koltyakov/sp-rest-proxy

Proxy approach for Azure Active Directory

tarundhillon opened this issue · 2 comments

Hello

My understanding is that existing node-sp-auth method's are not applicable through AAD, and one of the issues s-KaiNet/node-sp-auth#94 mentioned using MSAL. Having investigated into MSAL, it seems one would still need to add localhost to their return url during authentication flow which is no-go in my scenario.

I am wondering if

  1. FedAuth cookie copy from live browser tab to dev browser tab is a possible option. If so do how could we initialise sp (@pnp/sp) ?
  2. Is there are any other approach to setup the dev environment for AAD instances ?

Like always, any suggestion or guidance will be much appreciated.

Regards

Hey @tarundhillon,

  1. Yes, this is a possible option. Please check On-Demand strategy. It technically launches Electron web view window, where you can auth and pass 2fa, etc. Then it copies back auth token/cookie based on environment, and use it from Node.js process.

  2. Only creating a custom auth strategy wrapping up Azure AD library.

For a while, I've been more pivoting to Golang in BE tasks. There is also an option proxying similarly as sp-rest-proxy does with https://github.com/koltyakov/gosip-sandbox/tree/master/samples/spproxy. Gosip tools has support for AAD auth. However, a minimal entry to Go will be needed.

Thanks a lot .. let me try the above options.