Re: Acquire JWT Token from Azure AD B2c using Angular 8 application- urgent help needed

[Arnaud Deman]

Hello,
I am really not an expert in oauth, so take my answer with caution.

I think you should receive the token on the redirect URL. That's how I get tokens from Twitter, Facebook, Linkedin and Google. If Microsoft has the same worksflow, it should work the same way. This mocrosoft documentation for web apps seems to confirm this. You can implement the redirection end point with a popup or directly through your backend.

Another simpler solution may be to use Firebase authentication: the Microsoft provider is supported out of the box.

Once that is successful and you received the token, I think you can use Angular's HTTP interceptor to add the token in the headers of requests to the Microsoft API.

Regards
Arnaud

On Monday, 25 November 2019 19:25:44 UTC+1, iftekharus wrote:

Hello All,

I have a Angular 8 application on the front end and Azure Function App (API's) in the back end.

My Application is registered on Azure portal

REQUIREMENT:

I need to get JWT token from Azure B2C and whenever there is a call to the Api from front end 

the jwt token needs to be sebnd into the header of that request.

My pain is that i am not able to get the JWT token below is my method call , Any urgent help is appreciated

Note: Anybody who would be able to get this working will get a appreciation of $50 from me

You can connect me on iftek...@gmail.com/iftek...@yahoo.com

export class AuthService {

  private url: string = 'https://login.microsoftonline.com/comcastcorp.onmicrosoft.com/oauth2/v2.0/token?HTTP/1.1';

  constructor(private http: HttpClient, private jwtHelper: JwtHelperService) { }

  acquiretoken(): Observable<any> {

    let headers = new HttpHeaders({ 'Content-Type': 'application/x-www-form-urlencoded' });

    let body = new URLSearchParams();

    body.set('resource_name', "byoddev.onmicrosoft.com");

    body.set('grant_type', "client_credentials");

    body.set('client_id', "Z9PXTnvUvjQ/ButPv5uKAjoSXSXH/Up4bXNlC9DD0lg=");

    body.set('client_secret', "e2d46ead-82e7-4ccc-ab4e-a46b076e0eef");

    return this.http.post<any>(this.url, body.toString(), {

      headers: headers

    }).pipe(

      map(jwt => {

        if (jwt && jwt.access_token) {

          localStorage.setItem('apitoken', JSON.stringify(jwt))

        }

      })

    );

  }

[Arnaud Deman]

Oui, et vous devriez également regénérer votre client_id / client_secret ... cette liste est publique ;-)

[Arnaud Deman]

In english...

Yes, and you should also regenerate your client_id / client_secret ... this list is public ;-)