AzureAD · hectormmg · May 11, 2024 · Apr 29, 2024 · Apr 30, 2024 · May 8, 2024
diff --git a/.pipelines/1p-e2e.yml b/.pipelines/1p-e2e.yml
@@ -5,7 +5,7 @@ variables:
     ${{ if startsWith(variables['Build.SourceBranch'], 'refs/heads/') }}:
         sourceBranchName: ${{ replace(variables['Build.SourceBranch'], 'refs/heads/', '') }}
     ${{ if startsWith(variables['Build.SourceBranch'], 'refs/pull/') }}:
-        sourceBranchName: ${{ replace(variables['System.PullRequest.SourceBranch'], 'refs/heads/', '') }}
+        sourceBranchName: ${{ variables['System.PullRequest.SourceBranch'] }}
 
 resources:
     repositories:
@@ -16,7 +16,7 @@ resources:
         - repository: 1P
           type: git
           name: IDDP/msal-javascript-1p
-          ref: master
+          ref: use-lab-cert # TODO: replace with master before merging
 
 extends:
     template: v2/OneBranch.NonOfficial.CrossPlat.yml@templates # https://aka.ms/obpipelines/templates

@@ -0,0 +1,86 @@
+variables:
+    CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)] # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning
+    LinuxContainerImage: "mcr.microsoft.com/onebranch/cbl-mariner/build:2.0" # Docker image which is used to build the project https://aka.ms/obpipelines/containers
+    DEBIAN_FRONTEND: noninteractive
+    ${{ if startsWith(variables['Build.SourceBranch'], 'refs/heads/') }}:
+        sourceBranchName: ${{ replace(variables['Build.SourceBranch'], 'refs/heads/', '') }}
+    ${{ if startsWith(variables['Build.SourceBranch'], 'refs/pull/') }}:
+        sourceBranchName: ${{ replace(variables['System.PullRequest.SourceBranch'], 'refs/heads/', '') }}
+
+resources:
+    repositories:
+        - repository: templates
+          type: git
+          name: OneBranch.Pipelines/GovernedTemplates
+          ref: refs/heads/main
+        - repository: 1P
+          type: git
+          name: IDDP/msal-javascript-1p
+          ref: use-lab-cert # TODO: replace with master before merging
+extends:
+    template: v2/OneBranch.NonOfficial.CrossPlat.yml@templates # https://aka.ms/obpipelines/templates
+    parameters:
+        globalSdl:
+            policheck:
+                break: true
+
+        stages:
+            - stage: e2e_test
+              displayName: "3P E2E Tests"
+              jobs:
+                  - template: .pipelines/templates/msal-browser-e2e.yml@1P
+                    parameters:
+                        jobName: "validate_msal_browser"
+                        poolType: "linux"
+                        publishFlagName: "publishMsalBrowser"
+                        sourceBranchName: ${{ variables.sourceBranchName }}
+                        stage: "PR"
+                        override: true
+                        samples:
+                            - "client-capabilities"
+                            - "onPageLoad"
+                            - "pop"
+                            - "customizable-e2e-test"
+                  - template: .pipelines/templates/msal-node-e2e.yml@1P
+                    parameters:
+                        jobName: "validate_msal_node"
+                        poolType: "windows"
+                        publishFlagName: "publishMsalNode"
+                        sourceBranchName: ${{ variables.sourceBranchName }}
+                        stage: "PR"
+                        override: true
+                        node: [16, 18, 20, 22]
+                        samples:
+                            - "auth-code"
+                            - "auth-code-cli-app"
+                            - "client-credentials"
+                            - "device-code"
+                            - "silent-flow"
+                            - "b2c-user-flows"
+                  - template: .pipelines/templates/msal-react-e2e.yml@1P
+                    parameters:
+                        jobName: "validate_msal_react"
+                        poolType: "linux"
+                        publishFlagName: "publishMsalReact"
+                        sourceBranchName: ${{ variables.sourceBranchName }}
+                        stage: "PR"
+                        override: true
+                        samples:
+                            - "nextjs-sample"
+                            - "react-router-sample"
+                            - "gatsby-sample"
+                            - "typescript-sample"
+                            - "b2c-sample"
+                  - template: .pipelines/templates/msal-angular-e2e.yml@1P
+                    parameters:
+                        jobName: "validate_msal_angular"
+                        poolType: "linux"
+                        publishFlagName: "publishMsalAngular"
+                        sourceBranchName: ${{ variables.sourceBranchName }}
+                        stage: "PR"
+                        override: true
+                        samples:
+                            - "angular15-sample-app"
+                            - "angular16-sample-app"
+                            - "angular-b2c-sample-app"
+                            - "angular-standalone-sample"
@@ -0,0 +1,49 @@
+# Variables
+$dotEnvFileName = ".env"
+$tenantIdInfo = 'AZURE_TENANT_ID="72f988bf-86f1-41af-91ab-2d7cd011db47"'
+$clientIdName = "AZURE_CLIENT_ID="
+$clientCertPathName = "AZURE_CLIENT_CERT_PATH="
+$sessionSecretName = "SESSION_SECRET="
+
+# Create file if it doesn't exist
+if (-Not (Test-Path $dotEnvFileName)) {
+    Write-Output "Creating $dotEnvFileName file..."
+    New-Item -Path . -Name $dotEnvFileName -ItemType "file"
+}
+else {
+    Write-Output "$dotEnvFileName file already exists..."
+}
+
+# Output Tenant Id to dotEnv file
+$tenantIdInfo | Out-File -File $dotEnvFileName -Append
+# login - you should have permission already to ready the necessary keyvault
+# if not, ask your manager to help with onboarding
+az login --output none
+
+# Get the lab app id
+$clientIdValue = $(az keyvault secret show --name "LabVaultAppId" --vault-name "msidlabs" --query "value")
+
+$pfxPath = "LabCert.pfx";
+$pemPath = "LabCert.pem";
+# get the lab app cert
+az keyvault secret download --vault-name "msidlabs" -n "LabVaultAccessCert" --file $pfxPath --encoding base64
+# convert pfx file to pem
+openssl pkcs12 -in $pfxPath -out $pemPath -nodes --passin pass:
+
+$fullPemPath = (Get-Location).Path + "\" + $pemPath
+
+# Used to secure sessions for samples that use express-session
+$sessionSecret = New-Guid
+$sessionSecretNameValue = "$sessionSecretName" + '"' + $sessionSecret + '"'    
+
+$clientIdNameValue = "$clientIdName$clientIdValue"
+$clientCertPathNameValue = "$clientCertPathName" + '"' + $fullPemPath + '"'
+
+
+$clientIdNameValue | Out-File -File $dotEnvFileName -Append
+$clientCertPathNameValue | Out-File -File $dotEnvFileName -Append
+$sessionSecretNameValue | Out-File -File $dotEnvFileName -Append
+
+# Dotenv will not parse CLRF correctly, so we need to replace it with LF
+(Get-Content $dotEnvFileName -Raw).Replace("`r`n", "`n") | Set-Content $dotEnvFileName -Force
+
@@ -1,31 +1,4 @@
 #!/bin/bash
 
 # Remember to make executable
-
-# Variables
-dotEnvFileName=".env"
-tenantIdInfo="AZURE_TENANT_ID=\"72f988bf-86f1-41af-91ab-2d7cd011db47\""
-clientIdName="AZURE_CLIENT_ID="
-clientSecretName="AZURE_CLIENT_SECRET="
-
-# Create file if it doesn't exist
-touch $dotEnvFileName
-
-# Output Tenant Id to dotEnv file
-echo $tenantIdInfo >> $dotEnvFileName
-
-# login - you should have permission already to ready the necessary keyvault
-# if not, ask your manager to help with onboarding
-az login
-
-# Get the lab app id
-clientIdValue=$(az keyvault secret show --name "LabVaultAppId" --vault-name "msidlabs" --query "value")
-
-# get the lab app secret
-clientSecretValue=$(az keyvault secret show --name "LabVaultAppSecret" --vault-name "msidlabs" --query "value")
-
-clientIdNameValue=$clientIdName$clientIdValue
-clientSecretNameValue=$clientSecretName$clientSecretValue
-
-echo $clientIdNameValue >> $dotEnvFileName
-echo $clientSecretNameValue >> $dotEnvFileName
+Powershell.exe -file gen_env.ps1