public void ConfigureServices(IServiceCollection services)
{
var initialScopes = Configuration.GetValue <string>("DownstreamApi:Scopes")?.Split(' ');
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
.AddMicrosoftGraph(Configuration.GetSection("DownstreamApi"))
.AddDistributedTokenCaches();
services.AddDistributedMemoryCache();
services.Configure <OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
var previous = options.Events.OnRedirectToIdentityProvider;
options.Events.OnRedirectToIdentityProvider = async context =>
{
if (previous != null)
{
await previous(context);
}
FileHandlerActivationParameters fileHandlerActivation;
if (context.Request.IsFileHandlerActivationRequest(out fileHandlerActivation))
{
context.ProtocolMessage.LoginHint = fileHandlerActivation.UserId;
context.ProtocolMessage.DomainHint = "organizations";
CookieStorage.Save(context.Request.Form, context.Response);
}
var challengeProperties = context.Properties;
if (null != challengeProperties && challengeProperties.Items.ContainsKey("prompt"))
{
context.ProtocolMessage.Prompt = challengeProperties.Items["prompt"];
}
};
});
services.AddGlasswall(Configuration.GetSection("Glasswall"));
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
});
services.AddRazorPages()
.AddMicrosoftIdentityUI();
}
private void ConfigureAuthenticationServices(IServiceCollection services)
{
var initialScopes = Configuration.GetValue <string>("DownstreamApi:Scopes")?.Split(' ');
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
.AddMicrosoftGraph(Configuration.GetSection("DownstreamApi"))
.AddDistributedTokenCaches();
services.AddDistributedMemoryCache();
services.Configure <OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
var previous = options.Events.OnRedirectToIdentityProvider;
options.Events.OnRedirectToIdentityProvider = async context =>
{
var logger = context.HttpContext.RequestServices.GetService <ILogger <Startup> >();
logger.LogInformation("Executing OnRedirectToIdentityProvider");
if (previous != null)
{
await previous(context);
}
FileHandlerActivationParameters fileHandlerActivation;
if (context.Request.IsFileHandlerActivationRequest(out fileHandlerActivation))
{
logger.LogInformation("IsFileHandlerActivationRequest:true");
logger.LogInformation("FileHandlerActivationParameters: {@ActivationParameters}", fileHandlerActivation);
context.ProtocolMessage.LoginHint = fileHandlerActivation.UserId;
context.ProtocolMessage.DomainHint = "organizations";
CookieStorage.Save(context.Request.Form, context.Response);
}
var challengeProperties = context.Properties;
if (null != challengeProperties && challengeProperties.Items.ContainsKey("prompt"))
{
context.ProtocolMessage.Prompt = challengeProperties.Items["prompt"];
}
};
});
}
