The purpose of this exercise is get an access token using code. We are moving from the "raw style" http to exploring what's needed to get this done using more code.
- The Scenario
- Preparing the development environment
- Exploring the code
- Environment variables
- Running the application
- Config & Secrets
- Logging
This app will list the context of your inbox. A web page is presented, when show inbox is selected the app will trigger a authorization code grant flow and list content of your inbox.
NodeJS based backend, simple html on front end. SSO using oauth2/oidc with Microsoft Entra ID
Important NodeJS modules
- Fastify - web server framework
- Handlebars - templating language
- Got - http request library
- Pino - NodeJs logger
- Tap - Test framework for JS
- Nodejs (tested on v20.17.0)
npm install
npm test
Expects the following environment variables to execute properly
export NODE_ENV=production|development
export CLIENT_SECRET=''
export CLIENT_ID=""
export TENANT_ID=""
export PORT=3000
export REDIRECT_URI=https://...../callback
npm start
- npm test (execute unit tests)
- npm run test-cover (run, reload on changes, show coverage)
- npm run dev (run server, reload on changes)
- npm run snyk (scan for open source vulnerabilities)
To keep modules updated:
- npm outdated (list outdated modules)
- npm upgrade (upgrade minor versions of modules)
- npm install @latest
(remember to verify and execute test before major version updated, or in fact after any update)