public void PrepareConfidentialClientInstanceAsync() { if (this._application == null) { var appBuilder = new ApplicationBuilders(this.CacheType); //ConfidentialClientApplicationOptions confidentialClientOptions = new ConfidentialClientApplicationOptions() //{ // ClientId = authConfig.ClientId, // ClientSecret = authConfig.ClientSecret, // EnablePiiLogging = true, // Instance = authConfig.AADInstance, // RedirectUri = authConfig.RedirectUri, // TenantId = authConfig.RedirectUri //}; // this._application = ConfidentialClientApplicationBuilder.CreateWithApplicationOptions(confidentialClientOptions).Build(); this._application = appBuilder.BuildConfidentialClientApplication(this.AuthenticationConfig); } }
public static void EnableTokenAcquisitionToCallDownstreamApi(this IAppBuilder app, AuthenticationConfig authenticationConfig, IEnumerable <string> initialScopes = null, CacheType cacheType = CacheType.InMemoryCache) { ApplicationBuilders applicationBuilders = new ApplicationBuilders(cacheType); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = authenticationConfig.ClientId, Authority = authenticationConfig.Authority, PostLogoutRedirectUri = authenticationConfig.PostLogoutRedirectUri, RedirectUri = authenticationConfig.RedirectUri, TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false, NameClaimType = IdentityConstants.PreferredUserName }, ResponseType = "code", Scope = $"{IdentityConstants.DefaultScopes} {string.Join(" ", initialScopes)}", Notifications = new OpenIdConnectAuthenticationNotifications() { AuthorizationCodeReceived = async context => { // Call MSAL.NET AcquireTokenByAuthorizationCode and cache the token in Token Cache var application = applicationBuilders.BuildConfidentialClientApplication(authenticationConfig); var result = await application.AcquireTokenByAuthorizationCode(initialScopes, context.ProtocolMessage.Code) .ExecuteAsync(); context.HandleCodeRedemption(null, result.IdToken); }, AuthenticationFailed = arg => { arg.HandleResponse(); arg.Response.Redirect("/?errormessage=" + arg.Exception.Message); return(Task.FromResult(0)); }, RedirectToIdentityProvider = OnRedirectToIdentityProvider } }); }