[Bug]: Createing a custom Auth Provider Module for azure (SSO) #10860
Comments
|
Hi, would you be able to provide a reproduction repository with a minimal implementation please? |
|
kindly go through the below attached file, I have attached my project zip file |
|
do you have any other logs with any warning or error during the loading process by any chance? |
|
I was more asking for the log when you start your application, in case there is a hidden warning of some sort, let me check on my side in a sec |
|
I ve tried to run with your azure provider and it retrieves it correctly, the only thing I ve done is commenting the passport.use section since I do not have any azure creds. Do you have any logs when bootstraping the app that would indicate that the provider could not be loaded by any chance? It is expected in my case to not retrieve the auth identity but it resolve the azure provider correctly. |
|
@adrien2p I understand what you're saying. Even if I comment out the Passport configuration, the provider works fine. Could you guide me on how to implement SSO for Azure in Medusa? I expect the Azure integration to work similarly to Google SSO. I'm using the Passport package for Azure integration. If I initialize it in the provider, I encounter an error. However, if I comment out the Passport initialization, the Azure provider is invoked correctly. Can you please guide me on what I need to do to resolve this issue? My project has SSO for Google as well as Azure. |
|
when you are initializing your passport strategy, do you see any errors in the terminal when starting the app? |
|
scenario 1
scenario 2
now @adrien2p Can you please guide me on what I need to do to resolve this issue? My project has SSO for Google as well as Azure |
No i didn't find any error I'm just initializing it in my azure provider only |
|
Ok I found out what is happening, currently, no matter the error happening it will tell you that the provider is not registered. That is because of two things
Let me fix that already and that way you will have the proper error to help you fix the issue with your passport strategy |
|
This pr will help you find out why your passport strategy is not working #10900 try {
this.passport.use(
new OIDCStrategy(
{
clientID: options.clientID,
clientSecret: options.clientSecret,
identityMetadata: `https://login.microsoftonline.com/${options.tenantID}/.well-known/openid-configuration`,
redirectUrl: options.callbackUrl,
responseType: "code id_token",
responseMode: "form_post",
scope: ["openid", "profile", "email"],
passReqToCallback: false,
},
(issuer, sub, profile, accessToken, refreshToken, done) => {
// Ensure that all necessary data is provided and sanitized
const authIdentity = {
// provider: this.provider,
entity_id: profile._json.upn, // Example: using the user's UPN (email)
provider_metadata: profile,
user_metadata: {
name: profile.displayName,
email: profile._json.upn,
},
};
// Done callback should return the authIdentity
return done(null, authIdentity);
}
)
);
} catch (e) {
this.logger_.error(e)
throw e
} |
Package.json file
{ "name": "medusa-starter-default", "version": "0.0.1", "description": "A starter for Medusa projects.", "author": "Medusa (https://medusajs.com)", "license": "MIT", "keywords": [ "sqlite", "postgres", "typescript", "ecommerce", "headless", "medusa" ], "scripts": { "build": "medusa build", "seed": "medusa exec ./src/scripts/seed.ts", "start": "medusa start", "dev": "medusa develop", "test:integration:http": "TEST_TYPE=integration:http NODE_OPTIONS=--experimental-vm-modules jest --silent=false --runInBand --forceExit", "test:integration:modules": "TEST_TYPE=integration:modules NODE_OPTIONS=--experimental-vm-modules jest --silent --runInBand --forceExit", "test:unit": "TEST_TYPE=unit NODE_OPTIONS=--experimental-vm-modules jest --silent --runInBand --forceExit" }, "dependencies": { "@aws-sdk/client-s3": "^3.717.0", "@aws-sdk/lib-storage": "^3.721.0", "@azure/msal-node": "^2.16.2", "@medusajs/admin-sdk": "2.1.1", "@medusajs/cli": "2.1.1", "@medusajs/framework": "2.1.1", "@medusajs/js-sdk": "^2.1.3", "@medusajs/medusa": "^2.1.3", "@medusajs/medusa-js": "^6.1.9", "@medusajs/types": "^2.1.3", "@mikro-orm/core": "5.9.7", "@mikro-orm/knex": "5.9.7", "@mikro-orm/migrations": "5.9.7", "@mikro-orm/postgresql": "5.9.7", "@types/multer": "^1.4.12", "archiver": "^7.0.1", "awilix": "^8.0.1", "axios": "^1.7.9", "express-session": "^1.18.1", "jsonwebtoken": "^9.0.2", "medusa-plugin-auth": "^1.11.1", "multer": "^1.4.5-lts.1", "passport": "^0.7.0", "passport-azure-ad": "^4.3.5", "passport-google-oauth20": "^2.0.0", "pg": "^8.13.0" }, "devDependencies": { "@medusajs/test-utils": "2.1.1", "@mikro-orm/cli": "5.9.7", "@swc/core": "1.5.7", "@swc/jest": "^0.2.36", "@types/express-session": "^1.18.1", "@types/jest": "^29.5.13", "@types/node": "^20.0.0", "@types/passport": "^1.0.17", "@types/passport-azure-ad": "^4.3.6", "@types/passport-google-oauth20": "^2.0.16", "@types/react": "^18.3.2", "@types/react-dom": "^18.2.25", "jest": "^29.7.0", "prop-types": "^15.8.1", "react": "^18.2.0", "react-dom": "^18.2.0", "ts-node": "^10.9.2", "typescript": "^5.6.2", "vite": "^5.2.11" }, "peerDependencies": { "@medusajs/medusa": "2.1.1" }, "engines": { "node": ">=20" } }Node.js version
v22.11.0
Database and its version
16.2
Operating system name and version
windows
Browser name
No response
What happended?
I have added the custom AUTH for Azure. I have added an identifier as azure
class AzureAuthProviderService extends AbstractAuthModuleProvider {
static identifier = "azure"; // Correct provider identifier
protected logger_: Logger;
protected options_: Options;
protected passport;
this is my config
{
resolve: "@medusajs/medusa/auth", // Medusa's authentication module
options: {
providers: [
{
resolve: "./src/modules/azure", // Path to your custom Azure auth provider
id: "azure",
options: {
clientId: process.env.AZURE_CLIENT_ID,
clientSecret: process.env.AZURE_CLIENT_SECRET,
tenantId: process.env.AZURE_TENANT_ID,
Expected behavior
provided url to login with azure (microsoft)
Actual behavior
getting error
{
"type": "unauthorized",
"message": "\n Unable to retrieve the auth provider with id: azure\n Please make sure that the provider is registered in the container and it is configured correctly in your project configuration file.\n "
}
Link to reproduction repo
The text was updated successfully, but these errors were encountered: