private async Task <string> GetAccessToken()
{
IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
.Create(_options.Value.ClientId)
.WithClientSecret(_options.Value.ClientSecret)
.WithAuthority(_options.Value.Authority)
.Build();
string key = User.FindFirstValue("http://schemas.microsoft.com/identity/claims/objectidentifier");
TokenCacheHelper.Initialize(
key,
_cache,
app.UserTokenCache
);
//IEnumerable<string> scopes = _options.Value.Scopes.Split(";").Where(c => !string.IsNullOrEmpty(c));
IEnumerable <string> scopes = new string[] { "api://core/.default" };
try
{
var account = (await app.GetAccountsAsync()).FirstOrDefault();
var result = await app.AcquireTokenSilent(scopes, account)
.ExecuteAsync();
return($"200:{result.AccessToken}");
}
catch (MsalUiRequiredException)
{
return($"401:unauthorized");
}
catch (Exception ex)
{
return($"500:{ex.Message}");
}
}
private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
{
string authority = context.Options.Authority;
string clientId = context.Options.ClientId;
string clientSecret = context.Options.ClientSecret;
string redirectUri = context.TokenEndpointRequest.RedirectUri;
string key = context.Principal.FindFirstValue("http://schemas.microsoft.com/identity/claims/objectidentifier");
string code = context.TokenEndpointRequest.Code;
//IEnumerable<string> scopes = _azOptions.Scopes.Split(";").Where(c => !string.IsNullOrEmpty(c));
IEnumerable <string> scopes = new string[] { "api://core/.default" };
IDistributedCache cache = context.HttpContext.RequestServices.GetService <IDistributedCache>();
IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithClientSecret(clientSecret)
.WithAuthority(authority)
.WithRedirectUri(redirectUri)
.Build();
TokenCacheHelper.Initialize(key: key,
distributedCache: cache,
tokenCache: app.UserTokenCache);
var result = await app.AcquireTokenByAuthorizationCode(scopes, code)
.ExecuteAsync();
context.HandleCodeRedemption(result.AccessToken, result.IdToken);
}