Forum Discussion

vcima's avatar
vcima
Brass Contributor
Mar 19, 2020

How to securize redirection with Azure AD in a WebPart?


I have developed a Sharepoint Webpart. The aim of this component is simple, authenticate the user in an external website that is embedded inside de Sharepoint. The external website uses Azure AD to login the users.

 

The problem that I have is the following. I know how to get obtain an access token, and the component works fine, with a great security leak.

 

This is that I have

public render(): void {
token="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
<iframe img src="https://www.example.org/oauthCallback.html?token="+token/>
}


For this reason, I'm trying to change for something like:

public render(): void {
<iframe img src="Azure redirection"/>
}
Azure redirection -> verify the user context with Azure AD -> redirect the callback to https://www.example.org/oauthCallback.html

 

I want securize this process with Azure AD, but I don't know how to do.

 

Any idea?

 

Regards

Resources