/// <summary> /// [not recommended] In a Web App, adds, to the MSAL.NET cache, the account of the user authenticating to the Web App. /// An On-behalf-of token is added to the cache, so that it can then be used to acquire another token on-behalf-of the /// same user in order for the Web App to call a Web APIs. /// </summary> /// <param name="tokenValidationContext">Token validation context passed to the handler of the OnTokenValidated event /// for the OpenIdConnect middleware</param> /// <param name="scopes">[Optional] scopes to pre-request for a downstream API</param> /// <remarks>In a Web App, it's preferable to not request an access token, but only a code, and use the <see cref="AddAccountToCacheFromAuthorizationCode"/></remarks> /// <example> /// From the configuration of the Authentication of the ASP.NET Core Web API: /// <code>OpenIdConnectOptions options;</code> /// /// Subscribe to the token validated event: /// <code> /// options.Events.OnAuthorizationCodeReceived = OnTokenValidated; /// </code> /// /// And then in the OnTokenValidated method, call <see cref="AddAccountToCacheFromJwt(OpenIdConnect.TokenValidatedContext)"/>: /// <code> /// private async Task OnTokenValidated(TokenValidatedContext context) /// { /// var tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisition>(); /// _tokenAcquisition.AddAccountToCache(tokenValidationContext); /// } /// </code> /// </example> public void AddAccountToCacheFromJwt(AspNetCore.Authentication.OpenIdConnect.TokenValidatedContext tokenValidatedContext, IEnumerable <string> scopes = null) { if (tokenValidatedContext == null) { throw new ArgumentNullException(nameof(tokenValidatedContext)); } AddAccountToCacheFromJwt(scopes, tokenValidatedContext.SecurityToken, tokenValidatedContext.Principal, tokenValidatedContext.HttpContext); }
/// <summary> /// [not recommended] In a Web App, adds, to the MSAL.NET cache, the account of the user authenticating to the Web App. /// An On-behalf-of token is added to the cache, so that it can then be used to acquire another token on-behalf-of the /// same user in order for the Web App to call a Web APIs. /// </summary> /// <param name="tokenValidatedContext">Token validation context passed to the handler of the OnTokenValidated event /// for the OpenIdConnect middleware</param> /// <param name="scopes">[Optional] scopes to pre-request for a downstream API</param> /// <remarks>In a Web App, it's preferable to not request an access token, but only a code, and use the <see cref="AddAccountToCacheFromAuthorizationCodeAsync"/></remarks> /// <example> /// From the configuration of the Authentication of the ASP.NET Core Web API: /// <code>OpenIdConnectOptions options;</code> /// /// Subscribe to the token validated event: /// <code> /// options.Events.OnAuthorizationCodeReceived = OnTokenValidated; /// </code> /// /// And then in the OnTokenValidated method, call <see cref="AddAccountToCacheFromJwtAsync(OpenIdConnect.TokenValidatedContext, IEnumerable<string>)"/>: /// <code> /// private async Task OnTokenValidated(TokenValidatedContext context) /// { /// var tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisition>(); /// _tokenAcquisition.AddAccountToCacheFromJwt(tokenValidationContext); /// } /// </code> /// </example> public Task AddAccountToCacheFromJwtAsync( AspNetCore.Authentication.OpenIdConnect.TokenValidatedContext tokenValidatedContext, // JwtBearer.TokenValidatedContext also exists IEnumerable <string> scopes = null) { if (tokenValidatedContext == null) { throw new ArgumentNullException(nameof(tokenValidatedContext)); } return(AddAccountToCacheFromJwtAsync( scopes, tokenValidatedContext.SecurityToken, tokenValidatedContext.Principal)); }