Prevented secret key from being exposed to the client

djluck · djluck · commit e6de89bcd1d4 · 2015-01-13T00:32:57.000Z
diff --git a/azure_ad_configure.js b/azure_ad_configure.js
@@ -7,7 +7,7 @@ Template.configureLoginServiceDialogForAzureAd.helpers({
 Template.configureLoginServiceDialogForAzureAd.fields = function () {
     return [
         {property: 'clientId', label: 'Client ID'},
-        {property: 'clientSecret', label: 'Client Secret'},
+        {property: 'secret', label: 'Client Secret'},
         {property: 'tennantId', label: 'Tennant Id'}
     ];
 };
diff --git a/azure_ad_server.js b/azure_ad_server.js
@@ -42,12 +42,15 @@ OAuth.registerService('azureAd', 2, null, function(query) {
     var options = {
         profile: {
             name: identity.displayName
-        },
-        emails : [{
+        }
+    };
+
+    if (!!emailAddress){
+        options.emails = [{
             address : emailAddress,
             verified: true
-        }]
-    };
+        }];
+    }
     return { serviceData: serviceData, options: options };
 });
 
@@ -63,7 +66,7 @@ var getTokens = function (query) {
         params: {
             client_id: config.clientId,
             grant_type: 'authorization_code',
-            client_secret : OAuth.openSecret(config.clientSecret),
+            client_secret : OAuth.openSecret(config.secret),
             resource: "https://graph.windows.net",
             redirect_uri: OAuth._redirectUri('azureAd', config),
             code: query.code
diff --git a/package.js b/package.js
@@ -1,6 +1,6 @@
 Package.describe({
     summary: "Azure Active Directory OAuth flow",
-    version: "0.2.0",
+    version: "0.2.1",
     name: "wiseguyeh:azure-active-directory",
     git: "https://github.com/djluck/azure-active-directory"
 });
