// GET: /<controller>/
public async Task <IActionResult> Index()
{
List <TodoItem> itemList = new List <TodoItem>();
AuthenticationResult result;
try
{
// Because we signed-in already in the WebApp, the userObjectId is know
using (var domainResolver = new DomainResolver(HttpContext, _azureAdOptions, _azureAdB2COptions))
{
ViewBag.isB2cUser = domainResolver.isB2cUser;
result = await domainResolver.getAccessTokenAsync();
}
// Retrieve the user's To Do List.
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, _azureAdOptions.TodoListBaseAddress + "/api/todolist");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
HttpResponseMessage response = await client.SendAsync(request);
// Return the To Do List in the view.
if (response.IsSuccessStatusCode)
{
List <Dictionary <String, String> > responseElements = new List <Dictionary <String, String> >();
JsonSerializerSettings settings = new JsonSerializerSettings();
String responseString = await response.Content.ReadAsStringAsync();
responseElements = JsonConvert.DeserializeObject <List <Dictionary <String, String> > >(responseString, settings);
foreach (Dictionary <String, String> responseElement in responseElements)
{
TodoItem newItem = new TodoItem();
newItem.Title = responseElement["title"];
newItem.Owner = responseElement["owner"];
itemList.Add(newItem);
}
return(View(itemList));
}
//
// If the call failed with access denied, then drop the current access token from the cache,
// and show the user an error indicating they might need to sign-in again.
//
if (response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
{
return(Unauthorized());
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.InnerException);
if (HttpContext.Request.Query["reauth"] == "True")
{
//
// Send an OpenID Connect sign-in request to get a new set of tokens.
// If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
// The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
//
return(new ChallengeResult(OpenIdConnectDefaults.AuthenticationScheme));
}
//
// The user needs to re-authorize. Show them a message to that effect.
//
TodoItem newItem = new TodoItem();
newItem.Title = "(Sign-in required to view to do list.)";
itemList.Add(newItem);
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View(itemList));
}
//
// If the call failed for any other reason, show the user an error.
//
return(View("Error"));
}
public async Task <ActionResult> Index(string item)
{
if (ModelState.IsValid)
{
//
// Retrieve the user's tenantID and access token since they are parameters used to call the To Do service.
//
List <TodoItem> itemList = new List <TodoItem>();
try
{
AuthenticationResult result = null;
using (var domainResolver = new DomainResolver(HttpContext, _azureAdOptions, _azureAdB2COptions))
{
ViewBag.isB2cUser = domainResolver.isB2cUser;
result = await domainResolver.getAccessTokenAsync();
}
// Forms encode todo item, to POST to the todo list web api.
HttpContent content = new StringContent(JsonConvert.SerializeObject(new { Title = item }), System.Text.Encoding.UTF8, "application/json");
//
// Add the item to user's To Do List.
//
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, _azureAdOptions.TodoListBaseAddress + "/api/todolist");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
request.Content = content;
HttpResponseMessage response = await client.SendAsync(request);
//
// Return the To Do List in the view.
//
if (response.IsSuccessStatusCode)
{
return(RedirectToAction("Index"));
}
//
// If the call failed with access denied, then drop the current access token from the cache,
// and show the user an error indicating they might need to sign-in again.
//
if (response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
{
return(Unauthorized());
}
}
catch (Exception)
{
//
// The user needs to re-authorize. Show them a message to that effect.
//
TodoItem newItem = new TodoItem();
newItem.Title = "(No items in list)";
itemList.Add(newItem);
ViewBag.ErrorMessage = "AuthorizationRequired";
return(View(itemList));
}
//
// If the call failed for any other reason, show the user an error.
//
return(View("Error"));
}
return(View("Error"));
}