Any examples of Oauth2 & Windows/Microsoft login?

HI, trying to see if I could use something like https://atmospherejs.com/meteor/oauth2 to allow a user with a hotmail.com or live.com to login to Meteor.

Anyone have any examples and/or packages that you could recommend, pls?

Try Meteor itself for examples: https://github.com/meteor/meteor/tree/devel/packages

Each service uses 2 packages: 1 for the api and 1 for the account.

For example, the twitter and accounts-twitter.

AzureAd This will let your users log in to your app using Azure Active Directory. I have tried it and it works. All the instruction to setup up your active directory and integerate with meteor are there in that repo. Have fun

@areich @Murwade thanks folksā€¦ ok going to look into this

@Murwade @areich thanks againā€¦ trying to hack together a working example first and then may publish as a package.

I am just bumping around in the dark trying to back track on the twitter/facebook/azure packages and trying to understand how this applies to the Microsoft API.

I currently can call my and managed to get the Microsoft Live to come upā€¦ but thereā€™s a few missing bits for me.

So I have the following Gist:
https://gist.github.com/adamgins/2233ffa81b66a34d99ff

If I hardcode Line 37 (replace line 36) https://gist.github.com/adamgins/2233ffa81b66a34d99ff#file-microsoft-oauth_microsoft_client-js-L37

It pops up the Microsoft window and allows me to login. Obviously this is the wrong redirect_url , so it wonā€™t take me back to my Meteor app. If I go with the current version I canā€™t seem to get the redirect to work and I am not clear what it should be. That said, it is picking it up with what I have defined into the Microsoft app at https://account.live.com/developers/applications

I set this to https://localhost/_oauth/microsoft but then I get an invalid redirect URLā€¦ so not sure how I tie this in the Meteor oauth stuff or how I setup Meteor Oauth to accept this URL???

UPdate: I think I have ā€œkindaā€ resolved this. I needed to use an external domain, could not get it to accept ā€œlocalhostā€. ANyway, It does not see to pop up the window but redirects to a page that says ā€œLogin completed. Click here to close this window.ā€ THere is a warning in the browser console: ā€œScripts may close only the windows that were opened by it.ā€ and on the server console:
W20150406-16:12:06.893(10) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined W20150406-16:12:06.893(10) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined W20150406-16:12:06.894(10) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined W20150406-16:12:06.894(10) (oauth_server.js:398) Error in OAuth Server: Match error: Expected string, got undefined

My second big question is I have not idea what the server urls/settings are for Microsoft? I copied the twitter stuff from the Meteor packages but I have no idea what the "url"s to Microsoft should be including the oauthBinding.get('https://api.twitter.com/1.1/account/verify_credentials.json').data;

Update a changed that parameter to ā€œnullā€ā€¦ but no luck. My line 20 in the microsoft_server.js:

OAuth.registerService('microsoft', 1, null, function(oauthBinding)

Any help appreciated.

@khamoud how goes? I noticed your name on the Stripe example, not sure if you have some guidance, pls?

Have you tried setting up another oAuth service just to get a feel for how it works? Twitter seems the easiest. Also, have you set the new Microsoft services up? Something like the following in a .js file in your appā€™s server folder:

ServiceConfiguration.configurations.remove({
    service: "Microsoft"
});

ServiceConfiguration.configurations.upsert(
    { service: "Microsoft" },
    {
        $set: {
            rootUrl: "http://www.live.com",
            secret: "FOO", //supplied by Microsoft
            loginStyle: "redirect"
        }
    }
);

Microsoft wonā€™t allow an app with localhost. Do the best you can locally and setup an app with a meteor account to test it.

@areich thanks. Yep, have it working for Facebook, Google etc. Sorry I should have included that bit in the Gist.

I think my config setting are wrong, based on your example, I was using:

ServiceConfiguration.configurations.remove({
    service: "microsoft"
});

ServiceConfiguration.configurations.insert({
    service: "microsoft",
    clientId: "<clientid>",
    secret: "<secret>",
    loginStyle: "redirect",
    display: "popup",
    scope:"wl.signin"

}); 

So will give it a try a bit later. Thanks.

@khamoud @jkatzen thanks heaps for your time today.

I made some progress and worked added another HTTP request to get the user info/emails with:

var responseData = HTTP.get(
       "https://apis.live.net/v5.0/me", {
        params: {
            access_token: parsedResponse.access_token,
        }
      }).data;

I had to add the scope wl.emails to the client request. So my scope is currently 'ā€œwl.signin wl.basic wl.emailsā€`

Anyway, I have it grabbling the user dataā€¦ after a bit of fiddling around, I worked out I needed to set the ā€˜email:ā€™ property in the serviceData and presto my user is created after authenticating with Microsoft.

thanks again for the help.

Iā€™ll need to clean up and remove all the hard coded stuff and hopefully publish so folks can review (or bash me up) my code. :wink:

1 Like

Great! Iā€™m glad it worked. Sorry I had to leave before we could figure it out on the hangout.

@khamoud no worries, thanks again for the help. Will try and cleanup and and get on Github so you can tear in mistakes I made to shreds :wink:

@khamoud , I created this Gistā€¦ I should have actually uploaded to githubā€¦ will do that now https://gist.github.com/anonymous/357852f8770155341a6a
Hereā€™s git repository: https://github.com/Buzzy-Buzz/microsoft-oauth

1 Like

This thread is way old - does this MS Auth work, or was it too hard?
I can see a few variants of the package, but they are all 8 or 9 years old. Age is not necessarily a bad thing, but it can be a red flag

After trying the most downloaded packosphere MS package, it doesnā€™t work, but we have managed to find an npm package to achieve it.

Does it make sense to create a new package for this, or just to leave it as an npm package?

Any opinions on this are welcome.

Meteor packages let you tap into the Meteorā€™s internals such as the Accounts and the Meteor.users collection. I am not sure I know how to depend on a Meteor Package inside an NPM packages while the other way is simple.
I think the community would be grateful if an updated package would be built out of this, perhaps following the template of another Meteor accounts package such as Accounts | Meteor API Docs

Yes, I think it makes sense to have a package for microsoft auth, weā€™ll have a go :slight_smile:

Itā€™s been some years since I played with Meteorā€™s OAuth (things may have changed), but back in the day I wrote an article explaining how to take some boilerplate code and adapt it for any OAuth2 service. I chose Imgur as my test case, but Microsoftā€™s cloud login service uses OAuth2, so should be achievable.

The accompanying Imgur package I created by following the process is here.

Hope it helps!

Yes Rob, we are following your article :slight_smile:

1 Like

I ended up rolling my own a while back. I have created a number of Oauth packages for Microsoft, Google, Figma, Slack etcā€¦ they all follow a similar pattern, but with some idiosyncrasies for the specific service - even Microsoft seemed to differ per API/service. It may have got better. Sorry I never turned it into a package.

Iā€™m trying to create a new one. Hopefully it will work.

1 Like