SOLVED

How can I auto-logged an user inside a Sharepoint Web Part?

%3CLINGO-SUB%20id%3D%22lingo-sub-1247152%22%20slang%3D%22es-ES%22%3EHow%20can%20I%20auto-logged%20an%20user%20inside%20a%20Sharepoint%20Web%20Part%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1247152%22%20slang%3D%22es-ES%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22diagram.jpg%22%20style%3D%22width%3A%20671px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F178911i3A272362B9531D14%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22diagram.jpg%22%20alt%3D%22diagram.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20web%20site%20%22Play%20web%22.%20When%20I%20want%20to%20access%20into%20this%20site%20I%20have%20previously%20login%20with%20user%2Fpass.%20An%20authtentication%20module%2C%20handle%20this%20info%20and%20starts%20a%20communication%20with%20an%20Azure%20AD.%20If%20the%20user%20is%20validated%20properly%20using%20a%20callback%20the%20control%20is%20returned%20to%20the%20Play%20Web%20with%20the%20user%20logged.%20All%20these%20steps%20works%20fine.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EWhere%20is%20the%20problem%3F.%20One%20of%20our%20clients%20wants%20to%20embed%20this%20%22Play%20web%22%20inside%20his%20Sharepoint%20but%20he%20doesn't%20want%20relogin.%20He%20needs%20to%20use%20the%20Sharepoint%20context%20to%20autologged%20the%20user%20into%20the%20website.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20there%20any%20way%20to%20do%20this%3F%2C%20Should%20have%20I%20setup%20something%20in%20Azure%20AD%3A%20Proxy%2C%20Function%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20stuck%20with%20this.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1247152%22%20slang%3D%22es-ES%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharepoint%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWebpart%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1248512%22%20slang%3D%22en-US%22%3ERe%3A%20How%20can%20I%20auto-logged%20an%20user%20inside%20a%20Sharepoint%20Web%20Part%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1248512%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3EYou%20can%20try%20using%20Microsoft%20Authentication%20Library%20(MSAL).%20Please%20refer%20the%20below%20link%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fmsal-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fmsal-overview%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EHope%20it%20helps%2C%20please%20like%20it%20or%20mark%20it%20as%20a%20solution%20if%20it%20resolves%20ur%20clarification%20or%20issue%3CBR%20%2F%3E-Sudharsan%20K...%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1258613%22%20slang%3D%22es-ES%22%3ERe%3A%20How%20can%20I%20auto-logged%20an%20user%20inside%20a%20Sharepoint%20Web%20Part%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1258613%22%20slang%3D%22es-ES%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F144422%22%20target%3D%22_blank%22%3E%40Sudharsan%20K%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHi!%2C%20I%20have%20solve%20the%20problem%20with%20this%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3E%3CSPAN%3Eimport%20%3C%2FSPAN%3E%7BUserAgentApplication%7D%20%3CSPAN%3Efrom%20%3C%2FSPAN%3E%3CSPAN%3E%22msal%22%3C%2FSPAN%3E%3CSPAN%3E%3B%3C%2FSPAN%3E%3C%2FPRE%3E%3CPRE%3E%3CSPAN%3E%3CBR%20%2F%3Econst%20%3C%2FSPAN%3Econfig%20%3D%20%7B%3CBR%20%2F%3E%3CSPAN%3Eauth%3C%2FSPAN%3E%3A%20%7B%3CBR%20%2F%3E%3CSPAN%3EclientId%3C%2FSPAN%3E%3A%20%3CSPAN%3E%22client-id%22%3C%2FSPAN%3E%3CSPAN%3E%2C%3CBR%20%2F%3E%3C%2FSPAN%3E%20%3CSPAN%3Eauthority%3C%2FSPAN%3E%3A%20%3CSPAN%3E%22https%3A%2F%2Flogin.microsoftonline.com%2Ftenant-id%22%3CBR%20%2F%3E%3C%2FSPAN%3E%20%7D%3CBR%20%2F%3E%7D%3CSPAN%3E%3B%3CBR%20%2F%3E%3C%2FSPAN%3E%3CSPAN%3E%3CBR%20%2F%3E%3C%2FSPAN%3E%3CSPAN%3Econst%20%3C%2FSPAN%3EmyMSALObj%20%3D%20%3CSPAN%3Enew%20%3C%2FSPAN%3EUserAgentApplication(config)%3CSPAN%3E%3B%3C%2FSPAN%3E%3C%2FPRE%3E%3CPRE%3E%3CSPAN%3E%3CBR%20%2F%3Elet%20%3C%2FSPAN%3EaccessTokenRequest%20%3D%20%7B%3CBR%20%2F%3E%3CSPAN%3Escopes%3C%2FSPAN%3E%3A%20%5B%3CSPAN%3E%22user.read%22%3C%2FSPAN%3E%5D%3CSPAN%3E%2C%3CBR%20%2F%3E%3C%2FSPAN%3E%20%3CSPAN%3EloginHint%3C%2FSPAN%3E%3A%20%3CSPAN%3Ethis%3C%2FSPAN%3E.%3CSPAN%3Econtext%3C%2FSPAN%3E.%3CSPAN%3EpageContext%3C%2FSPAN%3E.%3CSPAN%3Euser%3C%2FSPAN%3E.%3CSPAN%3EloginName%3C%2FSPAN%3E%3CSPAN%3E%2C%3CBR%20%2F%3E%3C%2FSPAN%3E%20%3CSPAN%3EextraQueryParameters%3C%2FSPAN%3E%3A%20%7B%3CSPAN%3Edomain_hint%3C%2FSPAN%3E%3A%20%3CSPAN%3E'organizations'%3C%2FSPAN%3E%7D%3CBR%20%2F%3E%7D%3CBR%20%2F%3E%3CSPAN%3E%3CBR%20%2F%3E%3C%2FSPAN%3EmyMSALObj.%3CSPAN%3EacquireTokenSilent%3C%2FSPAN%3E(accessTokenRequest).%3CSPAN%3Ethen%3C%2FSPAN%3E(%3CSPAN%3Efunction%3C%2FSPAN%3E(accessTokenResponse)%20%7B%3CBR%20%2F%3E%3CSPAN%3E%2F%2F%20Acquire%20token%20silent%20success%3CBR%20%2F%3E%3C%2FSPAN%3E%3CSPAN%3E%20%2F%2F%20call%20API%20with%20token%3CBR%20%2F%3E%3C%2FSPAN%3E%20%3CSPAN%3Elet%20%3C%2FSPAN%3EaccessToken%20%3D%20accessTokenResponse.%3CSPAN%3EaccessToken%3C%2FSPAN%3E%3CSPAN%3E%3B%3CBR%20%2F%3E%3C%2FSPAN%3E%3CSPAN%3E%20let%20%3C%2FSPAN%3Escopes%20%3D%20accessTokenResponse.%3CSPAN%3Escopes%3C%2FSPAN%3E%3CSPAN%3E%3B%3C%2FSPAN%3E%3CSPAN%3E%3CBR%20%2F%3E%3C%2FSPAN%3E%20%7D).%3CSPAN%3Ecatch%3C%2FSPAN%3E(%3CSPAN%3Efunction%20%3C%2FSPAN%3E(error)%20%7B%3CBR%20%2F%3E%3CSPAN%3E%2F%2FAcquire%20token%20silent%20failure%2C%20and%20send%20an%20interactive%20request%3CBR%20%2F%3E%3C%2FSPAN%3E%20console.%3CSPAN%3Elog%3C%2FSPAN%3E(error)%3CSPAN%3E%3B%3CBR%20%2F%3E%3C%2FSPAN%3E%3CSPAN%3E%20if%20%3C%2FSPAN%3E(error.%3CSPAN%3EerrorMessage%3C%2FSPAN%3E.%3CSPAN%3EindexOf%3C%2FSPAN%3E(%3CSPAN%3E%22interaction_required%22%3C%2FSPAN%3E)%20!%3D%3D%20-%3CSPAN%3E1%3C%2FSPAN%3E)%20%7B%3CBR%20%2F%3EmyMSALObj.%3CSPAN%3EacquireTokenRedirect%3C%2FSPAN%3E(accessTokenRequest)%3CSPAN%3E%3B%3CBR%20%2F%3E%3C%2FSPAN%3E%20%7D%3CBR%20%2F%3E%7D)%3CSPAN%3E%3B%3C%2FSPAN%3E%26nbsp%3B%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1268203%22%20slang%3D%22es-ES%22%3ERe%3A%20How%20can%20I%20auto-logged%20an%20user%20inside%20a%20Sharepoint%20Web%20Part%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1268203%22%20slang%3D%22es-ES%22%3E%3CP%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F144422%22%20target%3D%22_blank%22%3E%40Sudharsan%20K%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EI%20have%20a%20problem%20with%20this%20accessToken.%20When%20I%20try%20to%20validate%2C%20something%20goes%20wrong%3A%20The%20Token's%20Signature%20resulted%20invalid%20when%20verified%20using%20the%20Algorithm%3A%20SHA256withRSA%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3EDo%20you%20know%20what%20can%20I%20do%20to%20validate%20the%20Azure%20AD%20Token%3F%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ERegards%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

diagram.jpg

 

 

I have a website "Play web". When I want to access into this site I have to login previously with user/pass. An authtentication module, handle this info and starts a communication with an Azure AD. If the user is validated properly using a callback the control is returned to the Play Web with the user logged. All these steps works fine.


Where is the problem?. One of our clients wants to embed this "Play web" inside his Sharepoint but he doesn't want relogin. He needs to use the Sharepoint context to autologged the user into the website.  

 

Is there any way to do this?,  Should have I setup something in Azure AD: Proxy, Function?

 

I'm stuck with this.

 

Regards

3 Replies
Highlighted
Best Response confirmed by vcima (Contributor)
Solution
Hi,
You can try using Microsoft Authentication Library (MSAL). Please refer the below link
https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-overview

Hope it helps, please like it or mark it as a solution if it resolves ur clarification or issue
-Sudharsan K...
Highlighted

@Sudharsan K 

 

Hi!, I have solve the problem with this:

 

import {UserAgentApplication} from "msal";

const
config = {
auth: {
clientId: "client-id",
authority: "https://login.microsoftonline.com/tenant-id"
}
};

const myMSALObj = new UserAgentApplication(config);

let
accessTokenRequest = {
scopes: ["user.read"],
loginHint: this.context.pageContext.user.loginName,
extraQueryParameters: {domain_hint: 'organizations'}
}

myMSALObj.acquireTokenSilent(accessTokenRequest).then(function(accessTokenResponse) {
// Acquire token silent success
// call API with token
let accessToken = accessTokenResponse.accessToken;
let scopes = accessTokenResponse.scopes;
}).catch(function (error) {
//Acquire token silent failure, and send an interactive request
console.log(error);
if (error.errorMessage.indexOf("interaction_required") !== -1) {
myMSALObj.acquireTokenRedirect(accessTokenRequest);
}
}); 

 

Highlighted

Hi @Sudharsan K 


I have a problem with this accessToken. When I try to validate, something goes wrong:  The Token's Signature resulted invalid when verified using the Algorithm: SHA256withRSA

Do you know what can I do to validate the Azure AD Token?


Regards