From 6e6a24a7af9b14847fdfcd91345a5d833f36a228 Mon Sep 17 00:00:00 2001
From: Vladimir Evdokimov <evdokimov.vladimir@gmail.com>
Date: Sun, 6 Dec 2020 15:34:40 -0500
Subject: [PATCH] feat(provider): Add Azure Active Directory B2C (#809)

* add provider: Microsoft

* documentation

* support no tenant setup

* fix code style

* chore: rename Microsoft provider to AzureADB2C

* chore: alphabetical order in providers/index
---
 src/providers/azure-ad-b2c.js       | 24 ++++++++++++++++++++++++
 src/providers/index.js              |  2 ++
 www/docs/configuration/providers.md |  1 +
 www/docs/faq.md                     |  2 +-
 www/docs/providers/azure-ad-b2c.md  | 28 ++++++++++++++++++++++++++++
 www/sidebars.js                     |  1 +
 6 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 src/providers/azure-ad-b2c.js
 create mode 100644 www/docs/providers/azure-ad-b2c.md

diff --git a/src/providers/azure-ad-b2c.js b/src/providers/azure-ad-b2c.js
new file mode 100644
index 0000000000..fbf8dc40b6
--- /dev/null
+++ b/src/providers/azure-ad-b2c.js
@@ -0,0 +1,24 @@
+export default (options) => {
+  const tenant = options.tenantId ? options.tenantId : 'common'
+
+  return {
+    id: 'azure-ad-b2c',
+    name: 'Azure Active Directory B2C',
+    type: 'oauth',
+    version: '2.0',
+    params: {
+      grant_type: 'authorization_code'
+    },
+    accessTokenUrl: `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/token`,
+    authorizationUrl: `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize?response_type=code&response_mode=query`,
+    profileUrl: 'https://graph.microsoft.com/v1.0/me/',
+    profile: (profile) => {
+      return {
+        id: profile.id,
+        name: profile.displayName,
+        email: profile.userPrincipalName
+      }
+    },
+    ...options
+  }
+}
diff --git a/src/providers/index.js b/src/providers/index.js
index 62f4f229e3..27eb6d8d0b 100644
--- a/src/providers/index.js
+++ b/src/providers/index.js
@@ -1,6 +1,7 @@
 import Apple from './apple'
 import Atlassian from './atlassian'
 import Auth0 from './auth0'
+import AzureADB2C from './azure-ad-b2c'
 import Basecamp from './basecamp'
 import BattleNet from './battlenet'
 import Box from './box'
@@ -27,6 +28,7 @@ export default {
   Atlassian,
   Auth0,
   Apple,
+  AzureADB2C,
   Basecamp,
   BattleNet,
   Box,
diff --git a/www/docs/configuration/providers.md b/www/docs/configuration/providers.md
index 1459c80c1c..d95d185221 100644
--- a/www/docs/configuration/providers.md
+++ b/www/docs/configuration/providers.md
@@ -14,6 +14,7 @@ NextAuth.js is designed to work with any OAuth service, it supports OAuth 1.0, 1
 * [Apple](/providers/apple)
 * [Atlassian](/providers/atlassian)
 * [Auth0](/providers/auth0)
+* [Azure Active Directory B2C](/providers/azure-ad-b2c)
 * [Basecamp](/providers/basecamp)
 * [Battle.net](/providers/battlenet)
 * [Box](/providers/box)
diff --git a/www/docs/faq.md b/www/docs/faq.md
index 3a4053558b..973b462a0f 100644
--- a/www/docs/faq.md
+++ b/www/docs/faq.md
@@ -23,7 +23,7 @@ You can use also NextAuth.js with any database using a custom database adapter,
 
 ### What authentication services does NextAuth.js support?
 
-NextAuth.js includes built-in support for signing in with Apple, Atlassian, Auth0, Google, Battle.net, Box, AWS Cognito, Discord, Facebook, FusionAuth, GitHub, GitLab, Google, Open ID Identity Server, Mixer, Okta, Slack, Spotify, Twitch, Twitter and Yandex.
+NextAuth.js includes built-in support for signing in with Apple, Atlassian, Auth0, Azure Active Directory B2C, Google, Battle.net, Box, AWS Cognito, Discord, Facebook, FusionAuth, GitHub, GitLab, Google, Open ID Identity Server, Mixer, Okta, Slack, Spotify, Twitch, Twitter and Yandex.
 
 NextAuth.js also supports email for passwordless sign in, which is useful for account recovery or for people who are not able to use an account with the configured OAuth services (e.g. due to service outage, account suspension or otherwise becoming locked out of an account).
 
diff --git a/www/docs/providers/azure-ad-b2c.md b/www/docs/providers/azure-ad-b2c.md
new file mode 100644
index 0000000000..a855e9d53d
--- /dev/null
+++ b/www/docs/providers/azure-ad-b2c.md
@@ -0,0 +1,28 @@
+---
+id: azure-ad-b2c
+title: Azure Active Directory B2C
+---
+
+## Documentation
+
+https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
+
+## Configuration
+
+https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-tenant
+
+## Example
+
+```js
+import Providers from 'next-auth/providers';
+...
+providers: [
+  Providers.AzureADB2C({
+    clientId: process.env.AZURE_CLIENT_ID,
+    clientSecret: process.env.AZURE_CLIENT_SECRET,
+    scope: 'offline_access User.Read',
+    tenantId: process.env.AZURE_TENANT_ID,
+  }),
+]
+...
+```
diff --git a/www/sidebars.js b/www/sidebars.js
index 706e30e42e..b7f504c308 100644
--- a/www/sidebars.js
+++ b/www/sidebars.js
@@ -26,6 +26,7 @@ module.exports = {
       'providers/apple',
       'providers/atlassian',
       'providers/auth0',
+      'providers/azure-ad-b2c',
       'providers/basecamp',
       'providers/battle.net',
       'providers/box',