Nothing
Authenticating from Shiny"
In AzureAuth: Authentication Services for Azure Active Directory
Because a Shiny app has separate UI and server components, the interactive authentication flows require some changes. In particular, the authorization step (logging in to Azure) has to be conducted separately from the token acquisition step.
AzureAuth provides the build_authorization_uri function to facilitate this separation. You call this function to obtain a URI that you browse to in order to login to Azure. Once you have logged in, Azure will return an authorization code as part of a redirect.
Here is a skeleton Shiny app that demonstrates its use. The UI calls build_authorization_uri, and then redirects your browser to that location. When you have logged in, the server captures the authorization code and calls get_azure_token to obtain the token. Once the token is obtained, shinyjs is used to return the URL back to its original state.
library(AzureAuth)
library(shiny)
library(shinyjs)
tenant <- "your-tenant-here"
app <- "your-app-id-here"
# the Azure resource permissions needed
# if your app doesn't use any Azure resources (you only want to do authentication),
# set the resource to "openid" only
resource <- c("https://management.azure.com/.default", "openid")
# set this to the site URL of your app once it is deployed
# this must also be the redirect for your registered app in Azure Active Directory
redirect <- "http://localhost:8100"
port <- httr::parse_url(redirect)$port
options(shiny.port=if(is.null(port)) 80 else as.numeric(port))
# replace this with your app's regular UI
ui <- fluidPage(
useShinyjs(),
verbatimTextOutput("token")
)
ui_func <- function(req)
{
opts <- parseQueryString(req$QUERY_STRING)
if(is.null(opts$code))
{
auth_uri <- build_authorization_uri(resource, tenant, app, redirect_uri=redirect, version=2)
redir_js <- sprintf("location.replace(\"%s\");", auth_uri)
tags$script(HTML(redir_js))
}
else ui
}
# code for cleaning url after authentication
clean_url_js <- sprintf(
"
$(document).ready(function(event) {
const nextURL = '%s';
const nextTitle = 'My new page title';
const nextState = { additionalInformation: 'Updated the URL with JS' };
// This will create a new entry in the browser's history, without reloading
window.history.pushState(nextState, nextTitle, nextURL);
});
", redirect
)
server <- function(input, output, session)
{
shinyjs::runjs(clean_url_js)
opts <- parseQueryString(isolate(session$clientData$url_search))
if(is.null(opts$code))
return()
# this assumes your app has a 'public client/native' redirect:
# if it is a 'web' redirect, include the client secret as the password argument
token <- get_azure_token(resource, tenant, app, auth_type="authorization_code",
authorize_args=list(redirect_uri=redirect), version=2,
use_cache=FALSE, auth_code=opts$code)
output$token <- renderPrint(token)
}
shinyApp(ui_func, server)
Note that this process is only necessary within a web app, and only when using an interactive authentication flow. In a normal R session, or when using the client credentials or resource owner grant flows, you can simply call get_azure_token directly.
Try the AzureAuth package in your browser
Any scripts or data that you put into this service are public.
AzureAuth documentation built on Sept. 13, 2021, 5:06 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Because a Shiny app has separate UI and server components, the interactive authentication flows require some changes. In particular, the authorization step (logging in to Azure) has to be conducted separately from the token acquisition step.
AzureAuth provides the build_authorization_uri function to facilitate this separation. You call this function to obtain a URI that you browse to in order to login to Azure. Once you have logged in, Azure will return an authorization code as part of a redirect.
Here is a skeleton Shiny app that demonstrates its use. The UI calls build_authorization_uri, and then redirects your browser to that location. When you have logged in, the server captures the authorization code and calls get_azure_token to obtain the token. Once the token is obtained, shinyjs is used to return the URL back to its original state.
library(AzureAuth) library(shiny) library(shinyjs) tenant <- "your-tenant-here" app <- "your-app-id-here" # the Azure resource permissions needed # if your app doesn't use any Azure resources (you only want to do authentication), # set the resource to "openid" only resource <- c("https://management.azure.com/.default", "openid") # set this to the site URL of your app once it is deployed # this must also be the redirect for your registered app in Azure Active Directory redirect <- "http://localhost:8100" port <- httr::parse_url(redirect)$port options(shiny.port=if(is.null(port)) 80 else as.numeric(port)) # replace this with your app's regular UI ui <- fluidPage( useShinyjs(), verbatimTextOutput("token") ) ui_func <- function(req) { opts <- parseQueryString(req$QUERY_STRING) if(is.null(opts$code)) { auth_uri <- build_authorization_uri(resource, tenant, app, redirect_uri=redirect, version=2) redir_js <- sprintf("location.replace(\"%s\");", auth_uri) tags$script(HTML(redir_js)) } else ui } # code for cleaning url after authentication clean_url_js <- sprintf( " $(document).ready(function(event) { const nextURL = '%s'; const nextTitle = 'My new page title'; const nextState = { additionalInformation: 'Updated the URL with JS' }; // This will create a new entry in the browser's history, without reloading window.history.pushState(nextState, nextTitle, nextURL); }); ", redirect ) server <- function(input, output, session) { shinyjs::runjs(clean_url_js) opts <- parseQueryString(isolate(session$clientData$url_search)) if(is.null(opts$code)) return() # this assumes your app has a 'public client/native' redirect: # if it is a 'web' redirect, include the client secret as the password argument token <- get_azure_token(resource, tenant, app, auth_type="authorization_code", authorize_args=list(redirect_uri=redirect), version=2, use_cache=FALSE, auth_code=opts$code) output$token <- renderPrint(token) } shinyApp(ui_func, server)
Note that this process is only necessary within a web app, and only when using an interactive authentication flow. In a normal R session, or when using the client credentials or resource owner grant flows, you can simply call get_azure_token directly.
Try the AzureAuth package in your browser
Any scripts or data that you put into this service are public.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.