private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification context) { // If there is a code in the OpenID Connect response, redeem it for an access token and store it away. var code = context.Code; string userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value; SampleTokenCache tokenCache = new SampleTokenCache(userObjectId); var credential = new ClientCredential(ClientSecret); var cca = new ConfidentialClientApplication( ClientId, context.Request.Uri.ToString(), credential, tokenCache.GetMsalCacheInstance(), null); try { var result = await cca.AcquireTokenByAuthorizationCodeAsync(code, Scopes); } catch (MsalException ex) { context.HandleResponse(); context.Response.Redirect($"/error/index?message={ex.Message}"); } }
// Remove all cache entries for this user and send an OpenID Connect sign-out request. public void SignOut() { string userObjectId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier")?.Value; var tokenCache = new SampleTokenCache(userObjectId); tokenCache.Clear(); HttpContext.GetOwinContext().Authentication.SignOut( OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType); }
public static GraphServiceClient GetAuthenticatedClient(string userId, string redirect) { var graphClient = new GraphServiceClient( new DelegateAuthenticationProvider( async(request) => { var tokenCache = new SampleTokenCache(userId); var cca = new ConfidentialClientApplication(Startup.ClientId, redirect, new ClientCredential(Startup.ClientSecret), tokenCache.GetMsalCacheInstance(), null); var authResult = await cca.AcquireTokenSilentAsync(Startup.Scopes, cca.Users.First()); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken); })); return(graphClient); }
// Gets an access token. First tries to get the access token from the token cache. // This sample uses a password (secret) to authenticate. Production apps should use a certificate. public async Task <string> GetUserAccessTokenAsync(string tenantId) { tokenCache = new SampleTokenCache( tenantId, memoryCache); AuthenticationContext authContext = new AuthenticationContext($"{ aadInstance }{ tenantId }", tokenCache); try { AuthenticationResult authResult = await authContext.AcquireTokenAsync( graphResourceId, new ClientCredential(appId, appSecret)); // For sample purposes only. Production apps should use a client certificate. return(authResult.AccessToken); } catch (AdalException e) { throw e; } }
// Used by NotificationController (which is not authenticated) to get an access token from the cache. public static async Task <string> GetAccessTokenForSubscriptionAsync(string userObjectId, string tenantId) { string authority = $"{ aadInstance }/{ tenantId }"; tokenCache = new SampleTokenCache(userObjectId); AuthenticationContext authContext = new AuthenticationContext(authority, tokenCache); try { AuthenticationResult authResult = await authContext.AcquireTokenSilentAsync( graphResourceId, new ClientCredential(appId, appSecret), new UserIdentifier(userObjectId, UserIdentifierType.UniqueId)); return(authResult.AccessToken); } catch (AdalException e) { throw e; } }
// Gets an access token. First tries to get the token from the token cache. public async Task <string> GetUserAccessTokenAsync(string userObjectId) { tokenCache = new SampleTokenCache( userObjectId, memoryCache); var cachedItems = tokenCache.ReadItems(); // see what's in the cache AuthenticationContext authContext = new AuthenticationContext(authority, tokenCache); try { AuthenticationResult authResult = await authContext.AcquireTokenSilentAsync( graphResourceId, new ClientCredential(appId, appSecret), new UserIdentifier(userObjectId, UserIdentifierType.UniqueId)); return(authResult.AccessToken); } catch (AdalException e) { throw e; } }
// Used by SubscriptionController to get an access token from the cache. public static async Task <string> GetAccessTokenAsync() { string userObjectId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier")?.Value; string tenantId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid")?.Value; string authority = $"{ aadInstance }/{ tenantId }"; tokenCache = new SampleTokenCache(userObjectId); AuthenticationContext authContext = new AuthenticationContext(authority, tokenCache); try { AuthenticationResult authResult = await authContext.AcquireTokenSilentAsync( graphResourceId, new ClientCredential(appId, appSecret), new UserIdentifier(userObjectId, UserIdentifierType.UniqueId)); return(authResult.AccessToken); } catch (AdalException e) { throw e; } }