Well, the time has finally come. It was evident when Microsoft started pushing everyone to WebHooks, but this FAQ and related announcements pretty much seals the deal for RERs.
https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/add-ins-and-azure-acs-retirements-faq
In this article, we will explore how MSAL works, how to implement it using code samples, and why it is better than its predecessor, the Azure Active Directory Authentication Library (ADAL).
MSAL provides a simple and consistent API for authenticating users and acquiring access tokens to access Microsoft services. It abstracts the authentication process by handling the complex details of authentication protocols like OAuth 2.0 and OpenID Connect, allowing developers to focus on building their application logic.
Here is an example of how MSAL works using C#:
string[] scopes = { "user.read" }; string clientId = "your-client-id"; string redirectUri = "http://localhost/myapp"; IPublicClientApplication app = PublicClientApplicationBuilder .Create(clientId) .WithRedirectUri(redirectUri) .Build(); AuthenticationResult result = await app.AcquireTokenInteractive(scopes) .ExecuteAsync();
https://gist.github.com/cjvandyk/49c9e5b467d2e9e38bb4f3bd14f71a26
In the example above, we create a new instance of the PublicClientApplicationBuilder and specify the clientId and redirectUri. We then call the AcquireTokenInteractive method to initiate the authentication process with the specified scopes. After the user is authenticated, we can use the result.AccessToken property to retrieve the access token.
MSAL also supports a variety of authentication scenarios, including device-based authentication like setting up your Roku, conditional access policies, and multi-factor authentication.
Here is an example of how to implement MSAL using JavaScript:
const msalConfig = { auth: { clientId: 'your-client-id', authority: 'https://login.microsoftonline.com/common', redirectUri: 'http://localhost:3000', }, cache: { cacheLocation: 'localStorage', storeAuthStateInCookie: true, } }; const loginRequest = { scopes: ["user.read"] }; const pca = new msal.PublicClientApplication(msalConfig); async function signIn() { const authResult = await pca.loginPopup(loginRequest); console.log('Access Token: ', authResult.accessToken); }
https://gist.github.com/cjvandyk/25367b7d0ffb738ca10b46ec5d91569d
In the example above, we define the MSAL configuration using the msalConfig object, which includes the clientId, authority, and redirectUri. We also define the loginRequest object with the requested scopes. We then create a new instance of the PublicClientApplication and call the loginPopup method to initiate the authentication process. After the user is authenticated, we can use the authResult.accessToken property to retrieve the access token.
In conclusion, the Microsoft Authentication Library (MSAL) is a powerful authentication library that simplifies the authentication process for applications that connect to Microsoft services like Azure AD, Microsoft Graph, and Office 365. It provides a simple and consistent API, abstracting the complexity of authentication protocols like OAuth 2.0 and OpenID Connect. MSAL is available for various platforms, including .NET, Java, Python, and JavaScript, and it has several advantages over its predecessor, Azure Active Directory Authentication Library (ADAL), including cross-platform support, better performance, improved user experience, and support for modern authentication features.
/Code forth
C
Asymmetric encryption, also known as public-key encryption, is a type of encryption that uses two different keys to secure the transmission of data. One key, the public key, is shared with anyone who wants to send encrypted messages to the owner of the other key, the private key. Asymmetric encryption is widely used in secure communication protocols such as SSL/TLS, SSH, S/MIME, and PGP.
PGP (Pretty Good Privacy) is a popular encryption software program that uses asymmetric encryption to secure the transmission of data. PGP was developed in 1991 by Phil Zimmermann, a software engineer and privacy advocate. At the time, the US government had strict regulations on the export of encryption technology, and Zimmermann was concerned about the government's ability to monitor private communication. He developed PGP as a way for individuals to communicate privately and securely.
In asymmetric encryption, a pair of different keys is used. One key is used for encryption, and the other is used for decryption. These keys are called a public key and a private key.
The public key can be shared with anyone, while the private key is kept secret by the owner. The owner of the private key can use it to decrypt any data encrypted with the corresponding public key. The use of two different keys provides a higher level of security, as the private key is never shared and only the owner can use it to decrypt data.
Asymmetric encryption involves a few steps:
Asymmetric encryption has several advantages over symmetric encryption, including:
Asymmetric encryption, with the help of PGP, has become a powerful and secure encryption method that is widely used in secure communication protocols. By using two different keys for encryption and decryption, asymmetric encryption provides a higher level of security than symmetric encryption.
PGP, in particular, played a significant role in popularizing asymmetric encryption among the general public. Before PGP, the technology was mainly used by governments and large corporations. PGP's user-friendly interface and accessibility made it easy for individuals to encrypt and decrypt messages without needing a deep understanding of the underlying technology.
Phil Zimmermann's legal battles over PGP's classification as a munition also helped raise awareness about the importance of privacy and the need for secure communication in the digital age. PGP was eventually widely available for download, and it has since become a popular tool for secure communication, email encryption, file encryption, and digital signatures.
In conclusion, asymmetric encryption provides a higher level of security than symmetric encryption, and PGP played a crucial role in making this technology accessible and easy to use for the general public. As technology continues to advance, asymmetric encryption remains an essential tool for securing sensitive data and communication.
/Code forth
C
I posted a short list of my most used tools at
http://blog.cjvandyk.com/p/essentials.html
This is not an exhaustive list but will be growing over time so be sure to bookmark it and check back every so often. 😎
Code forth
C
Using Powershell it's pretty easy to get your thumbprint. To get the list of all certificates in the local machine wide store, use:
Get-ChildItem -Path Cert:LocalMachine\MY
To get the list of all certificates in for the currently logged on user, use:
Get-ChildItem -Path Cert:CurrentUser\MY
Happy coding!
C
Ever wondered what the new SharePoint Online URLs are all about? Take for example https://cjvandyk.sharepoint.us/:x:/r/sites/Site1...
What exactly does the /:x: and the /r between the domain and the /sites mean? Well wonder no more...
| /:b: | |
| /:f: | Folder |
| /:i: | Image |
| /:o: | OneNote |
| /:p: | PowerPoint |
| /:t: | Text |
| /:u: | Undefined |
| /:v: | Video |
| /:w: | Word |
| /:x: | Excel |
