0

I'm attempting to swap the default auth scheme in Blitz.js with a passport-azure-ad scheme, using the OIDCStrategy. I'm getting an error that I'm not sure about and would appreciate any help! I've created a new file under src/pages/auth/openid.tsx and into inserted the following code:

import { passportAuth } from "@blitzjs/auth"
import { api } from "src/blitz-server"
import { OIDCStrategy } from "passport-azure-ad"

const users: Array<{ oid: string }> = []

var findByOid = function (oid, fn) {
  console.log("failing")
  for (var i = 0, len = users.length; i < len; i++) {
    const user = users[i]
    console.log("we are using user: ", user)
    if (user && user.oid === oid) {
      return fn(null, user)
    }
  }
  return fn(null, null)
}

export default api(
  passportAuth({
    successRedirectUrl: "/",
    errorRedirectUrl: "/",
    strategies: [
      {
        strategy: new OIDCStrategy(
          {
            identityMetadata:
              "https://login.microsoftonline.com/<tenant-nam>.onmicrosoft.com/v2.0/.well-known/openid-configuration",
            clientID: <client-id>,
            responseType: "code id_token",
            responseMode: "form_post",
            redirectUrl: "http://localhost:3000/auth/openid/callback",
            allowHttpForRedirectUrl: true,
            clientSecret: "<client-secret>",
            validateIssuer: false,
            passReqToCallback: true,
            scope: ["profile", "offline_access", "https://graph.microsoft.com/mail.read"],
            loggingLevel: "info",
            nonceMaxAmount: 5,
            useCookieInsteadOfSession: false,
            cookieEncryptionKeys: [
              { key: "12345678901234567890123456789012", iv: "123456789012" },
              { key: "abcdefghijklmnopqrstuvwxyzabcdef", iv: "abcdefghijkl" },
            ],
          },
          function (iss, sub, profile, accessToken, refreshToken, done) {
            if (!profile.oid) {
              return done(new Error("No oid found"), null)
            }
            // asynchronous verification, for effect...
            process.nextTick(function () {
              findByOid(profile.oid, function (err, user) {
                if (err) {
                  return done(err)
                }
                if (!user) {
                  // "Auto-registration"
                  users.push(profile)
                  return done(null, profile)
                }
                return done(null, user)
              })
            })
          }
        ),
      },
    ],
  })
)

I believe the configuration is good because I can run the example from passport-azure-ad from the github examples. The only change I make is that I set redirectUrl: "http://localhost:3000/auth/openid/callback", instead of redirectUrl: ".../return", per the blitz.js third party auth documentation. The tenantname, client_id, client_secret are redacted but I do set them to the correct values. I have also verified that the app registration is correctly set with the correct redirect uri.

I run blitz dev and when I go to the http://localhost:3000/auth/openid route I get the following error. enter image description here

Here is the console output that is produced: enter image description here

As you can see there is a Module not found: Can't resolve './src/build', this error only occurs if I go to the auth/openid page but the app is able to load.

user8565662
  • 127
  • 1
  • 1
  • 6

0 Answers0