public static async Task <string> GetUserToken(string userId)
{
var confidentialClient = new ConfidentialClientApplication(notifAppId,
authority, redirectUri, notifClientCreds, BlobTokenCache.GetMsalCacheInstance(), null);
//Logger.LogCallback = AuthLog;
//Logger.Level = Microsoft.Identity.Client.LogLevel.Verbose;
//Logger.PiiLoggingEnabled = true;
var account = await confidentialClient.GetAccountAsync($"{userId}.{tid}");
if (account == null)
{
return(string.Empty);
}
try
{
var result = await confidentialClient.AcquireTokenSilentAsync(notifScopes, account);
return(result.AccessToken);
}
catch (MsalException)
{
return(string.Empty);
}
}
public static async Task GetTokenOnBehalfOfAsync(string authHeader, ILogger log)
{
logger = log;
if (string.IsNullOrEmpty(authHeader))
{
throw new MsalException("missing_auth", "Authorization header is not present on request.");
}
// Parse the auth header
var parsedHeader = AuthenticationHeaderValue.Parse(authHeader);
if (parsedHeader.Scheme.ToLower() != "bearer")
{
throw new MsalException("invalid_scheme", "Authorization header is missing the 'bearer' scheme.");
}
var confidentialClient = new ConfidentialClientApplication(notifAppId,
authority, redirectUri, notifClientCreds, BlobTokenCache.GetMsalCacheInstance(), null);
//Logger.LogCallback = AuthLog;
//Logger.Level = Microsoft.Identity.Client.LogLevel.Verbose;
//Logger.PiiLoggingEnabled = true;
var userAssertion = new UserAssertion(parsedHeader.Parameter);
try
{
var result = await confidentialClient.AcquireTokenOnBehalfOfAsync(notifScopes, userAssertion);
}
catch (Exception ex)
{
logger.LogError($"Error getting OBO token: {ex.Message}");
throw ex;
}
}
