问题
I am working on a mobile app, using the PhoneGap framework. For the next part of the project, I need to allow users to authenticate themselves through their Windows 365 account of the company. For this I'm using Azure AD, with the following AngularJS based library.
I have already succeeded on making the Authentication call using localhost. For the next step however I need to make the authentication usable on all mobile devices. For this I need to set up a proper Uri(s), which by default Android appears to provide as a file:///android_asset/ template. While Azure AD seems to recognize this as a "valid" URI, it refuses to make the authentication.
So to boil down my question. How do I set a valid Uri so that the authentication can be achieved on mobile devices?
Additional information: PhoneGap is HTML5 and javascript-based - Should any JS or Jquery classes be able to help in this matter, feel free to forward them. Other libraries being used are Jquery Mobile and AngularJS. (Though the latter used almost solely to perform the authentication) this is the sample I based the authentication on.
回答1:
ADAL js is not designed to work in Cordova. For that we have a Cordova plugin that makes better use of the device resources. Please take a look at http://www.cloudidentity.com/blog/2015/04/06/adal-plugin-for-apache-cordova-deep-dive/ and let us know if that meets your needs.
回答2:
After some further research, I managed to find a solution to the authentication problem. The problem with authentication through Azure is that Azure expects a valid return uri. I had at first considered implementing a custom url scheme for it to return to, but this was also not considered valid.
So we looked at further options. It appears that Azure does offer mobile services which could have made authentication within the app itself possible. However, we wanted to be as cost-effective as possible. I advice, if you're faced with a similar problem to look into them first, but this is how we did it without. I hope someone may find it useful.
The method I used was to perform the authentication on the company's website. The entirety of this consists out of four HTML pages- 2 For logging in, 2 for logging out. (With the requisite JS files of course - See the question.)
What would happen is that when browsing to one of these pages, you would immediately be redirected to Windows 365 to authenticate yourself. Upon logging in, you would be redirected to a page where the information the application needs is provided. (but hidden) A similar process was used in logging out.
The final step in this puzzle was to make the app go to this page, then detect when the authentication was complete. For this I used a cordova plugin, inappbrowser. https://github.com/apache/cordova-plugin-inappbrowser
Basing myself on the event url, I could have the app detect when authentication was completed (or logging out was completed) and act accordingly.
来源:https://stackoverflow.com/questions/29842033/setting-a-valid-azure-ad-uri-for-phonegap