Update to README for new customers

brandwe · brandwe · commit 3a9f311b9c0d · 2015-05-28T18:54:34.000-07:00
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 #Windows Azure Active Directory Sample REST API Service for Node.js using MongoDB and Restify
 
-This Node.js server will give you with a quick and easy way to set up a REST API Service that's integrated with Azure Active Directory for API protection using the OAuth2 protocol with bearer tokens. The sample server included in the download are designed to run on any platform.
+This Node.js server will give you with a quick and easy way to set up a REST API Service that's integrated with Azure Active Directory for API protection. It uses the OAuth2 protocol with bearer tokens. The sample server included in the download are designed to run on any platform.
 
 This REST API server is built using Restify and MongoDB with the following features:
 
@@ -29,11 +29,11 @@ Install Node.js from [http://nodejs.org](http://nodejs.org).
 
 ### Step 4: Install MongoDB on to your platform
 
-To successfully use this sample, you must have a working installation of MongoDB. We will use MongoDB to make our REST API persistant across server instances.
+To successfully use this sample, you must have a working installation of MongoDB. We will use MongoDB to make our REST API persistent across server instances.
 
 Install MongoDB from [http://mongodb.org](http://www.mongodb.org).
 
-**NOTE:** This walkthrough assumes that you use the default installation and server endpoints for MongoDB, which at the time of this writing is: mongodb://localhost
+**NOTE:** This walkthrough assumes that you use the default installation and server endpoints for MongoDB, which at the time of this writing is: mongodb://localhost. This should work locally without any configuration changes if you run this sample on the same machine as you've installed and ran mongodb.
 
 
 ### Step 5: Download the Sample application and modules
@@ -45,12 +45,30 @@ From your shell or command line:
 * `$ git clone git@github.com:AzureADSamples/WebAPI-Nodejs.git`
 * `$ npm install`
 
-### Step 6: Run the application
+**Did you get an error?:** Restify provides a powerful mechanism to trace REST calls using DTrace. However, many operating systems do not have DTrace available. You can safely ignore these errors.
+
+* `$ cd node-server`
+* `$ npm install` (yes, again)
+
+### Step 6: Configure your server using config.js
+
+You will need to update the sample to use your values for audienceURI and for the metadata endpoint.
+
+**NOTE:** You may also pass the `issuer:` value if you wish to validate that as well.
+
+### Step 7: Run the application
 
 
 * `$ cd node-server	`
 * `$ node server.js`
 
+**Is the server output hard to understand?:** We use `bunyan` for logging in this sample. The console won't make much sense to you unless you also install bunyan and run the server like above but pipe it through the bunyan binary:
+
+* `$ node server.js | bunyan`
+
+### Your done!
+
+You will have a server successfully running on `http://localhost:8888`. Your REST / JSON API Endpoint will be `http://localhost:8888/tasks`
 
 ### Acknowledgements
 
diff --git a/node-server/app.js b/node-server/app.js
@@ -38,7 +38,7 @@
     var options = {
    // The URL of the metadata document for your app. We will put the keys for token validation from the URL found in the jwks_uri tag of the in the metadata.
   identityMetadata: config.creds.identityMetadata,
-  // issuer: config.creds.issuer, 
+  // issuer: config.creds.issuer,
   audience: config.creds.audience
 
 };
@@ -317,7 +317,7 @@ var server = restify.createServer({
                 if (err) { return done(err); }
                   if (!user) {
            // "Auto-registration"
-           log.info('User was added automatically as they were new. Their sub is: ', token.sub)
+           log.info('User was added automatically as they were new. Their sub is: ', token.sub);
            users.push(token);
            owner = token.sub;
            return done(null, token);
@@ -374,13 +374,13 @@ var server = restify.createServer({
 
   server.listen(serverPort, function() {
 
-  var consoleMessage = '\n Windows Azure Active Directory Tutorial'
-  consoleMessage += '\n +++++++++++++++++++++++++++++++++++++++++++++++++++++'
+  var consoleMessage = '\n Windows Azure Active Directory Tutorial';
+  consoleMessage += '\n +++++++++++++++++++++++++++++++++++++++++++++++++++++';
   consoleMessage += '\n %s server is listening at %s';
   consoleMessage += '\n Open your browser to %s/tasks\n';
-  consoleMessage += '+++++++++++++++++++++++++++++++++++++++++++++++++++++ \n'
-  consoleMessage += '\n !!! why not try a $curl -isS %s | json to get some ideas? \n'
-  consoleMessage += '+++++++++++++++++++++++++++++++++++++++++++++++++++++ \n\n'
+  consoleMessage += '+++++++++++++++++++++++++++++++++++++++++++++++++++++ \n';
+  consoleMessage += '\n !!! why not try a $curl -isS %s | json to get some ideas? \n';
+  consoleMessage += '+++++++++++++++++++++++++++++++++++++++++++++++++++++ \n\n';
 
   //log.info(consoleMessage, server.name, server.url, server.url, server.url);
 
diff --git a/node-server/config.js b/node-server/config.js
@@ -1,6 +1,6 @@
  // Don't commit this file to your public repos. This config is for first-run
     exports.creds = {
     mongoose_auth_local: 'mongodb://localhost/tasklist', // Your mongo auth uri goes here
-    audience: 'https://com.microsoft.windowsazure.activedirectory.samples',
-    identityMetadata: 'https://login.microsoftonline.com/hypercubeb2c.onmicrosoft.com/.well-known/openid-configuration?p=b2c_1_B2CSI' // For using Microsoft you should never need to change this.
-    }
+    audience: 'https://localhost:8888', // the Audience is the App URL when you registered the application.
+    identityMetadata: 'https://login.microsoftonline.com/hypercubeb2c.onmicrosoft.com/.well-known/openid-configuration?p=b2c_1_B2CSI' // Replace the text after p= with your specific policy.
+  };
diff --git a/node-server/lib/passport-azure-ad/metadata.js b/node-server/lib/passport-azure-ad/metadata.js
@@ -205,7 +205,7 @@ Metadata.prototype.fetch = function(callback) {
       });
     },
     function(body, next){
-      if(self.authtype == "saml" || self.authtype == "wsfed") {
+      if(self.authtype === "saml" || self.authtype === "wsfed") {
       // parse the AAD Federation metadata xml
       var parser = new xml2js.Parser({explicitRoot:true});
       // Note: xml responses from Azure AAD have a leading \ufeff which breaks xml2js parser!
@@ -214,7 +214,7 @@ Metadata.prototype.fetch = function(callback) {
         next(err);
 
       });
-      } else if(self.authtype == "oidc") {
+    } else if(self.authtype === "oidc") {
       log.info("Parsing JSON retreived from the endpoint");
       self.metadata = JSON.parse(body);
       next(null);
@@ -224,15 +224,15 @@ Metadata.prototype.fetch = function(callback) {
     },
     function(next){
 
-        console.log('updating metadata...');
+        log.info('updating metadata...');
 
-      if(self.authtype == "saml") {
+      if(self.authtype === "saml") {
           self.updateSamlMetadata(self.metatdata, next);
         }
-        else if(self.authtype == "wsfed") {
+        else if(self.authtype === "wsfed") {
           self.updateWsfedMetadata(self.metatdata, next);
       }
-        else if(self.authtype == "oidc") {
+        else if(self.authtype === "oidc") {
           self.updateOidcMetadata(self.metadata, next);
         }
       },
diff --git a/node-server/lib/passport-azure-ad/oidcstrategy.js b/node-server/lib/passport-azure-ad/oidcstrategy.js
@@ -106,7 +106,7 @@ if(options.identityMetadata) {
 }
 
 if (!options.certificate && !options.identityMetadata) {
-  log.warn("No options was presented to Strategy as required.")
+  log.warn("No options was presented to Strategy as required.");
    throw new TypeError('OIDCBearerStrategy requires either a PEM encoded public key or a metadata location that contains cert data for RSA and ECDSA callback.');
  }
 
@@ -143,7 +143,7 @@ if (!options.certificate && !options.identityMetadata) {
 
 
 var decoded = jws.decode(token);
-    if (decoded == null) {
+    if (decoded === null) {
       done(null, false, "Invalid JWT token.");
     }
 
@@ -198,7 +198,7 @@ var decoded = jws.decode(token);
 var opts = {};
   opts.passReqToCallback = true;
 
-  console.log('Req: ' + options.passReqToCallback);
+  log.info('Req: ' + options.passReqToCallback);
 
     BearerStrategy.call(this, options, jwtVerify);
 
diff --git a/node-server/package.json b/node-server/package.json
@@ -11,4 +11,4 @@
     "assert-plus": "*",
     "passport": "*"
   }
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,7 @@ if(options.identityMetadata) {`
`106`	`106`	`}`
`107`	`107`
`108`	`108`	`if (!options.certificate && !options.identityMetadata) {`
`109`		`- log.warn("No options was presented to Strategy as required.")`
	`109`	`+ log.warn("No options was presented to Strategy as required.");`
`110`	`110`	`throw new TypeError('OIDCBearerStrategy requires either a PEM encoded public key or a metadata location that contains cert data for RSA and ECDSA callback.');`
`111`	`111`	`}`
`112`	`112`
`@@ -143,7 +143,7 @@ if (!options.certificate && !options.identityMetadata) {`
`143`	`143`
`144`	`144`
`145`	`145`	`var decoded = jws.decode(token);`
`146`		`- if (decoded == null) {`
	`146`	`+ if (decoded === null) {`
`147`	`147`	`done(null, false, "Invalid JWT token.");`
`148`	`148`	`}`
`149`	`149`
`@@ -198,7 +198,7 @@ var decoded = jws.decode(token);`
`198`	`198`	`var opts = {};`
`199`	`199`	`opts.passReqToCallback = true;`
`200`	`200`
`201`		`- console.log('Req: ' + options.passReqToCallback);`
	`201`	`+ log.info('Req: ' + options.passReqToCallback);`
`202`	`202`
`203`	`203`	`BearerStrategy.call(this, options, jwtVerify);`
`204`	`204`
Original file line number	Diff line number	Diff line change
`@@ -11,4 +11,4 @@`
`11`	`11`	`"assert-plus": "*",`
`12`	`12`	`"passport": "*"`
`13`	`13`	`}`
`14`		`-}`
	`14`	`+}`