::nx::Class ::ms::Authorize

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables

Class ::ms::Authorize

::ms::Authorize create ... \
           [ -after_successful_login_url (default "/pvt/") ] \
           [ -base_url base_url ] \
           [ -client_id client_id ] \
           [ -client_secret client_secret ] \
           [ -create_not_registered_users:boolean (default "false") ] \
           [ -create_with_dotlrn_role (default "") ] \
           [ -debug:boolean (default "false") ] \
           [ -login_failure_url (default "/") ] \
           [ -pretty_name (default "Azure") ] \
           [ -responder_url (default "/oauth/azure-login-handler") ] \
           [ -response_type (default "code id_token") ] \
           [ -scope (default "openid offline_access profile") ] \
           [ -tenant tenant ] \
           [ -version (default "") ]
Support for the Microsoft Microsoft identity platform ID tokens to login/logout via MS Azure accounts. https://learn.microsoft.com/en-us/azure/active-directory/develop/id-tokens

Defined in packages/xooauth/tcl/ms-procs.tcl
Class Relations

class: ::nx::Class

superclass: ::xo::Authorize
::nx::Class create ::ms::Authorize \
     -superclass ::xo::Authorize
Methods (to be applied on instances)
login_url (scripted, public)
 <instance of ms::Authorize> login_url [ -prompt prompt ] \
    [ -return_url return_url ] [ -login_hint login_hint ] \
    [ -domain_hint domain_hint ] [ -code_challenge code_challenge ] \
    [ -code_challenge_method code_challenge_method ]
Returns the URL for logging in "oauth2/authorize" is defined in RFC 6749, but requests for MS id-tokens inversion v1.0 and v2.0 are defined here: https://learn.microsoft.com/en-us/azure/active-directory/develop/id-tokens

Switches:

-prompt
(optional)
-return_url
(optional)
-login_hint
(optional)
-domain_hint
(optional)
-code_challenge
(optional)
-code_challenge_method
(optional)

Partial Call Graph (max 5 caller/called nodes):

Testcases:
No testcase defined.
if {${:version} in {"" "v1.0"}} {
    set base https://login.microsoftonline.com/common/oauth2/authorize
} else {
    #
    # When version "v2.0" is used, the concrete tenant
    # (i.e. not "common" as in the earlier version) has to
    # be specified, unless the MS application is
    # configured as a multi-tenant application.
    #
    set base https://login.microsoftonline.com/${:tenant}/oauth2/${:version}/authorize
}

set client_id ${:client_id}
set scope ${:scope}
set response_type ${:response_type}
set nonce [::xo::oauth::nonce]
set response_mode form_post
set state [:encoded_state -return_url $return_url]
set redirect_uri [:qualified ${:responder_url}]

return [export_vars -no_empty -base $base {
    client_id response_type redirect_uri response_mode
    state scope nonce prompt login_hint domain_hint
    code_challenge code_challenge_method
}]
logout (scripted, public)
 <instance of ms::Authorize> logout
Perform logout operation form MS in the background (i.e. without a redirect).

Partial Call Graph (max 5 caller/called nodes):

Testcases:
No testcase defined.
ns_http run [:logout_url]
logout_url (scripted, public)
 <instance of ms::Authorize> logout_url \
    [ -return_url return_url ]
Returns the URL for logging out. After the logout, azure redirects to the given page.

Switches:

-return_url
(optional)

Partial Call Graph (max 5 caller/called nodes):

Testcases:
No testcase defined.
set base https://login.microsoftonline.com/common/oauth2/logout
set post_logout_redirect_uri [:qualified $return_url]
return [export_vars -no_empty -base $base {
    post_logout_redirect_uri
}]

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables

Class ::ms::Authorize

Class Relations

Methods (to be applied on instances)

login_url (scripted, public)

logout (scripted, public)

logout_url (scripted, public)