Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the difference between passport-azure-ad vs passport-azure-ad-oauth2

We have application that is developed using MEAN stack. and we are planning to use Azure AD for authentication.

Client Side
In angular the client side resources are protected using adal JS library based on article here

Server Side Node Web API
To protect server side web api i was following the article here which uses passport-azure-ad node module. However on passportjs web site i came across one more node module passport-azure-ad-oauth2

So the question is what's the difference between passport-azure-ad vs passport-azure-ad-oauth2

like image 907
LP13 Avatar asked Apr 14 '16 18:04

LP13


People also ask

Does passport use OAuth2?

Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp.

What is passport in OAuth2?

This module lets you authenticate using OAuth 2.0 in your Node. js applications. By plugging into Passport, OAuth 2.0 authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

What is passport Azure AD?

A2: Passport-Azure-AD for Node. js is a collection of Passport strategies that help you integrate your node applications with Azure Active Directory. It includes OpenID Connect, WS-Federation, and SAML-P authentication and authorization. These providers let you use the many features of Passport-Azure-AD for Node.

Does Azure AD use OAuth2?

Azure Active Directory (Azure AD) supports all OAuth 2.0 flows.


1 Answers

I'm the maintainer of passport-azure-ad. Passport-azure-ad comes from Microsoft and was built to support not just OAuth2 but also scenarios in preview such as B2C and B2B and soon our converged endpoint that we announced at BUILD 2016.

passport-azure-ad-oauth2 is from Auth0 team not affiliated with Microsoft, but they are perfectly good team with good documentation as well. I don't know their level of support for the other scenarios above.

Azure Active Directory is an open platform and strives to use open standards like OAuth2 and Open ID Connect so that developers have this kind of choice.

So, you are free to use whatever library you'd like, but of course from my perspective I'd advocate using the Microsoft OSS libraries on GitHub where they exist, like passport-azure-ad.

Does that help? Feel free to let me know if you run in to any problems with passport-azure-ad if you continue down that route.

like image 68
Brandon Avatar answered Oct 16 '22 13:10

Brandon