/// <inheritdoc/>
public async Task <HttpResponseMessage> CallWebApiForAppAsync(
string optionsInstanceName,
Action <DownstreamWebApiOptions>?downstreamApiOptionsOverride = null,
StringContent?requestContent = null)
{
DownstreamWebApiOptions effectiveOptions = MergeOptions(optionsInstanceName, downstreamApiOptionsOverride);
if (effectiveOptions.Scopes == null)
{
throw new ArgumentException(IDWebErrorMessage.ScopesNotConfiguredInConfigurationOrViaDelegate);
}
string accessToken = await _tokenAcquisition.GetAccessTokenForAppAsync(
effectiveOptions.Scopes,
effectiveOptions.Tenant)
.ConfigureAwait(false);
HttpResponseMessage response;
using (HttpRequestMessage httpRequestMessage = new HttpRequestMessage(
effectiveOptions.HttpMethod,
effectiveOptions.GetApiUrl()))
{
httpRequestMessage.Headers.Add(
Constants.Authorization,
string.Format(
CultureInfo.InvariantCulture,
"{0} {1}",
Constants.Bearer,
accessToken));
response = await _httpClient.SendAsync(httpRequestMessage).ConfigureAwait(false);
}
return(response);
}
/// <inheritdoc/>
public async Task <HttpResponseMessage> CallWebApiForUserAsync(
string serviceName,
string?authenticationScheme = null,
Action <DownstreamWebApiOptions>?calledDownstreamWebApiOptionsOverride = null,
ClaimsPrincipal?user = null,
StringContent?content = null)
{
DownstreamWebApiOptions effectiveOptions = MergeOptions(serviceName, calledDownstreamWebApiOptionsOverride);
if (string.IsNullOrEmpty(effectiveOptions.Scopes))
{
throw new ArgumentException(IDWebErrorMessage.ScopesNotConfiguredInConfigurationOrViaDelegate);
}
MicrosoftIdentityOptions microsoftIdentityOptions = _microsoftIdentityOptionsMonitor
.Get(_tokenAcquisition.GetEffectiveAuthenticationScheme(authenticationScheme));
string apiUrl = effectiveOptions.GetApiUrl();
CreateProofOfPossessionConfiguration(effectiveOptions, apiUrl);
string?userflow;
if (microsoftIdentityOptions.IsB2C && string.IsNullOrEmpty(effectiveOptions.UserFlow))
{
userflow = microsoftIdentityOptions.DefaultUserFlow;
}
else
{
userflow = effectiveOptions.UserFlow;
}
AuthenticationResult authResult = await _tokenAcquisition.GetAuthenticationResultForUserAsync(
effectiveOptions.GetScopes(),
authenticationScheme,
effectiveOptions.Tenant,
userflow,
user,
effectiveOptions.TokenAcquisitionOptions)
.ConfigureAwait(false);
using (HttpRequestMessage httpRequestMessage = new HttpRequestMessage(
effectiveOptions.HttpMethod,
apiUrl))
{
if (content != null)
{
httpRequestMessage.Content = content;
}
httpRequestMessage.Headers.Add(
Constants.Authorization,
authResult.CreateAuthorizationHeader());
effectiveOptions.CustomizeHttpRequestMessage?.Invoke(httpRequestMessage);
return(await _httpClient.SendAsync(httpRequestMessage).ConfigureAwait(false));
}
}
/// <inheritdoc/>
public async Task <HttpResponseMessage> CallWebApiForUserAsync(
string serviceName,
Action <DownstreamWebApiOptions>?calledDownstreamWebApiOptionsOverride = null,
ClaimsPrincipal?user = null,
StringContent?content = null)
{
DownstreamWebApiOptions effectiveOptions = MergeOptions(serviceName, calledDownstreamWebApiOptionsOverride);
if (string.IsNullOrEmpty(effectiveOptions.Scopes))
{
throw new ArgumentException(IDWebErrorMessage.ScopesNotConfiguredInConfigurationOrViaDelegate);
}
string?userflow;
if (_microsoftIdentityOptions.IsB2C && string.IsNullOrEmpty(effectiveOptions.UserFlow))
{
userflow = _microsoftIdentityOptions.DefaultUserFlow;
}
else
{
userflow = effectiveOptions.UserFlow;
}
string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(
effectiveOptions.GetScopes(),
effectiveOptions.Tenant,
userflow,
user,
effectiveOptions.TokenAcquisitionOptions)
.ConfigureAwait(false);
HttpResponseMessage response;
using (HttpRequestMessage httpRequestMessage = new HttpRequestMessage(
effectiveOptions.HttpMethod,
effectiveOptions.GetApiUrl()))
{
if (content != null)
{
httpRequestMessage.Content = content;
}
httpRequestMessage.Headers.Add(
Constants.Authorization,
string.Format(
CultureInfo.InvariantCulture,
"{0} {1}",
Constants.Bearer,
accessToken));
response = await _httpClient.SendAsync(httpRequestMessage).ConfigureAwait(false);
}
return(response);
}
/// <summary>
/// Merge the options from configuration and override from caller.
/// </summary>
/// <param name="optionsInstanceName">Named configuration.</param>
/// <param name="calledApiOptionsOverride">Delegate to override the configuration.</param>
internal /* for tests */ DownstreamWebApiOptions MergeOptions(
string optionsInstanceName,
Action <DownstreamWebApiOptions>?calledApiOptionsOverride)
{
// Gets the options from configuration (or default value)
DownstreamWebApiOptions options;
if (optionsInstanceName != null)
{
options = _namedDownstreamWebApiOptions.Get(optionsInstanceName);
}
else
{
options = _namedDownstreamWebApiOptions.CurrentValue;
}
DownstreamWebApiOptions clonedOptions = options.Clone();
calledApiOptionsOverride?.Invoke(clonedOptions);
return(clonedOptions);
}
