MS Open Tech has announced a Cordova plugin which allows developers to use Active Directory Authentication in their apps for Android, iOS, Windows Store, and Windows Phone platforms to access the APIs that it protects, such as Office 365, Azure, Graph API, etc.
As Vittorio Bertocci explains, the Cordova plugin for ADAL is Microsoft's response to many developers queries about using ADAL JS in Cordova apps. Indeed, says Bertocci, ADAL JS is meant to be used for SPA apps coming from a server, thus enforcing all kind of constraints that are proper to that environment, such as "browser sandboxing, absence of refresh token in the implicit flow, and so on." The Cordova plugin for ADAL does not need to cope with those limitations and provides more advanced integration with the host platform authentication capabilities. This means, e.g., that the same JavaScript code that gets an ADAL async token will store it in the iOS Keychain on iOS, and in the Windows Store Isolated Storage on Windows Phone. This is made possible by the fact that the Cordova plugin for ADAL is a wrapper around existing native libraries for iOS, Android, Windows Store, and Windows Phone.
For a quick start with the plugin, the Azure team is providing a multi-platform single-codebase sample app that:
- signs users in with Azure Active Directory (AAD) to obtain a JWT access token through the OAuth 2.0 protocol;
- sends the token to AAD's Graph API to authenticate the user and obtain information about other users in their organization.
Although the sample app is just a "toy," says Bertocci, it shows "how succinct the app code" can be. The plugin demonstrates in little less than 200 lines of JavaScript code how you can send a request to the Azure Active Directory API, handle the callback, and render the results.