Passport.js treating azure-ad authentication link as relative, returns 404 on attempted login
We are using passport-azure-ad to allow users in our domain to log into an internal node app with their Microsoft AD credentials. I had this system working previously with just 1 node app, but now we are trying a new system where we have 2 separate apps running locally with PM2 and serving them up through IIS under the same URL but you access each app like this:
mywebsite.com/app1 OR mywebsite.com/app2
Only the second app needs authentication. The issue I am running into is when you hit login, the passport.authenticate method seems to be trying to redirect to a relative authorization link:
mywebsite.com/{tenant}/oauth2/v2.0/authorize
, rather than the actual authorization endpoint which is:
https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize
Does anyone know why this may be and what I could do to stop passport from treating the auth endpoint like a relative link? This causes a 404 every time a user hits /login because /{tenant}/oauth2/v2.0/authorize route doesn't exist.
RIP to anyone finding this in the future.
For me, the solution was as follows:
- Open IIS and select your SERVER (not site), then open Application Request Routing Cache under IIS
- On the far right Actions pane, select Server Proxy Settings... under Proxy
- UNCHECK Reverse rewrite host in response headers checkbox under Proxy Setting, and make sure you hit Apply on right pane!
- It is important to note I also had to update my entry point app.js to use extended url encoding:
app.use(express.urlencoded({ extended: true }));, as well as updating the redirect URLs in your authentication routes. Azure will also need to know your redirect URIs.
- Switch node_modules folder when I change git branch
- How to merge multiple API calls into one call in REST API
- How to pass my createReadStream of an image file into a HTTP Post Request Body?
- PHP encrypt and decrypt in node JS
- Returning a Promise from "describe" is not supported. Tests must be defined synchronously
- Can you check if an npm version number is valid before running npm publish?
- React.js passing one components variables to another component and vice-versa
- React Audio Player Change current time of Audio
- How to detect and measure event loop blocking in node.js?
- Nestjs/TypeORM - How to implement custom search by column
- How to extend TypeORM repository in NestJS 9 (TypeORM 3.+)
- Sequilize query is returning only one row while using include
- Get an element when changes classname in Puppteer JS with the waitForSelector method
- Scraping nba.com page with puppeteer
- How to scrape multiple pages with puppeteer
- page.evaluate Vs. Puppeteer $ methods
- Puppeteer page.evaluate querySelectorAll return empty objects
- Navigation Timeout Exceeded scraping table in Puppeteer
- Unable to verify leaf signature
- How to create a directory if it doesn't exist using Node.js
- Is it good to use Promise this way?
- How to bulk insert into SQL using MySQL2?
- Can't connect to nodejs server
- SQL syntax error when trying to create a new table using TypeORM
- Class validator: Use class member as decorator argument
- Using next() and res.send .Cannot set headers after they are sent to the client. Error [ERR_HTTP_HEADERS_SENT]:
- How to mock a import?
- Error: querySrv ENOTFOUND _mongodb._tcp.dbname.fzofb.mongodb.net
- Why does Sequelize pluralize / singularize names of anything all? And how to stop that completely?
- How do I do Secure Remote Password (SRP) based sign in with Amazon Cognito in JavaScript?