Ueberauth strategy for MS Graph API

swelham · February 25, 2017, 9:55pm

Does anyone know of an implementation for ueberauth that provides a strategy for logging in with outlook.com and office 365 accounts (Azure AD v2.0 endpoint)?

OvermindDL1 · February 27, 2017, 4:39pm

I’ve not seen one yet, but seeing as I’ve made a couple ueberauth strategies so far, it is not at all hard to make if you want to make one yourself.

swelham · February 27, 2017, 4:55pm

I have started one now, I’m just getting a strange issue where the get_token! function keeps returning a :closed error. Could be something to do with proxy server I am sat behind though! I managed to get past the error but ended up with a timeout issue where the MS login page seemed to just hang and not return a response.

I’m going to try it out when I get home where I’m not be held to ransom by a proxy server.

voltone · February 27, 2017, 7:44pm

The :closed error is probably due to a TLS incompatibility between Erlang (18.3.2 and later) and Microsoft servers with modern (SHA256) certificates. The issue has come up in various places over the last year or so, and I just happened to blog about it earlier today: https://blog.voltone.net/post/9 (last section).

TL;DR: you will have to force the connection to use TLS v1.2. The way to do this depends a bit on the TLS/HTTPS client you’re using and the way it wraps Erlang’s :ssl options, but if you’re using the OAuth2 library, this post should help.

swelham · February 27, 2017, 8:29pm

It’s now working perfectly!

I owe you for that one, it would have taken me ages to figure that out. I have a node project running that is making the same requests and is working fine which was causing me some confusion.

Thanks again!

swelham · March 1, 2017, 11:43pm

For anyone interested, I have just published ueberauth_microsoft to hex and the code for it can be found here.

pedromvieira · July 27, 2017, 7:51pm

Nice job.

Can I have callback_url option?
My app has subdomains for each tenant.

Thanks.

swelham · July 28, 2017, 1:37pm

I don’t see why not.

I’m going to be a bit busy for the next few days at least so would you mind logging an issue on the repo for this so I don’t forget?

pedromvieira · July 28, 2017, 6:44pm

https://github.com/swelham/ueberauth_microsoft/issues/3

swelham · July 28, 2017, 8:05pm

Thanks, I will try and get that in this weekend if I get chance.

IRLeif · July 31, 2018, 8:16pm

I’ve been trying to figure this out today, and stumbled upon this thread.

Thanks for creating this ueberauth strategy, @swelham. It seems to be just what I need.

If I may make a suggestion: It could be a good idea to add the keywords “Azure Active Directory” and “Azure AD” to your GitHub repository, so that it is more searchable and thus easier to find.

Related thread:

Cheers!

swelham · August 2, 2018, 9:45am

Hi @IRLeif

Thanks for the suggestion, I have now added the two extra keywords to the repo’s topics list.