How to integrate azure ad into a react web app that consumes a REST API in azure too
The key here is adalApiFetch
, defined in adalConfig.js
. As you can see, it's a simple wrapper around adalFetch
. This method (defined in react-adal
) receives an ADAL instance (authContext
), a resource identifier (resourceGuiId
), a method (fetch
), a URL (url
) and an object (options
). The method does the following:
- Use the ADAL instance (
authContext
) to obtain an access token for the resource identified byresourceGuiId
. - Add this access token to the
headers
field of theoptions
object (or create one if it wasn't provided). - Call the given "fetch" method passing in
url
and theoptions
object as parameters.
The adalApiFetch
method (which you have defined in adalConfig.js
) simply calls adalFetch
with the resource identified in adalConfig.endpoints.api
.
Ok, so how do you use all of this to make a REST request, and consume the response in your React app? Let's use an example. In the following example, we will be using the Microsoft Graph API as the Azure AD-protected REST API. We will be identifying it by it's friendly identifier URI ("https://graph.microsoft.com"), but just keep in mind that that could just as well be the Guid app ID.
adalConfig.js defines the ADAL configuration, and exports a couple helper methods:
import { AuthenticationContext, adalFetch, withAdalLogin } from 'react-adal';
export const adalConfig = {
tenant: '{tenant-id-or-domain-name}',
clientId: '{app-id-of-native-client-app}',
endpoints: {
api: 'https://graph.microsoft.com' // <-- The Azure AD-protected API
},
cacheLocation: 'localStorage',
};
export const authContext = new AuthenticationContext(adalConfig);
export const adalApiFetch = (fetch, url, options) =>
adalFetch(authContext, adalConfig.endpoints.api, fetch, url, options);
export const withAdalLoginApi = withAdalLogin(authContext, adalConfig.endpoints.api);
index.js wraps indexApp.js
with the runWithAdal
method from react-adal
, which ensures the user is signed with Azure AD before loading indexApp.js
:
import { runWithAdal } from 'react-adal';
import { authContext } from './adalConfig';
const DO_NOT_LOGIN = false;
runWithAdal(authContext, () => {
// eslint-disable-next-line
require('./indexApp.js');
},DO_NOT_LOGIN);
indexApp.js simply loads and renders an instance of App
, nothing fancy here:
import React from 'react';
import ReactDOM from 'react-dom';
import './index.css';
import App from './App';
import registerServiceWorker from './registerServiceWorker';
ReactDOM.render(<App />, document.getElementById('root'));
registerServiceWorker();
App.js is a simple component where the magic happens:
- We define a
state
value. In this case, it's calledapiResponse
since we're just displaying the raw API response, but of course you could name this state whatever you wanted (or have multiple state values). - During
componentDidMount
(which is run after the element is available in the DOM), we make a call to theadalApiFetch
. We pass infetch
(from the Fetch API as thefetch
parameter, and the endpoint for the REST request we want to make (the/me
endpoint in Microsoft Graph, in this case): - In the
render
method, we simply display this state value in a<pre>
element.
import React, { Component } from 'react';
import { adalApiFetch } from './adalConfig';
class App extends Component {
state = {
apiResponse: ''
};
componentDidMount() {
// We're using Fetch as the method to be called, and the /me endpoint
// from Microsoft Graph as the REST API request to make.
adalApiFetch(fetch, 'https://graph.microsoft.com/v1.0/me', {})
.then((response) => {
// This is where you deal with your API response. In this case, we
// interpret the response as JSON, and then call `setState` with the
// pretty-printed JSON-stringified object.
response.json()
.then((responseJson) => {
this.setState({ apiResponse: JSON.stringify(responseJson, null, 2) })
});
})
.catch((error) => {
// Don't forget to handle errors!
console.error(error);
})
}
render() {
return (
<div>
<p>API response:</p>
<pre>{ this.state.apiResponse }</pre>
</div>
);
}
}
export default App;