Пример #1
0
        public void PrepareConfidentialClientInstanceAsync()
        {
            if (this._application == null)
            {
                var appBuilder = new ApplicationBuilders(this.CacheType);
                //ConfidentialClientApplicationOptions confidentialClientOptions = new ConfidentialClientApplicationOptions()
                //{
                //    ClientId = authConfig.ClientId,
                //    ClientSecret = authConfig.ClientSecret,
                //    EnablePiiLogging = true,
                //    Instance = authConfig.AADInstance,
                //    RedirectUri = authConfig.RedirectUri,
                //    TenantId = authConfig.RedirectUri
                //};

                // this._application = ConfidentialClientApplicationBuilder.CreateWithApplicationOptions(confidentialClientOptions).Build();
                this._application = appBuilder.BuildConfidentialClientApplication(this.AuthenticationConfig);
            }
        }
Пример #2
0
        public static void EnableTokenAcquisitionToCallDownstreamApi(this IAppBuilder app, AuthenticationConfig authenticationConfig, IEnumerable <string> initialScopes = null, CacheType cacheType = CacheType.InMemoryCache)
        {
            ApplicationBuilders applicationBuilders = new ApplicationBuilders(cacheType);

            app.UseOpenIdConnectAuthentication(
                new OpenIdConnectAuthenticationOptions
            {
                ClientId                  = authenticationConfig.ClientId,
                Authority                 = authenticationConfig.Authority,
                PostLogoutRedirectUri     = authenticationConfig.PostLogoutRedirectUri,
                RedirectUri               = authenticationConfig.RedirectUri,
                TokenValidationParameters = new TokenValidationParameters {
                    ValidateIssuer = false, NameClaimType = IdentityConstants.PreferredUserName
                },
                ResponseType  = "code",
                Scope         = $"{IdentityConstants.DefaultScopes} {string.Join(" ", initialScopes)}",
                Notifications = new OpenIdConnectAuthenticationNotifications()
                {
                    AuthorizationCodeReceived = async context =>
                    {
                        // Call MSAL.NET AcquireTokenByAuthorizationCode and cache the token in Token Cache
                        var application = applicationBuilders.BuildConfidentialClientApplication(authenticationConfig);
                        var result      = await application.AcquireTokenByAuthorizationCode(initialScopes, context.ProtocolMessage.Code)
                                          .ExecuteAsync();

                        context.HandleCodeRedemption(null, result.IdToken);
                    },
                    AuthenticationFailed = arg =>
                    {
                        arg.HandleResponse();
                        arg.Response.Redirect("/?errormessage=" + arg.Exception.Message);

                        return(Task.FromResult(0));
                    },
                    RedirectToIdentityProvider = OnRedirectToIdentityProvider
                }
            });
        }