/// <summary>
/// [not recommended] In a Web App, adds, to the MSAL.NET cache, the account of the user authenticating to the Web App.
/// An On-behalf-of token is added to the cache, so that it can then be used to acquire another token on-behalf-of the
/// same user in order for the Web App to call a Web APIs.
/// </summary>
/// <param name="tokenValidationContext">Token validation context passed to the handler of the OnTokenValidated event
/// for the OpenIdConnect middleware</param>
/// <param name="scopes">[Optional] scopes to pre-request for a downstream API</param>
/// <remarks>In a Web App, it's preferable to not request an access token, but only a code, and use the <see cref="AddAccountToCacheFromAuthorizationCode"/></remarks>
/// <example>
/// From the configuration of the Authentication of the ASP.NET Core Web API:
/// <code>OpenIdConnectOptions options;</code>
///
/// Subscribe to the token validated event:
/// <code>
/// options.Events.OnAuthorizationCodeReceived = OnTokenValidated;
/// </code>
///
/// And then in the OnTokenValidated method, call <see cref="AddAccountToCacheFromJwt(OpenIdConnect.TokenValidatedContext)"/>:
/// <code>
/// private async Task OnTokenValidated(TokenValidatedContext context)
/// {
/// var tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisition>();
/// _tokenAcquisition.AddAccountToCache(tokenValidationContext);
/// }
/// </code>
/// </example>
public void AddAccountToCacheFromJwt(AspNetCore.Authentication.OpenIdConnect.TokenValidatedContext tokenValidatedContext, IEnumerable <string> scopes = null)
{
if (tokenValidatedContext == null)
{
throw new ArgumentNullException(nameof(tokenValidatedContext));
}
AddAccountToCacheFromJwt(scopes,
tokenValidatedContext.SecurityToken,
tokenValidatedContext.Principal,
tokenValidatedContext.HttpContext);
}
/// <summary>
/// [not recommended] In a Web App, adds, to the MSAL.NET cache, the account of the user authenticating to the Web App.
/// An On-behalf-of token is added to the cache, so that it can then be used to acquire another token on-behalf-of the
/// same user in order for the Web App to call a Web APIs.
/// </summary>
/// <param name="tokenValidatedContext">Token validation context passed to the handler of the OnTokenValidated event
/// for the OpenIdConnect middleware</param>
/// <param name="scopes">[Optional] scopes to pre-request for a downstream API</param>
/// <remarks>In a Web App, it's preferable to not request an access token, but only a code, and use the <see cref="AddAccountToCacheFromAuthorizationCodeAsync"/></remarks>
/// <example>
/// From the configuration of the Authentication of the ASP.NET Core Web API:
/// <code>OpenIdConnectOptions options;</code>
///
/// Subscribe to the token validated event:
/// <code>
/// options.Events.OnAuthorizationCodeReceived = OnTokenValidated;
/// </code>
///
/// And then in the OnTokenValidated method, call <see cref="AddAccountToCacheFromJwtAsync(OpenIdConnect.TokenValidatedContext, IEnumerable<string>)"/>:
/// <code>
/// private async Task OnTokenValidated(TokenValidatedContext context)
/// {
/// var tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisition>();
/// _tokenAcquisition.AddAccountToCacheFromJwt(tokenValidationContext);
/// }
/// </code>
/// </example>
public Task AddAccountToCacheFromJwtAsync(
AspNetCore.Authentication.OpenIdConnect.TokenValidatedContext tokenValidatedContext, // JwtBearer.TokenValidatedContext also exists
IEnumerable <string> scopes = null)
{
if (tokenValidatedContext == null)
{
throw new ArgumentNullException(nameof(tokenValidatedContext));
}
return(AddAccountToCacheFromJwtAsync(
scopes,
tokenValidatedContext.SecurityToken,
tokenValidatedContext.Principal));
}
