLink = '@odata.nextLink';
const DeltaLink = '@odata.deltaLink'; const DeltaLink = '@odata.deltaLink';
const ObjectType = '@odata.type'; const ObjectType = '@odata.type';
@@ -390,6 +393,12 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
return; return;
} }
const identityAuthority = this.dirConfig.identityAuthority != null ? this.dirConfig.identityAuthority : AzurePublicIdentityAuhtority;
if (identityAuthority !== AzurePublicIdentityAuhtority && identityAuthority !== AzureGovermentIdentityAuhtority) {
done(new Error(this.i18nService.t('dirConfigIncomplete')), null);
return;
}
if (!this.accessTokenIsExpired()) { if (!this.accessTokenIsExpired()) {
done(null, this.accessToken); done(null, this.accessToken);
return; return;
@@ -406,7 +415,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
}); });
const req = https.request({ const req = https.request({
host: 'login.microsoftonline.com', host: identityAuthority,
path: '/' + this.dirConfig.tenant + '/oauth2/v2.0/token', path: '/' + this.dirConfig.tenant + '/oauth2/v2.0/token',
method: 'POST', method: 'POST',
headers: { headers: {