feat: signin with microsoft (#1998)

2025-11-14 16:51:38 +10:00 · 2025-10-22 01:05:11 +00:00
parent 49b792503f
commit 4a3859ec60
13 changed files with 181 additions and 10 deletions
--- a/packages/auth/server/config.ts
+++ b/packages/auth/server/config.ts
@ -26,6 +26,16 @@ export const GoogleAuthOptions: OAuthClientOptions = {
  bypassEmailVerification: false,
 };

+export const MicrosoftAuthOptions: OAuthClientOptions = {
+  id: 'microsoft',
+  scope: ['openid', 'email', 'profile'],
+  clientId: env('NEXT_PRIVATE_MICROSOFT_CLIENT_ID') ?? '',
+  clientSecret: env('NEXT_PRIVATE_MICROSOFT_CLIENT_SECRET') ?? '',
+  redirectUrl: `${NEXT_PUBLIC_WEBAPP_URL()}/api/auth/callback/microsoft`,
+  wellKnownUrl: 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration',
+  bypassEmailVerification: false,
+};
+
 export const OidcAuthOptions: OAuthClientOptions = {
  id: 'oidc',
  scope: ['openid', 'email', 'profile'],
--- a/packages/auth/server/routes/callback.ts
+++ b/packages/auth/server/routes/callback.ts
@ -2,7 +2,7 @@ import { Hono } from 'hono';

 import { AppError } from '@documenso/lib/errors/app-error';

-import { GoogleAuthOptions, OidcAuthOptions } from '../config';
+import { GoogleAuthOptions, MicrosoftAuthOptions, OidcAuthOptions } from '../config';
 import { handleOAuthCallbackUrl } from '../lib/utils/handle-oauth-callback-url';
 import { handleOAuthOrganisationCallbackUrl } from '../lib/utils/handle-oauth-organisation-callback-url';
 import type { HonoAuthContext } from '../types/context';
@ -45,4 +45,11 @@ export const callbackRoute = new Hono<HonoAuthContext>()
  /**
   * Google callback verification.
   */
-  .get('/google', async (c) => handleOAuthCallbackUrl({ c, clientOptions: GoogleAuthOptions }));
+  .get('/google', async (c) => handleOAuthCallbackUrl({ c, clientOptions: GoogleAuthOptions }))
+
+  /**
+   * Microsoft callback verification.
+   */
+  .get('/microsoft', async (c) =>
+    handleOAuthCallbackUrl({ c, clientOptions: MicrosoftAuthOptions }),
+  );
--- a/packages/auth/server/routes/oauth.ts
+++ b/packages/auth/server/routes/oauth.ts
@ -2,7 +2,7 @@ import { sValidator } from '@hono/standard-validator';
 import { Hono } from 'hono';
 import { z } from 'zod';

-import { GoogleAuthOptions, OidcAuthOptions } from '../config';
+import { GoogleAuthOptions, MicrosoftAuthOptions, OidcAuthOptions } from '../config';
 import { handleOAuthAuthorizeUrl } from '../lib/utils/handle-oauth-authorize-url';
 import { getOrganisationAuthenticationPortalOptions } from '../lib/utils/organisation-portal';
 import type { HonoAuthContext } from '../types/context';
@ -24,6 +24,20 @@ export const oauthRoute = new Hono<HonoAuthContext>()
      redirectPath,
    });
  })
+
+  /**
+   * Microsoft authorize endpoint.
+   */
+  .post('/authorize/microsoft', sValidator('json', ZOAuthAuthorizeSchema), async (c) => {
+    const { redirectPath } = c.req.valid('json');
+
+    return handleOAuthAuthorizeUrl({
+      c,
+      clientOptions: MicrosoftAuthOptions,
+      redirectPath,
+    });
+  })
+
  /**
   * OIDC authorize endpoint.
   */