By: Ian Vogel user 10 Jun 2019 at 5:28 p.m. CDT

9 Responses
Ian Vogel gravatar
Hello, The WindowsLive passport strategy doesn't seem to be working. I think the windowslive.js definition in Node seems to be incomplete.

By Jose Gonzalez staff 11 Jun 2019 at 7:31 a.m. CDT

Jose Gonzalez gravatar
Hi Ian, Please check https://support.gluu.org/docs/user-guide/how-to-ask/

By Ian Vogel user 11 Jun 2019 at 8:27 a.m. CDT

Ian Vogel gravatar
In /opt/gluu/passport/server/auth -- windowslive.js seems to be missing the required functions to pull user data from the profile: ``` var passport = require('passport'); var WindowsLiveStrategy = require('passport-windowslive').Strategy; var setCredentials = function(credentials) { var callbackURL = global.applicationHost.concat("/passport/auth/windowslive/callback"); passport.use(new WindowsLiveStrategy({ clientID: credentials.clientID, clientSecret: credentials.clientSecret, callbackURL: callbackURL }, function(accessToken, refreshToken, profile, done) { return done(null, profile); } )); }; module.exports = { passport: passport, setCredentials: setCredentials }; ``` For example, this is what google.js looks like: ``` var passport = require('passport'); var GoogleStrategy = require('passport-google-oauth2').Strategy; var setCredentials = function(credentials) { var callbackURL = global.applicationHost.concat("/passport/auth/google/callback"); passport.use(new GoogleStrategy({ clientID: credentials.clientID, clientSecret: credentials.clientSecret, callbackURL: callbackURL, passReqToCallback: true }, function(request, accessToken, refreshToken, profile, done) { var userProfile = { id: profile.id || "", name: profile.displayName || "", username: profile.username || profile.id || "", email: profile.email || "", givenName: profile.name.givenName || "", familyName: profile.name.familyName || "", provider: "google" }; return done(null, userProfile); } )); }; module.exports = { passport: passport, setCredentials: setCredentials }; ``` And the result is that when the strategy is configured, it goes back to the login page with "An error occurred" message. Also, it's important to note that Microsoft deprecated the old WindowsLive API login, as of May 2019. They have replaced it with the Azure API login. I tried both with the same results.

By Jose Gonzalez staff 11 Jun 2019 at 9:08 a.m. CDT

Jose Gonzalez gravatar
Much better, thank you! Here is my suggestion based on windows live setup we have in upcoming Gluu 4.0: ``` var userProfile = { id: profile.id || "", username: profile.username || profile.id, email: profile.emails && profile.emails[0] && profile.emails[0].value, name: profile.displayName, givenName: profile.name.givenName, familyName: profile.name.familyName, provider: "windowslive" } return done(null, userProfile) ``` We wont deliver a patch for this: to date we haven't heard of any other customer/user interested in supporting WindowsLive as an external provider. So I would kindly ask you to edit the corresponding file in your server.

By Jose Gonzalez staff 11 Jun 2019 at 9:12 a.m. CDT

Jose Gonzalez gravatar
> Also, it's important to note that Microsoft deprecated the old WindowsLive API login, as of May 2019. They have replaced it with the Azure API login. I tried both with the same results. Thanks for reporting. We need to evaluate this since the underlying passport strategy used by Gluu is not being updated for long (2017): https://github.com/jaredhanson/passport-windowslive

By Ian Vogel user 11 Jun 2019 at 11:04 a.m. CDT

Ian Vogel gravatar
OK, thanks very much for this! I will give it a try. I wasn't so bothered about supporting windowslive either, but I then realised it's a good business-oriented account that we could offer for SSO for regular workers (i.e. non-technical), at least with gluu passport OOTB. The other social sites are more likely to have people registered with their personal email addresses.

By Jose Gonzalez staff 19 Jun 2019 at 9:34 a.m. CDT

Jose Gonzalez gravatar
Hi Ian, Can you point me to the deprecation notice?. I was unable to find it. In preliminar QA, windowslive works fine in 4.0 using passport-windowslive node module. I obtained clientID/secret in this place: https://portal.azure.com/#home -> App registrations (preview)

By Ian Vogel user 19 Jun 2019 at 11:58 a.m. CDT

Ian Vogel gravatar
Sorry, I read and explained that incorrectly. What I was referring to is that they are no longer managing applications here, as of May 2019: https://apps.dev.microsoft.com and instead they will be managed in the Azure portal. Sorry for that - it was really incorrect to say it was being deprecated. In any case, I tried both registration id/secret pairs (apps.dev and Azure portal) and neither worked. After looking at and comparing the Gluu passport strategies in my 3.1.6 server, it seemed to me that the windowslive strategy was incomplete, as it didn't have the basic structure that all the other strategies have, hence what I said in my 2nd message above. If the windowslive strategy is working in 4.0, that is great. I suppose I can wait for it. Otherwise, if there's a chance that the 4.0 strategy code has been updated and is working, and you can share it here, that could be really helpful. Thank you

By Jose Gonzalez staff 19 Jun 2019 at 1:16 p.m. CDT

Jose Gonzalez gravatar
For version 4.0 we refactored the node project so it is not necessary to edit javascript code anymore (just oxtrust GUI), but those changes are not backward compatible.

By Ian Vogel user 19 Jun 2019 at 1:19 p.m. CDT

Ian Vogel gravatar
OK, then I will patiently wait. Thank you!