Skip to content

Commit

Permalink
Revert "feat: extend Microsoft Graph API capabilities (#3609)" (#3717)
Browse files Browse the repository at this point in the history
This reverts commit 4a7bcc9.

Co-authored-by: Arne Luenser <[email protected]>
  • Loading branch information
jonas-jonas and alnr authored Jan 29, 2024
1 parent 0e45e87 commit 549308d
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 13 deletions.
17 changes: 5 additions & 12 deletions selfservice/strategy/oidc/provider_microsoft.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,7 @@ func (m *ProviderMicrosoft) updateSubject(ctx context.Context, claims *Claims, e
}

ctx, client := httpx.SetOAuth2(ctx, m.reg.HTTPClient(ctx), o, exchange)
// params to request all user fields from the graph api (User.Read scope) - https://learn.microsoft.com/en-us/previous-versions/azure/ad/graph/api/entity-and-complex-type-reference#user-entity
graphFields := "accountEnabled,assignedLicenses,assignedPlans,city,country,creationType,deletionTimestamp,department,dirSyncEnabled,displayName,employeeId,facsimileTelephoneNumber,givenName,immutableId,jobTitle,lastDirSyncTime,mail,mailNickname,mobile,objectId,objectType,onPremisesSecurityIdentifier,otherMails,passwordPolicies,passwordProfile,physicalDeliveryOfficeName,postalCode,preferredLanguage,provisionedPlans,provisioningErrors,proxyAddresses,refreshTokensValidFromDateTime,showInAddressList,signInNames,sipProxyAddress,state,streetAddress,surname,telephoneNumber,thumbnailPhoto,usageLocation,userIdentities,userPrincipalName,userType"
req, err := retryablehttp.NewRequestWithContext(ctx, "GET", "https://graph.microsoft.com/v1.0/me?$select="+graphFields, nil)

req, err := retryablehttp.NewRequestWithContext(ctx, "GET", "https://graph.microsoft.com/v1.0/me", nil)
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err))
}
Expand All @@ -110,18 +107,14 @@ func (m *ProviderMicrosoft) updateSubject(ctx context.Context, claims *Claims, e
return nil, err
}

var user map[string]interface{}
var user struct {
ID string `json:"id"`
}
if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("Unable to decode JSON from `https://graph.microsoft.com/v1.0/me`: %s", err))
}

ok := false
claims.Subject, ok = user["id"].(string)
if !ok {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReason("Unable to retrieve subject from response"))
}

claims.RawClaims["user"] = user
claims.Subject = user.ID
}

return claims, nil
Expand Down
2 changes: 1 addition & 1 deletion selfservice/strategy/oidc/provider_userinfo_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,7 @@ func TestProviderClaimsRespectsErrorCodes(t *testing.T) {
},
expectedClaims: &oidc.Claims{
Issuer: "https://login.microsoftonline.com/a9b86385-f32c-4803-afc8-4b2312fbdf24/v2.0", Subject: "new-id", Name: "John Doe", Email: "[email protected]",
RawClaims: map[string]interface{}{"aud": []interface{}{"foo"}, "exp": 4.071728504e+09, "iat": 1.516239022e+09, "iss": "https://login.microsoftonline.com/a9b86385-f32c-4803-afc8-4b2312fbdf24/v2.0", "email": "[email protected]", "name": "John Doe", "sub": "1234567890", "tid": "a9b86385-f32c-4803-afc8-4b2312fbdf24", "user": map[string]interface{}{"id": "new-id"}},
RawClaims: map[string]interface{}{"aud": []interface{}{"foo"}, "exp": 4.071728504e+09, "iat": 1.516239022e+09, "iss": "https://login.microsoftonline.com/a9b86385-f32c-4803-afc8-4b2312fbdf24/v2.0", "email": "[email protected]", "name": "John Doe", "sub": "1234567890", "tid": "a9b86385-f32c-4803-afc8-4b2312fbdf24"},
},
},
{
Expand Down

0 comments on commit 549308d

Please sign in to comment.