Updated dependencies.

Updated external login doc.

Author: mikey-t

docs/ExternalLogins.md

@@ -4,10 +4,11 @@
 
 ## Code Locations
 
-Application entry point `src/client/index.html` in the `<head>` section:
+Application entry point `src/client/index.html` in the `<head>` section ([COOP](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy) header required to avoid errors during google auth popup):
 
 ```html
 <script src="https://accounts.google.com/gsi/client" async defer></script>
+<meta http-equiv="Cross-Origin-Opener-Policy" content="same-origin-allow-popups">
 ```
 
 Button components:
@@ -40,6 +41,25 @@ Service endpoints: `WebServer/Controllers/AccountController.cs`:
 - `LoginMicrosoft`
 - `MicrosoftLoginRedirect`
 
+## Third Party Library Dependencies
+
+Npm dependencies:
+
+- @azure/msal-browser
+
+Npm dev dependencies:
+
+- @types/gtag.js
+- @types/google.accounts
+- @types/google-one-tap
+
+Nuget packages:
+
+- Google.Apis.Auth
+- Microsoft.AspNetCore.Authentication.Google
+- Microsoft.AspNetCore.Authentication.JwtBearer
+
+
 ## Account Setup
 
 These UI's change from time to time so this might not be exactly how to do it, but it should be similar.
@@ -48,21 +68,28 @@ These UI's change from time to time so this might not be exactly how to do it, b
 
 Azure -> App Registrations
 
+Initial screen asks for display name. Ignore the redirect URIs initially - those will be updated later.
+
+After creation, there should be a "Manage" left nav link - most of the config options are within this submenu.
+
 Important fields:
 
-- Branding and properties: Publisher domain
+- Branding and properties -> Publisher domain (follow instructions to verify a new domain if you haven't done through that process yet)
 - Authentication
-  - Add Web. Examples:
-    - https://local.drs.mikeyt.net.com:3000/api/account/microsoft-login-redirect-web
-    - https://drs.mikeyt.net/api/account/microsoft-login-redirect-web
-  - Add SPA. Examples:
-    - https://drs.mikeyt.net/api/account/microsoft-login-redirect
-    - https://local.drs.mikeyt.net:3000/api/account/microsoft-login-redirect
+  - Add "Web" by selecting "add a platform" and selecting "Web". The initial UI only gives the option to enter one URL, so enter the first, save, then go back and edit/add the other.
+    - Example redirect for local: https://local.drs.mikeyt.net.com:3000/api/account/microsoft-login-redirect-web
+    - Example redirect for live: https://drs.mikeyt.net/api/account/microsoft-login-redirect-web
+    - Note that you can't add a "front-channel logout URL" that makes sense for multiple environments - you would need to setup separate accounts for each environment in this case
+  - Add "Single Page Application" (SPA) by selecting "add a platform" again and selecting "Single-page application" (might be called something slightly different)
+    - Example for local: https://local.drs.mikeyt.net:3000/api/account/microsoft-login-redirect
+    - Example for live: https://drs.mikeyt.net/api/account/microsoft-login-redirect
   - Supported account types: "Accounts in any organizational directory"
   - "Live SDK support": Yes
   - "Allow public client flows": No
 - API Permissions
-  - Microsoft Graph User.Read
+  - Microsoft Graph User.Read (might be setup by default)
+
+The client_id you need to copy into your client code is also called the "application id" and can be found in the app "overview" section.
 
 Other notes:
 
@@ -73,13 +100,20 @@ Other notes:
 Google developer console
 
 - Create a project
-- Create an OAuth 2.0 credential
+- Create an OAuth 2.0 credential (left nav, OAuth consent screen -> External user type)
 - Add all appropriate javascript origins, including ports for local development. Examples:
   - https://local.drs.mikeyt.net
   - https://local.drs.mikeyt.net:3000
   - https://drs.mikeyt.net
 - In OAuth consent screen there is an "edit app" button, be sure to set "Your non-sensitive scopes" to have .../auth/userinfo.email, .../auth/userinfo.profile and openid
 
-Code required:
+Create API credential:
 
-- Index.html (or other application entry point): <script src="https://accounts.google.com/gsi/client" async defer></script>
+- Left nav, Credentials -> top nav, create credential -> OAuth Client Id
+- Application type: Web Application
+- Name it something like "MyApp OAuth Credential"
+- Add authorized javascript origins, example list:
+  - https://local.mydomain.com
+  - https://local.mydomain.com:3000
+  - https://mydomain.com
+- Copy down client id and client secret to secure location

package.json

@@ -7,18 +7,18 @@
     "pnpmInstall": "pnpm install && cd ./client && pnpm install"
   },
   "devDependencies": {
-    "@mikeyt23/node-cli-utils": "^2.0.35",
-    "@types/node": "^20.12.2",
-    "@typescript-eslint/eslint-plugin": "^7.4.0",
-    "@typescript-eslint/parser": "^7.4.0",
+    "@mikeyt23/node-cli-utils": "^2.0.36",
+    "@types/node": "^20.12.12",
+    "@typescript-eslint/eslint-plugin": "^7.10.0",
+    "@typescript-eslint/parser": "^7.10.0",
     "dotenv": "^16.4.5",
     "eslint": "^8.57.0",
-    "swig-cli": "^1.0.1",
+    "swig-cli": "^1.0.3",
     "swig-cli-modules": "^0.3.3",
-    "tsx": "^4.7.1",
-    "typescript": "^5.4.3"
+    "tsx": "^4.11.0",
+    "typescript": "^5.4.5"
   },
   "volta": {
-    "node": "20.10.0"
+    "node": "20.13.1"
   }
 }