/// <summary>
/// Builds the confidential client application.
/// </summary>
/// <param name="currentUser">The current user.</param>
/// <returns></returns>
public static IConfidentialClientApplication BuildConfidentialClientApplication(ClaimsPrincipal currentUser)
{
var principal = currentUser ?? ClaimsPrincipal.Current;
IConfidentialClientApplication clientApplication = ConfidentialClientApplicationBuilder
.Create(VeracityIntegrationOptions.ClientId)
.WithClientSecret(VeracityIntegrationOptions.ClientSecret)
.WithRedirectUri(VeracityIntegrationOptions.RedirectUri)
.WithAuthority(new Uri(VeracityIntegrationOptions.Authority))
.Build();
if (principal != null)
{
// After the ConfidentialClientApplication is created, we overwrite its default UserTokenCache with our implementation
MSALPerUserMemoryTokenCache userTokenCache = new MSALPerUserMemoryTokenCache(clientApplication.UserTokenCache, principal);
}
return(clientApplication);
}
/// <summary>
/// Clears the user token cache.
/// </summary>
/// <returns></returns>
public static async Task ClearUserTokenCache()
{
IConfidentialClientApplication clientApplication = ConfidentialClientApplicationBuilder
.Create(VeracityIntegrationOptions.ClientId)
.WithClientSecret(VeracityIntegrationOptions.ClientSecret)
.WithRedirectUri(VeracityIntegrationOptions.RedirectUri)
.WithAuthority(new Uri(VeracityIntegrationOptions.Authority))
.Build();
// We only clear the user's tokens.
MSALPerUserMemoryTokenCache userTokenCache = new MSALPerUserMemoryTokenCache(clientApplication.UserTokenCache);
var msalAccountId = ClaimsPrincipal.Current.GetMsalAccountId();
var userAccount = await clientApplication.GetAccountAsync(msalAccountId);
// remove all the tokens in the cache for the specified account
await clientApplication.RemoveAsync(userAccount);
// clear the client applications token cache copy of the users token cache
userTokenCache.Clear();
}
