/// <summary> /// Initializes a new instance of the <see cref="MsalAuthenticationService{TAccount, TProviderOptions}"/> class. /// </summary> /// <param name="clientApplication">The public client application to use to connect.</param> /// <param name="protectedStorage">The protect storage where refresh tokens will be stored.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> public MsalAuthenticationService( PublicClientApplication clientApplication, IProtectedStorage protectedStorage, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory) : base(new RemoteAuthenticationOptions <TProviderOptions>() { ProviderOptions = new TProviderOptions() { #pragma warning disable CA1062 // Validate arguments of public methods ClientCapabilities = clientApplication.AppConfig.ClientCapabilities, ClientId = clientApplication.AppConfig.ClientId, ClientName = clientApplication.AppConfig.ClientName, ClientVersion = clientApplication.AppConfig.ClientVersion, EnablePiiLogging = clientApplication.AppConfig.EnablePiiLogging, IsDefaultPlatformLoggingEnabled = clientApplication.AppConfig.IsDefaultPlatformLoggingEnabled, LogLevel = clientApplication.AppConfig.LogLevel, RedirectUri = clientApplication.AppConfig.RedirectUri, TenantId = clientApplication.AppConfig.TenantId, #pragma warning restore CA1062 // Validate arguments of public methods }, }, accountClaimsPrincipalFactory) { _clientApplication = clientApplication ?? throw new ArgumentNullException(nameof(clientApplication)); MsalDefaultOptionsConfiguration.Configure(Options as RemoteAuthenticationOptions <PublicClientApplicationOptions>); SetUpSerializationHandlers(protectedStorage); }
/// <inheritdoc /> protected async override Task <ClaimsPrincipal> GetAuthenticatedUser() { var tokenResult = await RequestAccessToken().ConfigureAwait(false); if (tokenResult.TryGetToken(out var accessToken)) { using var httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken.Value); TAccount account = null; if (_currentScopes.Contains("User.Read")) { var response = await httpClient.GetAsync(UserInfoEndpoint).ConfigureAwait(false); if (response.IsSuccessStatusCode) { using var stream = await response.Content.ReadAsStreamAsync().ConfigureAwait(false); account = await JsonSerializer.DeserializeAsync <TAccount>(stream).ConfigureAwait(false); } } else { account = new TAccount(); } AddIdTokenClaimsToAccount(account, _idToken); return(await AccountClaimsPrincipalFactory.CreateUserAsync(account, Options.UserOptions).ConfigureAwait(false)); } return(new ClaimsPrincipal(new ClaimsIdentity())); }
public RemoteAuthenticationService( IJSRuntime jsRuntime, IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, NavigationManager navigation, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory) : this(jsRuntime, options, navigation, accountClaimsPrincipalFactory, null) { }
/// <summary> /// Gets the current authenticated used using JavaScript interop. /// </summary> /// <returns>A <see cref="Task{ClaimsPrincipal}"/>that will return the current authenticated user when completes.</returns> protected internal virtual async ValueTask <ClaimsPrincipal> GetAuthenticatedUser() { await EnsureAuthService(); var account = await JsRuntime.InvokeAsync <TAccount>("AuthenticationService.getUser"); var user = await AccountClaimsPrincipalFactory.CreateUserAsync(account, Options.UserOptions); return(user); }
/// <summary> /// Initializes a new instance of the <see cref="MsalAuthenticationService{TAccount, TProviderOptions}"/> class. /// </summary> /// <param name="options">The options to be passed down to the underlying Authentication library handling the authentication operations.</param> /// <param name="protectedStorage">The protect storage where refresh tokens will be stored.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> public MsalAuthenticationService( IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, IProtectedStorage protectedStorage, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory) : base(options?.Value, accountClaimsPrincipalFactory) { _clientApplication = (PublicClientApplication)PublicClientApplicationBuilder.CreateWithApplicationOptions(Options.ProviderOptions).Build(); SetUpSerializationHandlers(protectedStorage); }
/// <summary> /// Initializes a new instance. /// </summary> /// <param name="jsRuntime">The <see cref="IJSRuntime"/> to use for performing JavaScript interop operations.</param> /// <param name="options">The options to be passed down to the underlying JavaScript library handling the authentication operations.</param> /// <param name="navigation">The <see cref="NavigationManager"/> used to generate URLs.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> public RemoteAuthenticationService( IJSRuntime jsRuntime, IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, NavigationManager navigation, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory) { JsRuntime = jsRuntime; Navigation = navigation; AccountClaimsPrincipalFactory = accountClaimsPrincipalFactory; Options = options.Value; }
/// <summary> /// Initializes a new instance. /// </summary> /// <param name="jsRuntime">The <see cref="IJSRuntime"/> to use for performing JavaScript interop operations.</param> /// <param name="options">The options to be passed down to the underlying JavaScript library handling the authentication operations.</param> /// <param name="navigation">The <see cref="NavigationManager"/> used to generate URLs.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> /// <param name="logger">The logger to use for login authentication operations.</param> public RemoteAuthenticationService( IJSRuntime jsRuntime, IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, NavigationManager navigation, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory, ILogger <RemoteAuthenticationService <TRemoteAuthenticationState, TAccount, TProviderOptions> > logger) { JsRuntime = jsRuntime; Navigation = navigation; AccountClaimsPrincipalFactory = accountClaimsPrincipalFactory; Options = options.Value; _loggingOptions = new JavaScriptLoggingOptions(logger?.IsEnabled(LogLevel.Debug) ?? false, logger?.IsEnabled(LogLevel.Trace) ?? false); }