Sumit
Reload During Mounting
// getToken.ts
.
.
.
interface CustomJwtPayload {
groups?: string[];
}
const checkGroupMembership = async (accessToken: string, groupId: string): Promise<boolean> => {
const decodedToken = await jwtDecode(accessToken) as CustomJwtPayload
const groups = decodedToken?.groups
if (!groups || !Array.isArray(groups)) {
throw new Error('Groups claim not found in token.')
}
return groups.includes(groupId)
}
// getToken.ts
.
.
.
interface CustomJwtPayload {
groups?: string[];
}
const checkGroupMembership = async (accessToken: string, groupId: string): Promise<boolean> => {
const decodedToken = await jwtDecode(accessToken) as CustomJwtPayload
const groups = decodedToken?.groups
if (!groups || !Array.isArray(groups)) {
throw new Error('Groups claim not found in token.')
}
return groups.includes(groupId)
}
9 replies
Reload During Mounting
// getToken.ts
import { InteractionRequiredAuthError } from '@azure/msal-browser'
import jwtDecode from 'jwt-decode'
import { useAuthStore } from '~/store/auth'
export const getToken = async () => {
const authStore = useAuthStore()
const { $msal } = useNuxtApp()
const runtimeConfig = useRuntimeConfig()
if (typeof $msal !== 'undefined') {
const redirectResponse = await $msal.handleRedirectPromise()
if (redirectResponse !== null) {
const accessToken = redirectResponse.accessToken
if (accessToken !== null) {
const isMember = await checkGroupMembership(accessToken, runtimeConfig.public.appGroupId)
if (isMember) {
authStore.updateCurrentUser(accessToken)
} else {
throw new Error('User is not a member of the required group.')
}
}
} else {
const account = $msal.getAllAccounts()[0]
const accessTokenRequest = {
scopes: [runtimeConfig.public.scopes],
account
}
try {
const accessTokenResponse = await $msal.acquireTokenSilent(
accessTokenRequest
)
const accessToken = accessTokenResponse.accessToken
if (accessToken !== null) {
const isMember = await checkGroupMembership(accessToken, runtimeConfig.public.appGroupId)
if (isMember) {
authStore.updateCurrentUser(accessToken)
} else {
throw new Error('User is not a member of the required group.')
}
}
} catch (error) {
console.error(error)
if (error instanceof InteractionRequiredAuthError) {
$msal.acquireTokenRedirect(accessTokenRequest)
}
}
}
}
}
.
.
.
// getToken.ts
import { InteractionRequiredAuthError } from '@azure/msal-browser'
import jwtDecode from 'jwt-decode'
import { useAuthStore } from '~/store/auth'
export const getToken = async () => {
const authStore = useAuthStore()
const { $msal } = useNuxtApp()
const runtimeConfig = useRuntimeConfig()
if (typeof $msal !== 'undefined') {
const redirectResponse = await $msal.handleRedirectPromise()
if (redirectResponse !== null) {
const accessToken = redirectResponse.accessToken
if (accessToken !== null) {
const isMember = await checkGroupMembership(accessToken, runtimeConfig.public.appGroupId)
if (isMember) {
authStore.updateCurrentUser(accessToken)
} else {
throw new Error('User is not a member of the required group.')
}
}
} else {
const account = $msal.getAllAccounts()[0]
const accessTokenRequest = {
scopes: [runtimeConfig.public.scopes],
account
}
try {
const accessTokenResponse = await $msal.acquireTokenSilent(
accessTokenRequest
)
const accessToken = accessTokenResponse.accessToken
if (accessToken !== null) {
const isMember = await checkGroupMembership(accessToken, runtimeConfig.public.appGroupId)
if (isMember) {
authStore.updateCurrentUser(accessToken)
} else {
throw new Error('User is not a member of the required group.')
}
}
} catch (error) {
console.error(error)
if (error instanceof InteractionRequiredAuthError) {
$msal.acquireTokenRedirect(accessTokenRequest)
}
}
}
}
}
.
.
.
9 replies
Reload During Mounting
Thanks for the response Chris. Here is what
getToken and signIn methods contain.
// signIn.ts
export const signIn = async () => {
const { $msal } = useNuxtApp()
const runtimeConfig = useRuntimeConfig()
const loginRequest = {
scopes: [runtimeConfig.public.scopes]
}
if (typeof $msal !== 'undefined') {
function handleResponse (response: any) {
if (response !== null) {
} else {
const currentAccounts = $msal.getAllAccounts()
if (currentAccounts.length === 0) {
$msal.loginRedirect(loginRequest)
} else if (currentAccounts.length > 0) {
}
}
}
try {
const response = await $msal.handleRedirectPromise()
handleResponse(response)
} catch (err) {
console.error('MSAL err: ', err)
}
}
}
// signIn.ts
export const signIn = async () => {
const { $msal } = useNuxtApp()
const runtimeConfig = useRuntimeConfig()
const loginRequest = {
scopes: [runtimeConfig.public.scopes]
}
if (typeof $msal !== 'undefined') {
function handleResponse (response: any) {
if (response !== null) {
} else {
const currentAccounts = $msal.getAllAccounts()
if (currentAccounts.length === 0) {
$msal.loginRedirect(loginRequest)
} else if (currentAccounts.length > 0) {
}
}
}
try {
const response = await $msal.handleRedirectPromise()
handleResponse(response)
} catch (err) {
console.error('MSAL err: ', err)
}
}
}
9 replies