public static async Task <string> GetTokenForApplication(bool useApplicationContext = false, bool useAzureADGraph = true)
{
var clientCredential = new ClientCredential(ConfigHelper.ClientId, ConfigHelper.AppKey);
string userObjectID = ClaimsPrincipal.Current.FindFirst(
"http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
AuthenticationContext authenticationContext = null;
if (!useApplicationContext)
{
authenticationContext = new AuthenticationContext($"https://login.microsoftonline.com/" + ConfigHelper.Tenant, new TokenDbCache(userObjectID));
}
else
{
authenticationContext = new AuthenticationContext($"https://login.microsoftonline.com/" + ConfigHelper.Tenant);
}
if (authenticationContext.TokenCache.Count == 0 && !useApplicationContext)
{
authenticationContext.TokenCache.Clear();
TokenDbCache tokenCache = new TokenDbCache(userObjectID);
tokenCache.Clear();
HttpContext.Current.GetOwinContext().Authentication.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
string signOutUrl = ConfigHelper.PostLogoutRedirectUri;
if (signOutUrl.Length == 0)
{
throw new Exception("Configuration missing key - ida:SignOutUrl");
}
signOutUrl = String.Format(signOutUrl, ConfigHelper.Tenant, ConfigHelper.PostLogoutRedirectUri);
HttpContext.Current.Response.Redirect(signOutUrl);
}
else
{
AuthenticationResult res = null;
try
{
if (!useApplicationContext)
{
res = authenticationContext.AcquireTokenSilentAsync((useAzureADGraph? ConfigHelper.AzureADGraphUrl:ConfigHelper.GraphUrl),
clientCredential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId)).Result;
}
else
{
res = authenticationContext.AcquireTokenAsync((useAzureADGraph ? ConfigHelper.AzureADGraphUrl : ConfigHelper.GraphUrl), clientCredential).Result;
}
}
catch (Exception ex)
{
}
var token = res.AccessToken;
return(token);
}
return(null);
}
// Here we just clear the token cache, sign out the GraphServiceClient, and end the session with the web app.
public void SignOut()
{
if (Request.IsAuthenticated)
{
// Get the user's token cache and clear it.
string userObjectId = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value;
TokenDbCache tokenCache = new TokenDbCache(userObjectId);
tokenCache.Clear();
HttpContext.GetOwinContext().Authentication.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
}
//// Send an OpenID Connect sign-out request.
//HttpContext.GetOwinContext().Authentication.SignOut(
// CookieAuthenticationDefaults.AuthenticationType);
//Response.Redirect("/");
}
public ActionResult LogOff()
{
// Clear off the token cache
string userObjectID = string.Empty;
var claimsIdentity = (ClaimsIdentity)ClaimsPrincipal.Current?.Identity;
if (claimsIdentity != null && claimsIdentity.IsAuthenticated)
{
userObjectID = claimsIdentity.Claims.FirstOrDefault(x => x.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier").Value;
}
var tokencache = new TokenDbCache(userObjectID);
tokencache.Clear();
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return(RedirectToAction("Index", "Home"));
}
public static GraphServiceClient CreateGraphServiceClient(bool useApplicationContext = false)
{
var clientCredential = new ClientCredential(ConfigHelper.ClientId, ConfigHelper.AppKey);
string userObjectID = ClaimsPrincipal.Current.FindFirst(
"http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
AuthenticationContext authenticationContext = null;
if (!useApplicationContext)
{
authenticationContext = new AuthenticationContext($"https://login.microsoftonline.com/" + ConfigHelper.Tenant, new TokenDbCache(userObjectID));
}
else
{
authenticationContext = new AuthenticationContext($"https://login.microsoftonline.com/" + ConfigHelper.Tenant);
}
if (authenticationContext.TokenCache.Count == 0 && !useApplicationContext)
{
authenticationContext.TokenCache.Clear();
TokenDbCache tokenCache = new TokenDbCache(userObjectID);
tokenCache.Clear();
HttpContext.Current.GetOwinContext().Authentication.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
string signOutUrl = ConfigHelper.PostLogoutRedirectUri;
if (signOutUrl.Length == 0)
{
throw new Exception("Configuration missing key - ida:SignOutUrl");
}
signOutUrl = String.Format(signOutUrl, ConfigHelper.Tenant, ConfigHelper.PostLogoutRedirectUri);
HttpContext.Current.Response.Redirect(signOutUrl);
}
else
{
AuthenticationResult res = null;
try
{
if (!useApplicationContext)
{
res = authenticationContext.AcquireTokenSilentAsync(ConfigHelper.GraphUrl, clientCredential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId)).Result;
}
else
{
res = authenticationContext.AcquireTokenAsync(ConfigHelper.GraphUrl, clientCredential).Result;
}
}
catch (Exception ex)
{
//res = authenticationContext.AcquireTokenAsync(ConfigHelper.GraphUrl, clientCredential).Result;
}
var delegateAuthProvider = new DelegateAuthenticationProvider((requestMessage) =>
{
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", res.AccessToken);
return(Task.FromResult(0));
});
return(new GraphServiceClient(delegateAuthProvider));
}
return(null);
}
