- Methods: All Methods Documented Methods Hide Methods
- Source: Display Source Hide Source
- Variables: Show Variables Hide Variables
Class ::ms::Authorize
::ms::Authorize create ... \Support for the Microsoft Microsoft identity platform ID tokens to login/logout via MS Azure accounts. https://learn.microsoft.com/en-us/azure/active-directory/develop/id-tokens
[ -after_successful_login_url (default "/pvt/") ] \
[ -base_url base_url ] \
[ -client_id client_id ] \
[ -client_secret client_secret ] \
[ -create_not_registered_users:boolean (default "false") ] \
[ -create_with_dotlrn_role (default "") ] \
[ -debug:boolean (default "false") ] \
[ -login_failure_url (default "/") ] \
[ -pretty_name (default "Azure") ] \
[ -responder_url (default "/oauth/azure-login-handler") ] \
[ -response_type (default "code id_token") ] \
[ -scope (default "openid offline_access profile") ] \
[ -tenant tenant ] \
[ -version (default "") ]
Defined in packages/xooauth/tcl/ms-procs.tcl
Class Relations
::nx::Class create ::ms::Authorize \ -superclass ::xo::AuthorizeMethods (to be applied on instances)
login_url (scripted, public)
<instance of ms::Authorize> login_url [ -prompt prompt ] \ [ -return_url return_url ] [ -login_hint login_hint ] \ [ -domain_hint domain_hint ] [ -code_challenge code_challenge ] \ [ -code_challenge_method code_challenge_method ]Returns the URL for logging in "oauth2/authorize" is defined in RFC 6749, but requests for MS id-tokens inversion v1.0 and v2.0 are defined here: https://learn.microsoft.com/en-us/azure/active-directory/develop/id-tokens
- Switches:
- -prompt (optional)
- -return_url (optional)
- -login_hint (optional)
- -domain_hint (optional)
- -code_challenge (optional)
- -code_challenge_method (optional)
- Testcases:
- No testcase defined.
if {${:version} in {"" "v1.0"}} { set base https://login.microsoftonline.com/common/oauth2/authorize } else { # # When version "v2.0" is used, the concrete tenant # (i.e. not "common" as in the earlier version) has to # be specified, unless the MS application is # configured as a multi-tenant application. # set base https://login.microsoftonline.com/${:tenant}/oauth2/${:version}/authorize } set client_id ${:client_id} set scope ${:scope} set response_type ${:response_type} set nonce [::xo::oauth::nonce] set response_mode form_post set state [:encoded_state -return_url $return_url] set redirect_uri [:qualified ${:responder_url}] return [export_vars -no_empty -base $base { client_id response_type redirect_uri response_mode state scope nonce prompt login_hint domain_hint code_challenge code_challenge_method }]logout (scripted, public)
<instance of ms::Authorize> logoutPerform logout operation form MS in the background (i.e. without a redirect).
- Testcases:
- No testcase defined.
ns_http run [:logout_url]logout_url (scripted, public)
<instance of ms::Authorize> logout_url \ [ -return_url return_url ]Returns the URL for logging out. After the logout, azure redirects to the given page.
- Switches:
- -return_url (optional)
- Testcases:
- No testcase defined.
set base https://login.microsoftonline.com/common/oauth2/logout set post_logout_redirect_uri [:qualified $return_url] return [export_vars -no_empty -base $base { post_logout_redirect_uri }]
- Methods: All Methods Documented Methods Hide Methods
- Source: Display Source Hide Source
- Variables: Show Variables Hide Variables