az account set -s Antares-Demo
az group create -n antchu-swa-roles-function -l centraluseuap
az staticwebapp create -n antchu-swa-roles-function -g antchu-swa-roles-function -s https://github.com/anthonychu/20210903-swa-roles-function -l centraluseuap -b main --app-location frontend --api-location api --login-with-githubNeed to change workflow to use Azure/static-web-apps-deploy@latest.
- testing is hard
- twitter missing access token secret
- would be nice to get openIdIssuer from settings too
- Custom auth doc
- Override a pre-configured auth provider - not all auth providers are pre-configured
- Change "secure authentication secrets" to "secure custom authentication secrets" - maybe merge this into the custom auth page?
- AAD needs better instructions
- aad is the name of the auth provider but config says something else
{"code":401,"message":"An error of type 'unsupported_response_type' occurred during the login process: 'AADSTS700054: response_type 'id_token' is not enabled for the application.\r\nTrace ID: 966cd109-c79b-4dce-905d-af4096a75800\r\nCorrelation ID: ac8eedea-e2c7-4cfe-ae34-30321518c744\r\nTimestamp: 2021-09-09 05:26:16Z'"}
- Needs more scope
{ "error": { "code": "Authorization_RequestDenied", "message": "Insufficient privileges to complete the operation.", "innerError": { "date": "2021-09-09T05:39:37", "request-id": "f0f59846-5c6a-4fc6-a4d2-a904cb3214c8", "client-request-id": "f0f59846-5c6a-4fc6-a4d2-a904cb3214c8" } } }
- if I hit the login endpoint again, I might get an expired token
-
Go to AAD.
-
Go to App Registrations.
-
Select New Registration.
-
Enter name and redirect URI.
-
Select Register.
-
Go to Authentication.
-
In Implicit grant and hybrid flows, select ID tokens.
-
Go to Certificates & secrets.
-
Select New client secret.
-
Enter name and duration.
-
Copy Value and set app setting.
-
Go back to overview.
-
Copy Application (client) ID and set app setting.