private static async Task <HttpClient> GetTodoListClient(IPrincipal user)
{
// [SCENARIO] OAuth 2.0 Authorization Code Grant, Confidential Client
// Get a token to authenticate against the Web API.
var authContext = new AuthenticationContext(StsConfiguration.Authority, StsConfiguration.CanValidateAuthority, TokenCacheFactory.GetTokenCacheForPrincipal(user));
var credential = new ClientCredential(SiteConfiguration.TodoListWebFormsClientId, SiteConfiguration.TodoListWebFormsClientSecret);
var userIdentifier = new UserIdentifier(user.GetUniqueIdentifier(), UserIdentifierType.UniqueId);
// We can acquire the token silently here because we have redeemed the OpenID Connect authorization code at signin
// for an access token and stored it in the token cache.
var result = await authContext.AcquireTokenSilentAsync(SiteConfiguration.TodoListWebApiResourceId, credential, userIdentifier);
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
return(client);
}
public static void DeleteTokenCacheForPrincipal(IPrincipal principal)
{
var userId = principal.GetUniqueIdentifier();
DeleteTokenCache(userId);
}
public static TokenCache GetTokenCacheForPrincipal(IPrincipal principal)
{
var userId = principal.GetUniqueIdentifier();
return(GetTokenCache(userId));
}
