// Redeem the auth code for a token to the Graph API and cache it for later.
private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
{
// Redeem auth code for access token and cache it for later use
context.HttpContext.User = context.Ticket.Principal;
IAzureAdTokenService tokenService = (IAzureAdTokenService)context.HttpContext.RequestServices.GetService(typeof(IAzureAdTokenService));
await tokenService.RedeemAuthCodeForAadGraph(context.ProtocolMessage.Code, context.Properties.Items[OpenIdConnectDefaults.RedirectUriForCodePropertiesKey]);
// Notify the OIDC middleware that we already took care of code redemption.
context.HandleCodeRedemption();
}
public async Task EndSession()
{
if (User.Identity.IsAuthenticated)
{
IAzureAdTokenService tokenCache = (IAzureAdTokenService)HttpContext.RequestServices.GetService(typeof(IAzureAdTokenService));
tokenCache.Clear();
}
// If AAD sends a single sign-out message to the app, end the user's session, but don't redirect to AAD for sign out.
await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
// Clear the cache of tokens for the user, and send a sign out request to AAD
public async Task SignOut()
{
if (User.Identity.IsAuthenticated)
{
IAzureAdTokenService tokenCache = (IAzureAdTokenService)HttpContext.RequestServices.GetService(typeof(IAzureAdTokenService));
tokenCache.Clear();
await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.Authentication.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
}
}
public HomeController(IOptions <AppSettings> appSettings, IAzureAdTokenService tokenCache, ILoggerFactory logger)
{
_appSettings = appSettings.Value;
_tokenCache = tokenCache;
_logger = logger.CreateLogger("HomeController");
}
public UserProfileController(IOptions <AzureADConfig> config, IAzureAdTokenService tokenCache)
{
_aadConfig = config.Value;
_tokenCache = tokenCache;
}
