├── CaptchaAzureFunction
    ├── sample.dat
    ├── function.json
    └── index.js
├── Assets
    ├── logo.png
    ├── background.jpg
    ├── selfAsserted.html
    └── global.css
├── ReadmeImages
    ├── create-api-connector.png
    ├── custom-attribute-add.png
    ├── enable-api-connector.png
    ├── configure_page_layouts.png
    ├── select-custom-attribute.png
    └── search-for-extensions-app-id.png
├── package.json
├── host.json
├── CODE_OF_CONDUCT.md
├── LICENSE.md
├── .gitignore
├── SECURITY.md
└── README.md


/CaptchaAzureFunction/sample.dat:
--------------------------------------------------------------------------------
1 | {
2 |     "name": "Azure"
3 | }


--------------------------------------------------------------------------------
/Assets/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/Assets/logo.png


--------------------------------------------------------------------------------
/Assets/background.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/Assets/background.jpg


--------------------------------------------------------------------------------
/ReadmeImages/create-api-connector.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/create-api-connector.png


--------------------------------------------------------------------------------
/ReadmeImages/custom-attribute-add.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/custom-attribute-add.png


--------------------------------------------------------------------------------
/ReadmeImages/enable-api-connector.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/enable-api-connector.png


--------------------------------------------------------------------------------
/ReadmeImages/configure_page_layouts.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/configure_page_layouts.png


--------------------------------------------------------------------------------
/ReadmeImages/select-custom-attribute.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/select-custom-attribute.png


--------------------------------------------------------------------------------
/ReadmeImages/search-for-extensions-app-id.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Azure-Samples/active-directory-b2c-node-sign-up-user-flow-captcha/main/ReadmeImages/search-for-extensions-app-id.png


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "captcha-b2c-sign-up-node",
 3 |   "version": "1.0.0",
 4 |   "description": "",
 5 |   "scripts": {
 6 |     "start": "func start",
 7 |     "test": "echo \"No tests yet...\""
 8 |   },
 9 |   "dependencies": {
10 |     "axios": "^0.19.2",
11 |     "qs": "^6.9.4"
12 |   },
13 |   "devDependencies": {}
14 | }
15 | 


--------------------------------------------------------------------------------
/CaptchaAzureFunction/function.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "bindings": [
 3 |     {
 4 |       "authLevel": "function",
 5 |       "type": "httpTrigger",
 6 |       "direction": "in",
 7 |       "name": "req",
 8 |       "methods": [
 9 |         "post"
10 |       ]
11 |     },
12 |     {
13 |       "type": "http",
14 |       "direction": "out",
15 |       "name": "res"
16 |     }
17 |   ]
18 | }
19 | 


--------------------------------------------------------------------------------
/host.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "version": "2.0",
 3 |   "extensionBundle": {
 4 |     "id": "Microsoft.Azure.Functions.ExtensionBundle",
 5 |     "version": "[1.*, 2.0.0)"
 6 |   },
 7 |   "logging": {
 8 |     "fileLoggingMode": "always",
 9 |     "logLevel": {
10 |       "default": "Information",
11 |       "Host.Results": "Error",
12 |       "Function": "Trace",
13 |       "Host.Aggregator": "Trace"
14 |     }
15 |   }
16 | }


--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
 1 | # Microsoft Open Source Code of Conduct
 2 | 
 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
 4 | 
 5 | Resources:
 6 | 
 7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
 8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
 9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
10 | 


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
 1 |     MIT License
 2 | 
 3 |     Copyright (c) Microsoft Corporation.
 4 | 
 5 |     Permission is hereby granted, free of charge, to any person obtaining a copy
 6 |     of this software and associated documentation files (the "Software"), to deal
 7 |     in the Software without restriction, including without limitation the rights
 8 |     to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 |     copies of the Software, and to permit persons to whom the Software is
10 |     furnished to do so, subject to the following conditions:
11 | 
12 |     The above copyright notice and this permission notice shall be included in all
13 |     copies or substantial portions of the Software.
14 | 
15 |     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 |     IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 |     FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 |     AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 |     LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 |     OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 |     SOFTWARE
22 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | # Logs
  2 | logs
  3 | *.log
  4 | npm-debug.log*
  5 | yarn-debug.log*
  6 | yarn-error.log*
  7 | lerna-debug.log*
  8 | 
  9 | # Diagnostic reports (https://nodejs.org/api/report.html)
 10 | report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 11 | 
 12 | # Runtime data
 13 | pids
 14 | *.pid
 15 | *.seed
 16 | *.pid.lock
 17 | 
 18 | # Directory for instrumented libs generated by jscoverage/JSCover
 19 | lib-cov
 20 | 
 21 | # Coverage directory used by tools like istanbul
 22 | coverage
 23 | 
 24 | # nyc test coverage
 25 | .nyc_output
 26 | 
 27 | # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
 28 | .grunt
 29 | 
 30 | # Bower dependency directory (https://bower.io/)
 31 | bower_components
 32 | 
 33 | # node-waf configuration
 34 | .lock-wscript
 35 | 
 36 | # Compiled binary addons (https://nodejs.org/api/addons.html)
 37 | build/Release
 38 | 
 39 | # Dependency directories
 40 | node_modules/
 41 | jspm_packages/
 42 | 
 43 | # TypeScript v1 declaration files
 44 | typings/
 45 | 
 46 | # Optional npm cache directory
 47 | .npm
 48 | 
 49 | # Optional eslint cache
 50 | .eslintcache
 51 | 
 52 | # Optional REPL history
 53 | .node_repl_history
 54 | 
 55 | # Output of 'npm pack'
 56 | *.tgz
 57 | 
 58 | # Yarn Integrity file
 59 | .yarn-integrity
 60 | 
 61 | # dotenv environment variables file
 62 | .env
 63 | .env.test
 64 | 
 65 | # parcel-bundler cache (https://parceljs.org/)
 66 | .cache
 67 | 
 68 | # next.js build output
 69 | .next
 70 | 
 71 | # nuxt.js build output
 72 | .nuxt
 73 | 
 74 | # vuepress build output
 75 | .vuepress/dist
 76 | 
 77 | # Serverless directories
 78 | .serverless/
 79 | 
 80 | # FuseBox cache
 81 | .fusebox/
 82 | 
 83 | # DynamoDB Local files
 84 | .dynamodb/
 85 | 
 86 | # TypeScript output
 87 | dist
 88 | out
 89 | 
 90 | # Azure Functions artifacts
 91 | bin
 92 | obj
 93 | appsettings.json
 94 | local.settings.json
 95 | 
 96 | # Other
 97 | *.DS_Store*
 98 | 
 99 | # Visual Studi Code
100 | .vscode/


--------------------------------------------------------------------------------
/Assets/selfAsserted.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 |   <head>
 4 |     <title>Sign in</title>
 5 |     <meta charset="utf-8" />
 6 |     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
 7 |     <meta name="viewport" content="width=device-width, initial-scale=1" />
 8 |     <!-- TODO: favicon -->
 9 |     <link
10 |       href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"
11 |       rel="stylesheet"
12 |       type="text/css"
13 |     />
14 |     <!--Replace with your own CSS-->
15 |     <link
16 |       href="https://shasacustomjs.blob.core.windows.net/b2c/global.css"
17 |       rel="stylesheet"
18 |       type="text/css"
19 |     />
20 |   </head>
21 |   <body>
22 |     <div class="container unified_container">
23 |       <div class="row">
24 |         <div class="col-md-6 col-md-offset-3 col-sm-8 col-sm-offset-2">
25 |           <div class="panel panel-default">
26 |             <div class="panel-body">
27 |               <div class="image-center">
28 |                 <img
29 |                   alt="Wingtip Toys"
30 |                   class="login-logo"
31 |                   src="https://shasacustomjs.blob.core.windows.net/b2c/logo.png"
32 |                 />
33 |               </div>
34 |               <h3 class="text-center">Sign up for a new account</h3>
35 |               <div id="api" data-name="Unified"></div>
36 |               <div id="html_element"></div>
37 |             </div>
38 |           </div>
39 |         </div>
40 |       </div>
41 |     </div>
42 |     <script type="text/javascript">
43 |       captchaUserResponseTokenEl = "extension_CaptchaUserResponseToken";
44 | 
45 |       captchaCallback = function (response) {
46 |         document.getElementById(captchaUserResponseTokenEl).value = response;
47 |       };
48 | 
49 |       onloadCallback = function () {
50 |         grecaptcha.render("html_element", {
51 |           "sitekey": "<CAPTCHA_SITE_KEY>", // ENTER YOUR SITE KEY 
52 |           "callback": captchaCallback,
53 |         });
54 | 
55 |         // Hides captcha custom attribute from view from the user
56 |         document.getElementById(captchaUserResponseTokenEl).style.display = "none";
57 |         document.getElementById(captchaUserResponseTokenEl+"_label").style.display = "none";
58 |       };
59 |     </script>
60 |     <script
61 |       src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
62 |       async
63 |       defer
64 |     ></script>
65 |   </body>
66 | </html>
67 | 


--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
 1 | <!-- BEGIN MICROSOFT SECURITY.MD V0.0.5 BLOCK -->
 2 | 
 3 | ## Security
 4 | 
 5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
 6 | 
 7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.
 8 | 
 9 | ## Reporting Security Issues
10 | 
11 | **Please do not report security vulnerabilities through public GitHub issues.**
12 | 
13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
14 | 
15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
16 | 
17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 
18 | 
19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20 | 
21 |   * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22 |   * Full paths of source file(s) related to the manifestation of the issue
23 |   * The location of the affected source code (tag/branch/commit or direct URL)
24 |   * Any special configuration required to reproduce the issue
25 |   * Step-by-step instructions to reproduce the issue
26 |   * Proof-of-concept or exploit code (if possible)
27 |   * Impact of the issue, including how an attacker might exploit the issue
28 | 
29 | This information will help us triage your report more quickly.
30 | 
31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
32 | 
33 | ## Preferred Languages
34 | 
35 | We prefer all communications to be in English.
36 | 
37 | ## Policy
38 | 
39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
40 | 
41 | <!-- END MICROSOFT SECURITY.MD BLOCK -->


--------------------------------------------------------------------------------
/CaptchaAzureFunction/index.js:
--------------------------------------------------------------------------------
 1 | const axios = require('axios');
 2 | const qs = require('qs');
 3 | 
 4 | module.exports = async function (context, req) {
 5 | 
 6 |     // parse Basic Auth username and password
 7 |     var header = req.headers["authorization"] || "", // get the header
 8 |         token = header.split(/\s+/).pop() || "", // and the encoded auth token
 9 |         auth = new Buffer.from(token, "base64").toString(), // convert from base64
10 |         parts = auth.split(/:/), // split on colon
11 |         username = parts[0],
12 |         password = parts[1];
13 | 
14 |     // Check for HTTP Basic Authentication, return HTTP 401 error if invalid credentials.
15 |     if (
16 |         username !== process.env["BASIC_AUTH_USERNAME"] ||
17 |         password !== process.env["BASIC_AUTH_PASSWORD"]
18 |     ) {
19 |         context.res = {
20 |             status: 401,
21 |         };
22 |         context.log("Invalid Authentication");
23 |         return;
24 |     }
25 | 
26 |     context.log('JavaScript HTTP trigger function processed a request.');
27 | 
28 |     let data = req.body;
29 | 
30 | 
31 |     const extensionAttributeKey = "extension_" + process.env["B2C_EXTENSIONS_APP_ID"] + "_CaptchaUserResponseToken";
32 | 
33 |     let captchaToken = data && data[extensionAttributeKey]; //extension app-id
34 | 
35 |     // Calls Captcha API check for server-side validation of the generated token
36 |     let captchaApiCheck = captchaToken && await axios.post("https://www.google.com/recaptcha/api/siteverify", qs.stringify({
37 |         "secret": process.env["CAPTCHA_SECRET_KEY"],
38 |         "response": captchaToken
39 |     })).then(function (response) {
40 |         const success = response.data.success;
41 |         if (!success) {
42 |             context.log("Captcha verification unsuccessful: " + JSON.stringify(response));
43 |         }
44 |         return success;
45 |     }).catch(function (err) {
46 |         context.log.error("Some other issue with Captcha API call: " + JSON.stringify(err));
47 |         return false;
48 |     });
49 | 
50 |     context.log("value of captcha check");
51 |     context.log(captchaApiCheck);
52 | 
53 | 
54 |     var body = {
55 |         "version": "1.0.0",
56 |         "status": 400,
57 |         "action": "ValidationError",
58 |     };
59 |     var status = 400;
60 | 
61 |     if (!captchaToken) {
62 |         context.log("No captcha token verification code was sent to the API.");
63 |         body["userMessage"] = "Please complete the Captcha."
64 |     } else if (!captchaApiCheck) {
65 |         body["userMessage"] = "Invalid Captcha. Please try again."
66 |     } else {
67 |         status = 200;
68 |         body = {
69 |             "version": "1.0.0",
70 |             "action": "Continue",
71 |             [extensionAttributeKey]: "" //overwrites extension attribute to "" in order to not store it in the directory
72 |         };
73 |     }
74 | 
75 |     context.res = {
76 |         status: status,
77 |         body: body
78 |     };
79 | };


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | ---
  2 | page_type: sample
  3 | languages:
  4 |   - javascript
  5 |   - nodejs
  6 | products:
  7 |   - azure-active-directory
  8 | description: "A sample to demonstrate how to use a CAPTCHA servicein Azure AD B2C sign-up user flows."
  9 | urlFragment: active-directory-node-b2c-sign-up-user-flow-captcha
 10 | ---
 11 | 
 12 | # active-directory-node-b2c-user-flow-captcha
 13 | 
 14 | ## Contents
 15 | 
 16 | | File/folder                 | Description                                |
 17 | | --------------------------- | ------------------------------------------ |
 18 | | Assets/selfAsserted.html      | Sample custom HTML and JS script file for user flow.     |
 19 | | Assets     | Contains UI/UX assets used by the user flows.    |
 20 | | CaptchaAzureFunction(AzureFunction.cs)      | Sample source code for Node.js HTTP trigger.    |
 21 | | `README.md`                 | This README file.                          |
 22 | | `.gitignore`                | Define what to ignore at commit time.      |
 23 | | `CONTRIBUTING.md`                   | Guidance on how to contribute to this repository.        |
 24 | | `LICENSE.md`                   | The license for the sample.                |
 25 | | `SECURITY.md`                   | The security notice for the sample.      |
 26 | 
 27 | ## Key Concepts
 28 | 
 29 | CAPTCHA services are often used in authentication scenarios to protect against bots or other automated abuse. This sample demonstrates how to integrate an Azure AD B2C sign-up user flow with a CAPTCHA service.
 30 | 
 31 | Key components:
 32 | 
 33 | - [**reCAPTCHA**](https://developers.google.com/recaptcha/) - a CAPTCHA service for protecting against bots and other automated abuse.
 34 | - **Azure AD B2C sign-up user flow** - The sign-up experience that will be using the CAPTCHA service. Will utilize the [custom HTML & JavaScript](https://docs.microsoft.com/azure/active-directory-b2c/customize-ui-overview) and [API connectors](https://docs.microsoft.com/azure/active-directory-b2c/api-connectors-overview) to integrate with the CAPTCHA service.
 35 | - **Azure Functions** - API endpoint hosted by you that works in conjunction with the **API connectors** feature. This API is responsible for doing the server-side validation of the CAPTCHA challenge.
 36 | 
 37 | This same pattern can be used for other CAPTCHA services and with other API hosting services.
 38 | 
 39 | ## Create an API key pair for reCAPTCHA V2
 40 | 
 41 | - Follow the [reCAPTCHA documentation](https://developers.google.com/recaptcha/intro) to create an API key pair for your scenario.
 42 | - Use your Azure AD B2C tenant as the **domain**: `<tenantname>.b2clogin.com`
 43 | - You will receive a **site_key** and **secret_key**. The values of these are referred to as **`CAPTCHA_SITE_KEY`** and **`CAPTCHA_SECRET_KEY`** in the sample code and correspond to keys used in client-side and server-side CAPTCHA API calls.
 44 | 
 45 | ## Create a "CaptchaUserResponseToken" Custom Attribute
 46 | 
 47 | 1. From the Azure Portal, go to **Azure AD B2C**
 48 | 1. Select **User Attributes**
 49 | 1. Select **Add**
 50 | 1. Enter `CaptchaUserResponseToken` as the attribute **Name**
 51 | 1. **Create**
 52 | 
 53 | ![Custom attribute creation](ReadmeImages/custom-attribute-add.png)
 54 | 
 55 | Learn more about [custom attributes](https://docs.microsoft.com/azure/active-directory-b2c/user-flow-custom-attributes).
 56 | 
 57 | ## Create a user flow
 58 | 
 59 | This can be either be a **sign up and sign in** or a just **sign up** or user flow. Either way, the CAPTCHA will only be shown during sign up.
 60 | 
 61 | 1. [Follow these instructions](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-user-flows). If using an existing user flow, note that user flows must be of the "Recommended (next-generation preview)" version type.
 62 | 1. In the user flow settings, navigate to **User attributes** and select the **CaptchaUserResponseToken** claim.
 63 | 
 64 | ![Select custom attribute in user flow](ReadmeImages/select-custom-attribute.png)
 65 | 
 66 | ## Configure custom HTML, JavaScript, and Page Layouts
 67 | 
 68 | The **Assets > selfAsserted.html** file contains an HTML template with JavaScript (`<script>` tags) that will do three things:
 69 | 
 70 | - Load the reCAPTCHA script (`https://www.google.com/recaptcha/api.js`), which renders the reCAPTCHA widget and performs client-side CAPTCHA validation.
 71 | - Hide the `extension_CaptchaUserResponseToken` input element and label, corresponding to the CaptchaUserResponseToken custom attribute, from the UI shown to the user.
 72 | - When a user completes the CAPTCHA challenge, reCAPTCHA verifies the user's response and generates a token. When this happens, the callback `captchaCallback` in the custom JavaScript sets the value of **extension_CaptchaUserResponseToken** to the generated token value. This value will be submitted to the API endpoint as described in the "Create and deploy your API" section.
 73 | 
 74 | Read more about reCAPTCHA V2 checkbox client-side validation [here](https://developers.google.com/recaptcha/docs/display).
 75 | 
 76 | Follow the instructions below to use this custom HTML and JS for your user flow.
 77 | 
 78 | ### Modify the selfAsserted.html page
 79 | 
 80 | Modify the **Assets > selfAsserted.html** file so that `<CAPTCHA_SITE_KEY>` matches the value you generated in the first step, which is used by the reCAPTCHA script.
 81 | 
 82 | ### Host the HTML page
 83 | 
 84 | Host the html page on a CORS enabled web endpoint. For example, follow **steps 2 and 3** of [these](https://docs.microsoft.com/en-us/azure/active-directory-b2c/customize-ui-with-html?pivots=b2c-user-flow#2-create-an-azure-blob-storage-account) instructions ("Create an Azure Blob storage account" and "Configure CORS").
 85 | 
 86 | If you have your own custom HTML, just copy and paste the `<script>` elements onto your HTML page.
 87 | 
 88 | ### Configure page layouts
 89 | 
 90 | 1. From the Azure Portal, go to **Azure AD B2C**
 91 | 1. Navigate to **User flows** and select your user flow
 92 | 1. Select **Page layouts**
 93 | 1. Select **Local account sign up page** layout
 94 | 1. Toggle **Use custom page content** to "YES"
 95 | 1. Paste the URI where your custom HTML lives in **Use custom page content**
 96 | 1. Do the previous two steps for **Social account sign up page** layout if using social identity providers.
 97 | 
 98 | ![Select custom attribute in user flow](ReadmeImages/configure_page_layouts.png)
 99 | 
100 | ### Enable JavaScript
101 | 
102 | 1. From your user flow, go to **Properties** and select **Enable JavaScript enforcing page layout (preview)**
103 | 
104 | Learn more [here](https://docs.microsoft.com/azure/active-directory-b2c/user-flow-javascript-overview).
105 | 
106 | ## Create and deploy your API
107 | 
108 | These steps assume you use Visual Studio Code, but deploying the Azure Function via the Azure Portal, terminal or command prompt, or any other code editor will also work.
109 | 
110 | **Prerequisite**: Install the [Azure Functions extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azurefunctions) for Visual Studio Code.
111 | 
112 | ### Run the API locally
113 | 
114 | 1. Navigate to the **Azure extension** in Visual Studio code on the left navigation bar. You should see a 'Local Project' folder representing your local Azure Function.
115 | 1. Press **F5** (or use the **Debug > Start Debugging** menu command) to launch the debugger and attach to the Azure Functions host. (This command automatically uses the single debug configuration that Azure Functions created.)
116 | 1. The Azure Function extension will automatically generate a few files for local development, install dependencies, and install the Function Core tools if not already present. These tools help with the debugging experience.
117 | 1. Output from the Functions Core tools appears in the VS Code **Terminal** panel. Once the host has started, **Alt+click** the local URL shown in the output to open the browser and run the function. You can also see the url of the locally-hosted function by right clicking on the function on the Azure Functions explorer.
118 | 1. To redeploy the local instance during testing, just repeat these steps.
119 | 
120 | ### Add environment variables
121 | 
122 | This sample protects the web API endpoint using [HTTP Basic authentication](https://tools.ietf.org/html/rfc7617).
123 | 
124 | Here, username and password are stored as environment variables so they're not stored as part of the repository. Read more about the [local.settings.json](https://docs.microsoft.com/azure/azure-functions/functions-run-local?tabs=macos%2Ccsharp%2Cbash#local-settings-file) file.
125 | 
126 | 1. Create a **local.settings.json** file in your root folder
127 | 1. Copy and paste the below code onto the file:
128 | 
129 | ```json
130 | {
131 |   "IsEncrypted": false,
132 |   "Values": {
133 |     "AzureWebJobsStorage": "",
134 |     "FUNCTIONS_WORKER_RUNTIME": "node",
135 |     "BASIC_AUTH_USERNAME": "<USERNAME>",
136 |     "BASIC_AUTH_PASSWORD": "<PASSWORD>",
137 |     "CAPTCHA_SECRET_KEY": "<CAPTCHA_SECRET_KEY>",
138 |     "B2C_EXTENSIONS_APP_ID": "<B2C_EXTENSIONS_APP_ID>"
139 |   }
140 | }
141 | ```
142 | 
143 | The **BASIC_AUTH_USERNAME** and **BASIC_AUTH_PASSWORD** are going to be the credentials used to authenticate the API call to your Azure Function. Choose your desired values.
144 | 
145 | The `<CAPTCHA_SECRET_KEY>` is the server-side secret you generated in the reCAPTCHA service. It's used to call the [reCAPTCHA server-side validation API](https://developers.google.com/recaptcha/docs/verify) to validate the value of the `CaptchaUserResponseToken` generated by the front-end.
146 | 
147 | THE `<B2C_EXTENSIONS_APP_ID>` is the application ID of the app used by Azure AD B2C to store custom attributes in the directory. You can find this application ID by navigating to **App registrations**, searching for `b2c-extensions-app` and copying the `Application (client) ID` from the **Overview** pane. Remove the `-` characters.
148 | 
149 | ![Find extensions app](ReadmeImages/search-for-extensions-app-id.png)
150 | 
151 | ### Deploy the application to the web
152 | 
153 | 1. Follow steps of [this](https://docs.microsoft.com/azure/javascript/tutorial-vscode-serverless-node-04) guide #1-7 to deploy your Azure Function to the cloud. Copy the endpoint web URL of your Azure Function.
154 | 1. Once deployed, you'll see an **'Upload settings'** option. Select this. It will upload your environment variables onto the [Application settings](https://docs.microsoft.com/azure/azure-functions/functions-develop-vs-code?tabs=csharp#application-settings-in-azure) of the App service. These application settings can also be configured or [managed via the Azure portal](https://docs.microsoft.com/azure/azure-functions/functions-how-to-use-azure-function-app-settings).
155 | 
156 | To learn more about Visual Studio Code development for Azure Functions, see [this](https://docs.microsoft.com/azure/azure-functions/functions-develop-vs-code?tabs=csharp#republish-project-files).
157 | 
158 | ## Configure and enable the API connector
159 | 
160 | Follow the steps outlined in ["Add an API connector"](https://docs.microsoft.com/azure/active-directory-b2c/add-api-connector) to create an API connector and enable it your user flow. The configuration should look like the below.
161 | 
162 | ### API connector configuration
163 | 
164 | Your API connector configuration should look like the following:
165 | 
166 | ![API connector configuration](ReadmeImages/create-api-connector.png)
167 | 
168 | - **Endpoint URL** is the Function URL you copied earlier if the deployed Azure Function.
169 | - **Username** and **Password** are the Username and Passwords you defined as environment variables earlier.
170 | 
171 | ### Enable the API connector
172 | 
173 | In the **API connector** settings for your user flow, select the API connector to be invoked at the **Before creating the user** step. This will invoke the API when a user hits 'Create' in the sign-up flow. The API will do a server-side validation of the `CaptchaUserResponseToken` value, which was is set when a user completed the captcha challenge during sign-up.
174 | 
175 | ![API connector selected](ReadmeImages/enable-api-connector.png)
176 | 
177 | ## Contributing
178 | 
179 | This project welcomes contributions and suggestions. Most contributions require you to agree to a
180 | Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
181 | the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
182 | 
183 | When you submit a pull request, a CLA bot will automatically determine whether you need to provide
184 | a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
185 | provided by the bot. You will only need to do this once across all repos using our CLA.
186 | 
187 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
188 | For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
189 | contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
190 | 


--------------------------------------------------------------------------------
/Assets/global.css:
--------------------------------------------------------------------------------
  1 | @font-face {
  2 |   font-family: 'Ubuntu-Bold';
  3 |   src: url(../fonts/Ubuntu-Bold.ttf) format('truetype');
  4 | }
  5 | 
  6 | @font-face {
  7 |   font-family: 'Ubuntu-Regular';
  8 |   src: url(../fonts/Ubuntu-Regular.ttf) format('truetype');
  9 | }
 10 | 
 11 | html {
 12 |   background: none;
 13 | }
 14 | 
 15 | body {
 16 |   background-attachment: fixed;
 17 |   background-image: url("../images/background.jpg");
 18 |   background-position: center;
 19 |   background-repeat: no-repeat;
 20 |   background-size: cover;
 21 |   text-align: left;
 22 | }
 23 | 
 24 | @media(max-width:480px) {
 25 |   body {
 26 |     background-image: none;
 27 |     background-color: #f2f2f2;
 28 |   }
 29 | 
 30 |   .divider h2 {    
 31 |     margin: 10px 0 !important;
 32 |   }
 33 | 
 34 |   .login-logo {
 35 |     height: 80px !important;
 36 |     margin-top: -65px !important;
 37 |   }
 38 | }
 39 | 
 40 | ::-moz-placeholder {
 41 |   color: transparent;
 42 | }
 43 | 
 44 | ::-moz-placeholder {
 45 |   color: transparent;
 46 | }
 47 | 
 48 | :-ms-input-placeholder {
 49 |   color: transparent;
 50 | }
 51 | 
 52 | ::-webkit-input-placeholder {
 53 |   color: transparent;
 54 | }
 55 | 
 56 | label,
 57 | .password-label {
 58 |   margin-top: 10px;
 59 | }
 60 | 
 61 | #AdfsExchange {
 62 |   background-color: #28B1E6;
 63 |   background-image: url("../images/activedirectory.png");
 64 |   background-repeat: no-repeat;
 65 |   background-size: 50px;
 66 |   margin: 10px 0;
 67 |   padding-left: 55px;
 68 | }
 69 | 
 70 | #AdfsExchange:hover {
 71 |   background-color: #189DCF;
 72 | }
 73 | 
 74 | #api ul {
 75 |   list-style-type: none;
 76 |   padding-left: 0;
 77 | }
 78 | 
 79 | #api[data-name='IdpSelections'] ul {
 80 |   text-align: center;
 81 | }
 82 | 
 83 | #api[data-name='Phonefactor'] .buttons button#cancel {
 84 |   width: 32%;
 85 | }
 86 | 
 87 | #api[data-name='SelfAsserted'] > div:first-child {
 88 |   display: none;
 89 | }
 90 | 
 91 | #createAccount{
 92 |   cursor: pointer;
 93 |   padding-left:2px;
 94 |   transition: 0.5s all;
 95 |   -moz-transition: 0.5s all;
 96 |   -ms-transition: 0.5s all;
 97 |   -o-transition: 0.5s all;
 98 |   -webkit-transition: 0.5s all;
 99 | }
100 | 
101 | #email_ver_input {
102 |   margin-bottom: 10px 0;
103 | }
104 | 
105 | #FacebookExchange {
106 |   background-color: #3B5595;
107 |   background-image: url("../images/facebook.png");
108 |   background-repeat: no-repeat;
109 |   background-size: 50px;
110 |   padding-left: 55px;
111 | }
112 | 
113 | #FacebookExchange:hover {
114 |     background-color: #354C86
115 | }
116 | 
117 | #forgotPassword {
118 |   clear: right;
119 |   cursor: pointer;
120 |   float: right;
121 |   margin-top: 10px;
122 |   transition: 0.5s all;
123 |   -moz-transition: 0.5s all;
124 |   -ms-transition: 0.5s all;
125 |   -o-transition: 0.5s all;
126 |   -webkit-transition: 0.5s all;
127 | }
128 | 
129 | #GoogleExchange {
130 |   background-color: #C64A29;
131 |   background-image: url("../images/googleplus.png");
132 |   background-repeat: no-repeat;
133 |   background-size: 50px;
134 |   margin: 10px 0;
135 |   padding-left: 55px;
136 | }
137 | 
138 | #GoogleExchange:hover {
139 |   background-color: #C14325;
140 | }
141 | 
142 | #IdentifyServerExchange {
143 |   background-color: #28B1E6;
144 |   background-image: url("../images/wingtipcorp.png");
145 |   background-repeat: no-repeat;
146 |   background-size: 50px;
147 |   margin-top: 10px;
148 |   padding-left: 55px;
149 | }
150 | 
151 | #IdentifyServerExchange:hover {
152 |   background-color: #189DCF;
153 | }
154 | 
155 | #logonIdentifier,
156 | #password,
157 | #signInName {
158 |   background-color: #fff !important;
159 |   background-image: none !important;
160 |   border: 1px solid #ccc;
161 |   border-radius: 2px !important;
162 |   box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
163 |   color: #555;
164 |   display: block;
165 |   font-size: 14px;
166 |   height: 40px;
167 |   line-height: 1.42857143;
168 |   margin: 10px 0;
169 |   padding: 6px 12px;
170 |   transition: border-color ease-in-out .15s,box-shadow ease-in-out .15s !important;
171 |   width: 100% !important;
172 |   -o-transition: border-color ease-in-out .15s,box-shadow ease-in-out .15s !important;
173 |   -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
174 |   -webkit-transition: border-color ease-in-out .15s,-webkit-box-shadow ease-in-out .15s !important;
175 | }
176 | 
177 | #logo img {
178 |   float: left;
179 |   height: 50px;
180 |   width: 50px;
181 | }
182 | 
183 | #MicrosoftAccountExchange {
184 |   background-color: #28B1E6;
185 |   background-image: url("../images/microsoft.png");
186 |   background-repeat: no-repeat;
187 |   background-size: 50px;
188 |   padding-left: 55px;
189 | }
190 | 
191 | #MicrosoftAccountExchange:hover {
192 |   background-color: #189DCF;
193 | }
194 | 
195 | #SignUpWithLogonEmailExchange {
196 |   background-color: #ff5c62;
197 |   background-image: url("../images/wingtiptoys.png");
198 |   background-repeat: no-repeat;
199 |   background-size: 50px;
200 |   color: #fff;
201 |   margin-top: 10px;
202 |   padding-left: 55px;
203 | }
204 | 
205 | #SignUpWithLogonEmailExchange:hover{
206 |   background-image: url("../images/wingtiptoys.png") !important;
207 | }
208 | 
209 | .accountButton {
210 |   border: none;
211 |   border-radius: 2px;
212 |   color: whitesmoke;
213 |   font-size: larger;
214 |   height: 45px;
215 |   width: 284px;
216 | }
217 | 
218 | .accountButton:hover {
219 |   border: none
220 | }
221 | 
222 | .attrEntry,
223 | .phoneEntry {
224 |   margin-bottom: 15px;
225 |   padding-top: 0;
226 | }
227 | 
228 | .attrEntry input,
229 | .attrEntry select,
230 | .phoneEntry input,
231 | .phoneEntry select,
232 | #codeVerification input {
233 |   background-color: #fff !important;
234 |   background-image: none !important;
235 |   border: 1px solid #ccc !important;
236 |   border-radius: 2px !important;
237 |   box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
238 |   color: #555;
239 |   display: block;
240 |   font-size: 14px;
241 |   height: 40px;
242 |   line-height: 1.42857143;
243 |   padding: 6px 12px;
244 |   transition: border-color ease-in-out .15s,box-shadow ease-in-out .15s !important;
245 |   width: 100% !important;
246 |   -o-transition: border-color ease-in-out .15s,box-shadow ease-in-out .15s !important;
247 |   -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
248 |   -webkit-transition: border-color ease-in-out .15s,-webkit-box-shadow ease-in-out .15s !important;
249 | }
250 | 
251 | .attrEntry input:invalid,
252 | .phoneEntry input:invalid,
253 | #codeVerification input:invalid {
254 |   border-color: inherit;
255 | }
256 | 
257 | .attrEntry.validate input:invalid,
258 | .phoneEntry.validate input:invalid,
259 | #codeVerification.validate input:invalid {
260 |   border-color: #a94442 !important;
261 |   box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
262 |   -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
263 | }
264 | 
265 | .attrEntry #email_intro {
266 |   display: none !important;
267 | }
268 | 
269 | .attrEntry .error.itemLevel,
270 | .attrEntry .helpText,
271 | .phoneEntry .error.itemLevel,
272 | .phoneEntry .helpText,
273 | #codeVerification .error.itemLevel,
274 | #codeVerification .helpText {
275 |   display: none;
276 | }
277 | 
278 | .attrEntry .tiny,
279 | .phoneEntry .tiny,
280 | #codeVerification .tiny {
281 |   display: none;
282 | }
283 | 
284 | .buttons button {
285 |   background-image: none;
286 |   border: 1px solid transparent;
287 |   border-radius: 4px;
288 |   cursor: pointer;
289 |   display: inline-block;
290 |   font-size: 14px;
291 |   font-weight: 400;
292 |   height: inherit;
293 |   line-height: 1.42857143;
294 |   margin: 0;
295 |   padding: 6px 12px;
296 |   text-align: center;
297 |   touch-action: manipulation;
298 |   user-select: none;
299 |   vertical-align: middle;
300 |   white-space: nowrap;
301 |   width: inherit;
302 |   -moz-user-select: none;
303 |   -ms-touch-action: manipulation;
304 |   -ms-user-select: none;
305 |   -webkit-user-select: none;
306 | }
307 | 
308 | .buttons{
309 |   margin: 20px 0;
310 | }
311 | .buttons button#cancel,
312 | .buttons button#email_ver_but_edit,
313 | .buttons button#email_ver_but_resend {
314 |   background-color: #fff;
315 |   border-color: #ccc;
316 |   color: #333;
317 | }
318 | 
319 | .buttons button#cancel {
320 |   font-size: 18px;
321 |   height: 60px;
322 |   width: 49.9%;
323 | }
324 | 
325 | @media(max-width:767px) {
326 |  .buttons button#cancel{
327 |     height: 50px;
328 |     width: 48.9%;
329 |  }
330 | }
331 | 
332 | .buttons button:hover#cancel,
333 | .buttons button:hover#email_ver_but_edit,
334 | .buttons button:hover#email_ver_but_resend {
335 |   background-color: #e6e6e6;
336 |   background-image: none;
337 |   border-color: #adadad;
338 |   color: #333;
339 | }
340 | 
341 | .buttons button#continue {      
342 |   background-color: #5cb85c;
343 |   border-bottom: 5px solid #449d44;
344 |   border-color: #4cae4c;
345 |   color: #fff;
346 |   font-size: 18px;
347 |   height: 60px;
348 |   width: 49%;  
349 | }
350 | 
351 | @media(max-width:767px){
352 |   .buttons button#continue {
353 |     height: 50px;
354 |   }
355 | }
356 | 
357 | .buttons button:hover#continue {
358 |   background-color: #449d44;
359 |   background-image: none;
360 |   border-color: #398439;
361 |   color: #fff;
362 | }
363 | 
364 | .buttons button[disabled]#continue,
365 | .buttons button[disabled]:hover#continue {
366 |   background-color: #5cb85c;
367 |   background-image: none;
368 |   border-color: #4cae4c;
369 |   color: #fff;
370 | }
371 | 
372 | .buttons button#email_ver_but_resend,
373 | .buttons button#email_ver_but_verify {
374 |   margin-top: 5px;
375 | }
376 | 
377 | .buttons button#email_ver_but_send,
378 | .buttons button#email_ver_but_verify {
379 |   background-color: #337ab7;
380 |   border-color: #2e6da4;
381 |   color: #fff;
382 | }
383 | 
384 | .buttons button:hover#email_ver_but_send,
385 | .buttons button:hover#email_ver_but_verify {
386 |   background-color: #286090;
387 |   background-image: none;
388 |   border-color: #204d74;
389 |   color: #fff;
390 | }
391 | 
392 | .buttons button#verifyCode,
393 | .buttons button#verifyPhone {      
394 |   background-color: #5cb85c;
395 |   border-bottom: 5px solid #449d44;
396 |   border-color: #4cae4c;
397 |   color: #fff;
398 |   font-size: 18px;
399 |   height: 60px;
400 |   margin-right: 9px;
401 |   width: 32%;  
402 | }
403 | 
404 | @media(max-width:767px){
405 |   .buttons button#verifyCode,
406 |   .buttons button#verifyPhone {
407 |     height: 50px;
408 |   }
409 | }
410 | 
411 | .create p {
412 |   text-align: center;
413 | }
414 | 
415 | .divider {
416 |   margin: 0 auto;
417 |   position: relative;
418 |   text-align: center;
419 |   text-shadow: 0 1px 0 #fff;
420 | }
421 | 
422 | .divider h2 {
423 |   color: #ccc;
424 |   line-height: 20px;
425 |   margin: 20px 0;
426 |   text-align: center;
427 |   text-transform: lowercase;
428 | }
429 | 
430 | .divider h2:after,
431 | .divider h2:before {
432 |   content: "";
433 |   height: 1px;
434 |   position: absolute;
435 |   top: 10px;
436 |   width: 40%;
437 | }
438 | 
439 | .divider h2:after {
440 |   background: rgb(126,126,126);
441 |   background: linear-gradient(left, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
442 |   background: -moz-linear-gradient(left, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
443 |   background: -ms-linear-gradient(left, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
444 |   background: -o-linear-gradient(left, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
445 |   background: -webkit-linear-gradient(left, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
446 |   right: 0;
447 | }
448 | 
449 | .divider h2:before {
450 |   background: rgb(126,126,126);
451 |   background: linear-gradient(right, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
452 |   background: -moz-linear-gradient(right, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
453 |   background: -ms-linear-gradient(right, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
454 |   background: -o-linear-gradient(right, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
455 |   background: -webkit-linear-gradient(right, rgba(126,126,126,1) 0%, rgba(255,255,255,1) 100%);
456 |   left: 0;
457 | }
458 | 
459 | .entry .buttons button {
460 |   background-color: #337ab7;
461 |   border-bottom: 5px solid #204d74;
462 |   border-radius: 2px;
463 |   font-size: 18px;
464 |   line-height: 1.3333333;
465 |   padding: 10px 16px;
466 |   color: #fff;
467 |   height: 60px;
468 |   width: 100%;
469 | }
470 | 
471 | .entry .buttons button:hover {
472 |   background-color: #286090;
473 |   border-color: #204d74;
474 |   color: #fff;
475 | }
476 | 
477 | .error.itemLevel p {
478 |   color: #a94442;
479 | }
480 | 
481 | .error.itemLevel p:before {
482 |   content: "\e101";
483 |   display: inline-block;
484 |   font-family: 'Glyphicons Halflings';
485 |   font-style: normal;
486 |   font-weight: 400;
487 |   line-height: 1;
488 |   margin-right: 3px;
489 |   position: relative;
490 |   top: 1px;
491 |   -webkit-font-smoothing: antialiased;
492 | }
493 | 
494 | .highlightError {
495 |   border-color: #a94442 !important;
496 |   box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
497 |   outline: 0;
498 |   -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075) !important;
499 | }
500 | 
501 | .image-center {
502 |   display: block;
503 |   margin-left: auto;
504 |   margin-right: auto;
505 |   text-align: center;
506 |   vertical-align: middle;
507 | }
508 | 
509 | .intro {
510 |   display: none;
511 | }
512 | 
513 | .localAccount .divider {
514 |   display: none;
515 | }
516 | 
517 | .login-logo {
518 |   height: 140px;
519 |   margin-top: -90px;
520 | }
521 | 
522 | .options {
523 |   display: block;
524 |   margin-left: auto;
525 |   margin-right: auto;
526 |   padding-bottom: 10px;
527 |   text-align: center;
528 |   vertical-align: middle;
529 | }
530 | 
531 | .panel-body{
532 |   padding: 15px 30px !important;
533 | }
534 | 
535 | .panel-default {
536 |   border: 1px solid #ccc !important;    
537 | }
538 | 
539 | .phonefactor_container,
540 | .self_asserted_container,
541 | .unified_container {
542 |   padding-top: 80px;
543 | }
544 | 
545 | .phoneNumber .type {
546 |   display: inline-block;
547 |   font-weight: bold;
548 |   margin-bottom: 5px;
549 |   max-width: 100%;
550 | }
551 | 
552 | .phoneNumbers {
553 |   margin-top: 20px;
554 | }
555 | 
556 | .social {
557 |   margin-top: 30px;
558 | }
559 | 
560 | .verify {
561 |   margin-top: 5px;
562 |   padding-top: 0 !important;
563 | }
564 | 
565 | .working {
566 |   bottom: 0;
567 |   display: none;
568 |   height: 2em;
569 |   left: 0;
570 |   margin: auto;
571 |   overflow: show;
572 |   position: fixed;
573 |   right: 0;
574 |   top: 0;
575 |   width: 2em;
576 |   z-index: 999;
577 | }
578 | 
579 | .working:before {
580 |   background-color: rgba(0,0,0,0.3);
581 |   content: '';
582 |   display: block;
583 |   height: 100%;
584 |   left: 0;
585 |   position: fixed;
586 |   top: 0;
587 |   width: 100%;
588 | }
589 | 
590 | .working:not(:required) {
591 |   background-color: transparent;
592 |   border: 0;
593 |   color: transparent;
594 |   font: 0/0 a;
595 |   text-shadow: none;
596 | }
597 | 
598 | .working:not(:required):after {
599 |   animation: spinner 1500ms infinite linear;
600 |   border-radius: 0.5em;
601 |   box-shadow: rgba(0, 0, 0, 0.75) 1.5em 0 0 0, rgba(0, 0, 0, 0.75) 1.1em 1.1em 0 0, rgba(0, 0, 0, 0.75) 0 1.5em 0 0, rgba(0, 0, 0, 0.75) -1.1em 1.1em 0 0, rgba(0, 0, 0, 0.75) -1.5em 0 0 0, rgba(0, 0, 0, 0.75) -1.1em -1.1em 0 0, rgba(0, 0, 0, 0.75) 0 -1.5em 0 0, rgba(0, 0, 0, 0.75) 1.1em -1.1em 0 0;
602 |   content: '';
603 |   display: block;
604 |   height: 1em;
605 |   font-size: 10px;
606 |   margin-top: -0.5em;
607 |   width: 1em;
608 |   -moz-animation: spinner 1500ms infinite linear;
609 |   -ms-animation: spinner 1500ms infinite linear;
610 |   -o-animation: spinner 1500ms infinite linear;
611 |   -webkit-animation: spinner 1500ms infinite linear;
612 |   -webkit-box-shadow: rgba(0, 0, 0, 0.75) 1.5em 0 0 0, rgba(0, 0, 0, 0.75) 1.1em 1.1em 0 0, rgba(0, 0, 0, 0.75) 0 1.5em 0 0, rgba(0, 0, 0, 0.75) -1.1em 1.1em 0 0, rgba(0, 0, 0, 0.5) -1.5em 0 0 0, rgba(0, 0, 0, 0.5) -1.1em -1.1em 0 0, rgba(0, 0, 0, 0.75) 0 -1.5em 0 0, rgba(0, 0, 0, 0.75) 1.1em -1.1em 0 0;
613 | }
614 | 
615 | @keyframes spinner {
616 |   0% {
617 |     transform: rotate(0deg);
618 |     -moz-transform: rotate(0deg);
619 |     -ms-transform: rotate(0deg);
620 |     -o-transform: rotate(0deg);
621 |     -webkit-transform: rotate(0deg);
622 |   }
623 |   
624 |   100% {
625 |     transform: rotate(360deg);
626 |     -moz-transform: rotate(360deg);
627 |     -ms-transform: rotate(360deg);
628 |     -o-transform: rotate(360deg);
629 |     -webkit-transform: rotate(360deg);
630 |   }
631 | }
632 | 
633 | @-moz-keyframes spinner {
634 |   0% {
635 |     transform: rotate(0deg);
636 |     -moz-transform: rotate(0deg);
637 |     -ms-transform: rotate(0deg);
638 |     -o-transform: rotate(0deg);
639 |     -webkit-transform: rotate(0deg);
640 |   }
641 | 
642 |   100% {
643 |     transform: rotate(360deg);
644 |     -moz-transform: rotate(360deg);
645 |     -ms-transform: rotate(360deg);
646 |     -o-transform: rotate(360deg);
647 |     -webkit-transform: rotate(360deg);
648 |   }
649 | }
650 | 
651 | @-o-keyframes spinner {
652 |   0% {
653 |     transform: rotate(0deg);
654 |     -moz-transform: rotate(0deg);
655 |     -ms-transform: rotate(0deg);
656 |     -o-transform: rotate(0deg);
657 |     -webkit-transform: rotate(0deg);
658 |   }
659 | 
660 |   100% {
661 |     transform: rotate(360deg);
662 |     -moz-transform: rotate(360deg);
663 |     -ms-transform: rotate(360deg);
664 |     -o-transform: rotate(360deg);
665 |     -webkit-transform: rotate(360deg);
666 |   }
667 | }
668 | 
669 | @-webkit-keyframes spinner {
670 |   0% {
671 |     transform: rotate(0deg);
672 |     -moz-transform: rotate(0deg);
673 |     -ms-transform: rotate(0deg);
674 |     -o-transform: rotate(0deg);
675 |     -webkit-transform: rotate(0deg);
676 |   }
677 | 
678 |   100% {
679 |     transform: rotate(360deg);
680 |     -moz-transform: rotate(360deg);
681 |     -ms-transform: rotate(360deg);
682 |     -o-transform: rotate(360deg);
683 |     -webkit-transform: rotate(360deg);
684 |   }
685 | }
686 | 


--------------------------------------------------------------------------------