Reputation: 7442
How to pass Google OAuth 2 token to Azure API Authentication?
I followed the steps here to hook up Google OAuth to Azure Authentication. Unfortunately, those instructions stop very short of a full solution and don't mention what to do with the Google OAuth access_token once you have it. I tried putting it into the Authorization header as a Bearer token (Bearer <access_token>), but that doesn't appear to work as my application sitting behind the Authorization service just sees the original Authorization header, not the expected X-MS-CLIENT-PRINCIPAL-NAME, X-MS-CLIENT-PRINCIPAL-ID, X-MS-TOKEN-GOOGLE-ACCESS-TOKEN, etc.
Also, when I navigate to /.auth/me with an Authorization Bearer token I get a 401 response.
Sadly, all of the documentation is either specific to AD (which doesn't seem to apply to my scenario) or it is specific to server-side rendered applications, not SPAs that are hosted separate from the API they are calling.
An ideal answer would tell me what I need to do with the Google OAuth 2 access_token to get Azure authorization service to authenticate the token and add the expected headers.
Edit: The access_token is not a JWT token, which may be part of the problem. If this is in fact the problem and I just need to get a JWT token then how do I do that? I'm currently using the Google Client API JavaScript (beta). I attempted to get a JWT token via the Google OAuth 2 dashboard but putting that as a Bearer token also didn't work, despite using my application's client secret to generate the requests.
Upvotes: 2
Views: 1351
Answers (1)
Reputation: 170
You can pass the access_token in the JSON body to '/.auth/login/google' with key as 'access_token'.
As explained in the following link: https://azure.microsoft.com/en-us/blog/announcing-app-service-authentication-authorization/
Snippet from the above link:
"Alternatively, a client can obtain a token using a provider SDK and exchange it for a session token. Simply submit an HTTP POST to the same endpoint with the provider token in a JSON body under the key “access_token” (or “authenticationToken” for Microsoft Account). This is the preferred solution for mobile applications if a provider SDK is available on the platform, and it also works for many web and API applications."
Upvotes: 0
Related Questions
- Google OAuth 2 authorization - Error: redirect_uri_mismatch
- How is OAuth 2 different from OAuth 1?
- What are the main differences between JWT and OAuth authentication?
- OAuth Authorization vs Authentication
- How does OAuth 2 protect against things like replay attacks using the Security Token?
- Jhipster OAuth 2.0 / OIDC Authentication Authorization header with bearer token
- How to request a OAuth 2.0 access token by Google GData API?