public async Task <ActionResult> Search(string query)
{
// Instead of making Graph API CORS requests from javascript directly,
// here we proxy the calls from the server. This saves us from having to share
// access tokens with the client code.
if (HttpContext.Request.IsAjaxRequest())
{
try
{
// Get a token from the ADAL cache
string token = await GraphHelper.AcquireTokenAsUser();
// Send the Graph API query
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, query);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
HttpResponseMessage response = await client.SendAsync(request);
// Return the JSON from the Graph API directly to the client
if (response.IsSuccessStatusCode)
{
string responseString = await response.Content.ReadAsStringAsync();
return(Content(responseString, "application/json"));
}
else
{
return(new HttpStatusCodeResult(response.StatusCode));
}
}
catch (AdalException ex)
{
return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized));
}
}
return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized));
}