// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // Configure App Roles options. var appRolesOptions = new AppRolesOptions(); Configuration.GetSection("AppRoles").Bind(appRolesOptions); services.AddSingleton <AppRolesOptions>(appRolesOptions); // Inject a service to work with App Roles in the Azure AD B2C directory itself which is accessed through the Graph API. services.Configure <AzureADAppRolesProviderOptions>(Configuration.GetSection("AzureAdB2C")); services.AddSingleton <IAppRolesProvider, AzureADAppRolesProvider>(); // Configure support for the SameSite cookies breaking change. services.ConfigureSameSiteCookiePolicy(); // Don't map any standard OpenID Connect claims to Microsoft-specific claims. // See https://leastprivilege.com/2017/11/15/missing-claims-in-the-asp-net-core-2-openid-connect-handler/. JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); // Add Azure AD B2C authentication using OpenID Connect. services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme) .AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options)); services.Configure <OpenIdConnectOptions>(AzureADB2CDefaults.OpenIdScheme, options => { // Don't remove any incoming claims. options.ClaimActions.Clear(); // Define the role claim type to match the configured user attribute name in Azure AD B2C. options.TokenValidationParameters.RoleClaimType = appRolesOptions.UserAttributeName; }); // Add a claims transformation to split the space-separated app roles into multiple individual claims, // so that we can more easily check if a user has a role with User.IsInRole(roleName) and other built-in // roles functionality within ASP.NET. services.AddSingleton <IClaimsTransformation>(new StringSplitClaimsTransformation(appRolesOptions.UserAttributeName)); services.AddRazorPages().AddRazorRuntimeCompilation(); services.AddControllers(); services.AddRouting(options => { options.LowercaseUrls = true; }); }
public AppRolesController(ILogger <AppRolesController> logger, IAppRolesProvider appRolesProvider, AppRolesOptions options) { this.logger = logger; this.appRolesProvider = appRolesProvider; this.options = options; }