1

Goal: I'm currently working on features for a web application which I would like test locally on a smartphone.

Obvious solution: In order to do so, I've browsed the local address and port of my application from a phone connected to the same network as the computer on which I run the app. This also seems to be the standard solution.

Issue: This would work fine, if it weren't for the Microsoft Azure Active Directory authentication. Due to the redirect URI of AD, my app is redirected to localhost rather than the address of the computer which I'm browsing to. The trick seemed to be to replace the adal redirect URI in my config js file with the address of my computer, but that would require adding the specific address of that host to the redirect URI table on the azure portal. To me, this isn't very desirable as I would like cross device access to work for any host and client on the subnet.

I'm not at all comfortable with Azure or Azure AD so for any solution, please give me the dummy explanation. The app is a JS app. I realise I've been giving minimal information but I'll fill in anything needed.

Thank you!

Richard
  • 51
  • 1
  • 4

1 Answers1

0

Azure Active Directory is using Open ID Connect authentication protocol (or SAML 2.0 / WS-Fed but I think it is not your case). So, the flows, parameters and functions are standard for those protocols in Azure AD.

Depends on the SDK which you are using you can specify redirect_uri during the sign-in request where Azure AD will post the result of the authentication process.

Application example for Node JS: https://github.com/AzureAD/azure-activedirectory-library-for-nodejs/blob/master/sample/website-sample.js there is the authorizationUrl variable with redirect_uri parameter.

If you have a Single Page Application you can use ADAL JS: https://github.com/AzureAD/azure-activedirectory-library-for-js , it provides you 2 modes:

  • pop up
  • redirect

as in example, you can also specify redirect_uri in the configuration for AuthenticationContext object:

window.config = {
   clientId: '[Enter your client_id here, e.g. g075edef-0efa-453b-997b-de1337c29185]',
   popUp: true,
   callback : callbackFunction,
   redirectUri: 'http://machinename/auth'
};

You can use this article to have more information about Open ID Connect and Azure AD by this link: https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-openid-connect-code

Ivan Ignatiev
  • 1,023
  • 5
  • 15
  • Thank you for your answer. I might have misunderstood you, but it seems to me your proposal is setting the redirectUri to the machine name in my js-app. This doesn't work, since the AD requires me add every approved redirectURI-address to a white-list on the azure portal. I don't want to add every IP-address which happens to host the local app atm to that list. That was my problem... – Richard Oct 11 '19 at 06:57
  • @Richard that is security practice to protect you from injections to your code. In your case I could suggest to define only one URL for your application and put it in hosts of each machine associated with its local IP – Ivan Ignatiev Oct 12 '19 at 08:59