App.js ( azure active directory token code )

const express = require(“express”);

const app = express();

const orderRoute = require(“./routes/orderRoute”);

const bodyParser = require(“body-parser”);

const cors = require(“cors”);

const passport = require(‘passport’);

const azureConfig = require(‘./azure.config.json’);

const BearerStrategy = require(‘passport-azure-ad’).BearerStrategy;

const options = {

// https://login.microsoftonline.com/<your_tenant_guid>/.well-known/openid-configuration

identityMetadata: `${azureConfig.metadata.authority}/${azureConfig.metadata.version}/${azureConfig.metadata.discovery}`,

/**

* Required if you are using common endpoint and setting `validateIssuer` to true.

* For tenant-specific endpoint, this field is optional, we will use the issuer from the metadata by default.

* issuer: `https://${azureConfig.metadata.authority}/${azureConfig.credentials.tenantID}/${azureConfig.metadata.version}`,

*/

// @ts-ignore

issuer: null,

validateIssuer: azureConfig.settings.validateIssuer,

clientID: azureConfig.credentials.clientID,

audience: azureConfig.credentials.audience,

passReqToCallback: azureConfig.settings.passReqToCallback,

loggingLevel: azureConfig.settings.loggingLevel,

scope: azureConfig.resource.scope,

// If this is set to true, no personal information such as tokens and claims will be logged. The default value is true.

loggingNoPII: true,

/**

* This value is the clock skew (in seconds) allowed in token validation. It must be a positive integer.

* The default value is 300 seconds.

*/

clockSkew: 320

};

const bearerStrategy = new BearerStrategy(options, (token, done) => {

// Verifying the user

/**

* You can use a function here that will lookup the users and add additional information to the user

* object.

**/

const user = {};

// Send user info using the second argument

console.log(‘token’, token);

return done(null, user, token);

}

);

app.use(cors());

app.use(function (req, res, next) {

//Enabling CORS

res.header(“Access-Control-Allow-Origin”, “*”);

res.header(“Access-Control-Allow-Methods”, “GET,HEAD,OPTIONS,POST,PUT”);

res.header(“Access-Control-Allow-Headers”, “Origin, X-Requested-With, Content-Type,Accept, x-client-key, x-client-token, x-client-secret, authorization”);

next();

});

app.use(passport.initialize());

passport.use(bearerStrategy);

// API endpoint exposed

app.use(passport.authenticate(‘oauth-bearer’, { session: false }),

(req, res, next) => {

// console.log(‘req.authInfo’, req.authInfo);

// Information will be available for request life cycle on server side, e.g. req.authInfo[‘name’] for requestor name

res.locals.authInfo = req.authInfo;

return next();

}

);

app.get(‘/protected-resource’, (req, res) => {

res.send(‘Hello! This resource is protected.’)

});

app.use(express.static(‘./public’));

app.use(bodyParser.urlencoded({ extended: false }));

app.use(bodyParser.json());

// const corsOptions ={

// origin:’http://localhost:3000',

// credentials:true, //access-control-allow-credentials:true

// optionSuccessStatus:200

// }

// app.use(cors(corsOptions));

/** app.use() puts the specified middleware functions at the specified path */

app.use(“/regulatory”, orderRoute);

module.exports = app;

Azure.json

{

“credentials”: {

“tenantID”: “b50d8ea7–50f7–44c1-b1e1–96d32db3b4ea”,

“clientID”: “98353746-dd9a-4db3-b589–2daea2d0c56a”,

“audience”: “98353746-dd9a-4db3-b589–2daea2d0c56a”

},

“resource”: {

“scope”: [“User.Read”]

},

“metadata”: {

“authority”: “https://login.microsoftonline.com/b50d8ea7-50f7-44c1-b1e1-96d32db3b4ea",

“discovery”: “.well-known/openid-configuration”,

“version”: “v2.0”

},

“settings”: {

“validateIssuer”: false,

“passReqToCallback”: false,

“loggingLevel”: “info”

}

}

orderROute.js correct code

/** Import the library */

const router = require(“express”).Router();

/** Path for all the apis */

const getRoleController = require(“../controllers/getUsersAndRole”);

const adminDashboardController = require(“../controllers/adminDashboard”);

const mangerDashboardController = require(“../controllers/mangerDashboard”);

const subjectExpertDashboardController = require(“../controllers/subjectExpertDashboard”);

const selectedRegulatoryController = require(“../controllers/userSelectedRegulatoryDetails”);

/**edit path */

const editDashboardUser = require(“../controllers/dashboardEditUser”)

const editTaginfo = require(“../controllers/editRequirmentAndTags”)

const editMangerAcceptandDeclineinfo = require(“../controllers/editResponsiableMangerUsers”)

const editSubjectExpertAcceptandDeclineinfo = require(“../controllers/editSubjectExpertUsers”)

/** router.http methods() function is used to create a new router object. This function is used when you want to create a new router object in your program to handle requests */

router.get(“/role”,getRoleController.getUserRole);

router.get(“/users”,getRoleController.getUserDetails);

router.get(“/admin_dashboard-data”, adminDashboardController.getAdminDashboadData);

router.post(“/manger-dashboard-data”, mangerDashboardController.getMangerDashboadData);

router.post(“/subject-dashboard-data”, subjectExpertDashboardController.getSubjectDashboadData);

router.post(“/get_selcted_regulatory”,selectedRegulatoryController.getSelctedRegulatoryDetails);

/** Edit apis */

router.post(“/edituser”,editDashboardUser.editDashboadUserData);

router.post(“/edittagandeditrequirement”,editTaginfo.editTagDetailsData);

router.post(“/editMangerAcceptandDecline”,editMangerAcceptandDeclineinfo.updateMangerAcceptDeclineandAllocatesubjectData);

router.post(“/editMangerEditTagAndRequirement”,editMangerAcceptandDeclineinfo.mangerEditditTagAndeEditRequirementData);

router.post(“/editSubjectExpertAcceptandDecline”,editSubjectExpertAcceptandDeclineinfo.updateSubjectExpertAcceptDeclineandAllocateSubjectData);

module.exports = router;