Updated packages in api, removed some code that was not needed

4gust · 4gust · commit db2394ef1621 · 2024-09-17T16:33:13.000+01:00
diff --git a/1-Authentication/7-sign-in-express-mfa/Api/authConfig.js b/1-Authentication/7-sign-in-express-mfa/Api/authConfig.js
@@ -7,7 +7,7 @@ require("dotenv").config({ path: ".env.dev" });
 
 const TENANT_SUBDOMAIN =
   process.env.TENANT_SUBDOMAIN || "Enter_the_Tenant_Subdomain_Here";
-const TENANT_ID = process.env.TENANT_ID || "Enter_the_Tenant_Subdomain_Here";
+const TENANT_ID = process.env.TENANT_ID || "Enter_the_Tenant_ID_Here";
 const REDIRECT_URI =
   process.env.REDIRECT_URI || "http://localhost:3000/auth/redirect";
 const POST_LOGOUT_REDIRECT_URI =
@@ -20,10 +20,12 @@ const POST_LOGOUT_REDIRECT_URI =
  */
 const msalConfig = {
   auth: {
-    clientId: process.env.CLIENT_ID || "Enter_the_Application_Id_Here", // 'Application (client) ID' of app registration in Azure portal - this value is a GUID
+    clientId:
+      process.env.CLIENT_ID ||
+      "Enter_the_Edit_Profile_Service_Application_Id_Here", // 'Application (client) ID' of the Edit_Profile Service App registration in Microsoft Entra admin center - this value is a GUID
     authority:
-      process.env.AUTHORITY || `https://${TENANT_SUBDOMAIN}.ciamlogin.com/`, // Replace the placeholder with your tenant name
-    clientSecret: process.env.CLIENT_SECRET || "Enter_the_Client_Secret_Here", // Client secret generated from the app registration in Azure portal
+      process.env.AUTHORITY || `https://${TENANT_SUBDOMAIN}.ciamlogin.com/`, // Replace the placeholder with your external tenant name
+    clientSecret: process.env.CLIENT_SECRET || "Enter_the_Client_Secret_Here", // Client secret generated from the app registration in Microsoft Entra admin center
   },
   system: {
     loggerOptions: {
@@ -41,12 +43,8 @@ const GRAPH_API_ENDPOINT = process.env.GRAPH_API_ENDPOINT || "graph_end_point";
 // https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http
 const GRAPH_ME_ENDPOINT = GRAPH_API_ENDPOINT + "v1.0/me";
 
-const mfaProtectedResourceScope =
-  process.env.MFA_PROTECTED_SCOPE || "Add_your_protected_scope_here";
-
 module.exports = {
   msalConfig,
-  mfaProtectedResourceScope,
   REDIRECT_URI,
   POST_LOGOUT_REDIRECT_URI,
   TENANT_SUBDOMAIN,
diff --git a/1-Authentication/7-sign-in-express-mfa/Api/index.js b/1-Authentication/7-sign-in-express-mfa/Api/index.js
@@ -43,19 +43,19 @@ app.post("/updateUserInfo", async (req, res) => {
     fetch(GRAPH_ME_ENDPOINT, accessToken, "PATCH", req.body)
       .then((response) => {
         if (response.status === 204) {
-          res.status(204);
+          res.status(response.status);
           res.json({ message: "Success" });
         } else {
-          res.status(500);
-          res.json({ message: "Failed" });
+          res.status(502);
+          res.json({ message: "Failed, " + response.body });
         }
       })
       .catch((error) => {
-        res.status(400);
-        res.json({ message: "Failed" });
+        res.status(502);
+        res.json({ message: "Failed, " + error });
       });
   } catch (err) {
-    res.json({ message: "Failed" });
+    res.json({ message: "Failed, " + err });
   }
 });
 
diff --git a/1-Authentication/7-sign-in-express-mfa/Api/package.json b/1-Authentication/7-sign-in-express-mfa/Api/package.json
@@ -8,12 +8,12 @@
   "author": "Microsoft",
   "license": "MIT",
   "dependencies": {
-    "@azure/msal-node": "^2.9.2",
-    "axios": "^1.0.0",
+    "@azure/msal-node": "^2.13.1",
+    "axios": "^1.7.7",
     "cookie-parser": "^1.4.6",
-    "dotenv": "^16.0.3",
-    "express": "^4.18.1",
-    "express-session": "^1.17.3",
+    "dotenv": "^16.4.5",
+    "express": "^4.21.0",
+    "express-session": "^1.18.0",
     "http-errors": "^2.0.0",
     "uuid": "^10.0.0"
   }
diff --git a/1-Authentication/7-sign-in-express-mfa/App/authConfig.js b/1-Authentication/7-sign-in-express-mfa/App/authConfig.js
@@ -3,47 +3,52 @@
  * Licensed under the MIT License.
  */
 
-require('dotenv').config({ path: '.env.dev' });
+require("dotenv").config({ path: ".env.dev" });
 
-const TENANT_SUBDOMAIN = process.env.TENANT_SUBDOMAIN || 'Enter_the_Tenant_Subdomain_Here';
-const REDIRECT_URI = process.env.REDIRECT_URI || 'http://localhost:3000/auth/redirect';
-const POST_LOGOUT_REDIRECT_URI = process.env.POST_LOGOUT_REDIRECT_URI || 'http://localhost:3000';
+const TENANT_SUBDOMAIN =
+  process.env.TENANT_SUBDOMAIN || "Enter_the_Tenant_Subdomain_Here";
+const REDIRECT_URI =
+  process.env.REDIRECT_URI || "http://localhost:3000/auth/redirect";
+const POST_LOGOUT_REDIRECT_URI =
+  process.env.POST_LOGOUT_REDIRECT_URI || "http://localhost:3000";
 
 /**
  * Configuration object to be passed to MSAL instance on creation.
  * For a full list of MSAL Node configuration parameters, visit:
  * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-node/docs/configuration.md
  */
 const msalConfig = {
-    auth: {
-        clientId: process.env.CLIENT_ID || 'Enter_the_Application_Id_Here', // 'Application (client) ID' of app registration in Azure portal - this value is a GUID
-        authority: process.env.AUTHORITY || `https://${TENANT_SUBDOMAIN}.ciamlogin.com/`, // Replace the placeholder with your tenant name
-        clientSecret: process.env.CLIENT_SECRET || 'Enter_the_Client_Secret_Here', // Client secret generated from the app registration in Azure portal
-    },
-    system: {
-        loggerOptions: {
-            loggerCallback(loglevel, message, containsPii) {
-                console.log(message);
-            },
-            piiLoggingEnabled: false,
-            logLevel: 'Info',
-        },
+  auth: {
+    clientId: process.env.CLIENT_ID || "Enter_the_Application_Id_Here", // 'Application (client) ID' of app registration in Azure portal - this value is a GUID
+    authority:
+      process.env.AUTHORITY || `https://${TENANT_SUBDOMAIN}.ciamlogin.com/`, // Replace the placeholder with your tenant name
+    clientSecret: process.env.CLIENT_SECRET || "Enter_the_Client_Secret_Here", // Client secret generated from the app registration in Azure portal
+  },
+  system: {
+    loggerOptions: {
+      loggerCallback(loglevel, message, containsPii) {
+        console.log(message);
+      },
+      piiLoggingEnabled: false,
+      logLevel: "Info",
     },
+  },
 };
 
 const GRAPH_API_ENDPOINT = process.env.GRAPH_API_ENDPOINT || "graph_end_point";
 // Refers to the user that is single user singed in.
 // https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http
 const GRAPH_ME_ENDPOINT = GRAPH_API_ENDPOINT + "v1.0/me";
 
-const mfaProtectedResourceScope = process.env.MFA_PROTECTED_SCOPE || 'Add_your_protected_scope_here';
+const editProfileScope =
+  process.env.EDIT_PROFILE_SCOPE || "Add_your_protected_scope_here";
 
 module.exports = {
-    msalConfig,
-    mfaProtectedResourceScope,
-    REDIRECT_URI,
-    POST_LOGOUT_REDIRECT_URI,
-    TENANT_SUBDOMAIN,
-    GRAPH_API_ENDPOINT,
-    GRAPH_ME_ENDPOINT,
+  msalConfig,
+  editProfileScope,
+  REDIRECT_URI,
+  POST_LOGOUT_REDIRECT_URI,
+  TENANT_SUBDOMAIN,
+  GRAPH_API_ENDPOINT,
+  GRAPH_ME_ENDPOINT,
 };
diff --git a/1-Authentication/7-sign-in-express-mfa/App/routes/users.js b/1-Authentication/7-sign-in-express-mfa/App/routes/users.js
@@ -8,10 +8,7 @@ const router = express.Router();
 const authProvider = require("../auth/AuthProvider");
 
 var { fetch } = require("../fetch");
-const {
-  GRAPH_ME_ENDPOINT,
-  mfaProtectedResourceScope,
-} = require("../authConfig");
+const { GRAPH_ME_ENDPOINT, editProfileScope } = require("../authConfig");
 
 // custom middleware to check auth state
 function isAuthenticated(req, res, next) {
@@ -39,6 +36,11 @@ router.get(
       GRAPH_ME_ENDPOINT,
       req.session.accessToken,
     );
+    if (!graphResponse.ok) {
+      return res
+        .status(graphResponse.status)
+        .send("Failed to fetch profile data");
+    }
     res.render("gatedUpdateProfile", {
       profile: graphResponse,
     });
@@ -49,14 +51,19 @@ router.get(
   "/updateProfile",
   isAuthenticated, // check if user is authenticated
   authProvider.getToken(
-    ["User.Read", mfaProtectedResourceScope],
+    ["User.Read", editProfileScope],
     "http://localhost:3000/users/updateProfile",
   ),
   async function (req, res, next) {
     const graphResponse = await fetch(
       GRAPH_ME_ENDPOINT,
       req.session.accessToken,
     );
+    if (!graphResponse.ok) {
+      return res
+        .status(graphResponse.status)
+        .send("Failed to fetch profile data");
+    }
     res.render("updateProfile", {
       profile: graphResponse,
     });
@@ -66,7 +73,7 @@ router.get(
 router.post(
   "/update",
   isAuthenticated,
-  authProvider.getToken([mfaProtectedResourceScope]),
+  authProvider.getToken([editProfileScope]),
   async function (req, res, next) {
     try {
       if (!!req.body) {
