yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Azure single-tenant SSO tokens are unable to refresh (#5551)

Browse Source
This commit is contained in:
Tom Moor
2023-07-11 18:59:28 -04:00
committed by GitHub
parent 5ae4834333
commit c56add74c6
3 changed files with 42 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
server/utils/azure.ts
View File

@@ -1,9 +1,36 @@
import JWT from "jsonwebtoken";
import env from "@server/env";
import OAuthClient from "./oauth";
type AzurePayload = {
/* A GUID that represents the Azure AD tenant that the user is from */
tid: string;
};
export default class AzureClient extends OAuthClient {
endpoints = {
authorize: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
token: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
userinfo: "https://graph.microsoft.com/v1.0/me",
};
async rotateToken(
accessToken: string,
refreshToken: string
): Promise<{
accessToken: string;
refreshToken?: string;
expiresAt: Date;
}> {
if (env.isCloudHosted()) {
return super.rotateToken(accessToken, refreshToken);
}
const payload = JWT.decode(accessToken) as AzurePayload;
return super.rotateToken(
accessToken,
refreshToken,
`https://login.microsoftonline.com/${payload.tid}/oauth2/v2.0/token`
);
}
}