Azure-Samples · balaonline · Aug 24, 2021
diff --git a/TaskService/App_Start/OpenIdConnectCachingSecurityTokenProvider.cs b/TaskService/App_Start/OpenIdConnectCachingSecurityTokenProvider.cs
@@ -1,91 +1,137 @@
-using Microsoft.IdentityModel.Protocols;
-using Microsoft.IdentityModel.Protocols.OpenIdConnect;
-using Microsoft.IdentityModel.Tokens;
-using Microsoft.Owin.Security.Jwt;
-using System.Collections.Generic;
-using System.Threading;
-using System.Threading.Tasks;
-
-namespace TaskService.App_Start
-{
-    // This class is necessary because the OAuthBearer Middleware does not leverage
-    // the OpenID Connect metadata endpoint exposed by the STS by default.
-    public class OpenIdConnectCachingSecurityTokenProvider : IIssuerSecurityKeyProvider
-    {
-        public ConfigurationManager<OpenIdConnectConfiguration> _configManager;
-        private string _issuer;
-        private IEnumerable<SecurityKey> _keys;
-        private readonly string _metadataEndpoint;
-
-        private readonly ReaderWriterLockSlim _synclock = new ReaderWriterLockSlim();
-
-        public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint)
-        {
-            _metadataEndpoint = metadataEndpoint;
-            _configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever());
-
-            RetrieveMetadata();
-        }
-
-        /// <summary>
-        /// Gets the issuer the credentials are for.
-        /// </summary>
-        /// <value>
-        /// The issuer the credentials are for.
-        /// </value>
-        public string Issuer
-        {
-            get
-            {
-                RetrieveMetadata();
-                _synclock.EnterReadLock();
-                try
-                {
-                    return _issuer;
-                }
-                finally
-                {
-                    _synclock.ExitReadLock();
-                }
-            }
-        }
-
-        /// <summary>
-        /// Gets all known security keys.
-        /// </summary>
-        /// <value>
-        /// All known security keys.
-        /// </value>
-        public IEnumerable<SecurityKey> SecurityKeys
-        {
-            get
-            {
-                RetrieveMetadata();
-                _synclock.EnterReadLock();
-                try
-                {
-                    return _keys;
-                }
-                finally
-                {
-                    _synclock.ExitReadLock();
-                }
-            }
-        }
-
-        private void RetrieveMetadata()
-        {
-            _synclock.EnterWriteLock();
-            try
-            {
-                OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
-                _issuer = config.Issuer;
-                _keys = config.SigningKeys;
-            }
-            finally
-            {
-                _synclock.ExitWriteLock();
-            }
-        }
-    }
-}
+using Microsoft.IdentityModel.Protocols;
+using Microsoft.IdentityModel.Protocols.OpenIdConnect;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.Owin.Security.Jwt;
+using System;
+using System.Collections.Generic;
+using System.Configuration;
+using System.Net;
+using System.Net.Http;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace TaskService.App_Start
+{
+    // This class is necessary because the OAuthBearer Middleware does not leverage
+    // the OpenID Connect metadata endpoint exposed by the STS by default.
+    public class OpenIdConnectCachingSecurityTokenProvider : IIssuerSecurityKeyProvider
+    {
+        public ConfigurationManager<OpenIdConnectConfiguration> _configManager;
+        private string _issuer;
+        private IEnumerable<SecurityKey> _keys;
+        private readonly string _metadataEndpoint;
+
+        private readonly ReaderWriterLockSlim _synclock = new ReaderWriterLockSlim();
+
+        private static HttpClient _httpClient;
+
+        public class MyProxy : IWebProxy
+        {
+            public ICredentials Credentials
+            {
+                //get { return new NetworkCredential("user", "password"); }
+                get { return new NetworkCredential(ConfigurationManager.AppSettings["ProxyUsername"], ConfigurationManager.AppSettings["ProxyPassword"], ConfigurationManager.AppSettings["ProxyDomain"]); }
+                set { }
+            }
+
+            public Uri GetProxy(Uri destination)
+            {
+                return new Uri(ConfigurationManager.AppSettings["ProxyServerUrl"]);
+            }
+
+            public bool IsBypassed(Uri host)
+            {
+                return false;
+            }
+        }
+
+        private static void CreateHttpClient()
+        {
+            var config = new HttpClientHandler
+            {
+                UseProxy = true,
+                Proxy = new MyProxy()
+            };
+
+            //then you can simply pass the config to HttpClient
+            _httpClient = new HttpClient(config);
+        }
+
+        public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint)
+        {
+            if (_httpClient == null)
+            {
+                // It's best* to create a single HttpClient and reuse it                
+                CreateHttpClient();
+            }
+            _metadataEndpoint = metadataEndpoint;
+            //_configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever());
+            _configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever(), _httpClient);
+
+
+            RetrieveMetadata();
+        }
+
+        /// <summary>
+        /// Gets the issuer the credentials are for.
+        /// </summary>
+        /// <value>
+        /// The issuer the credentials are for.
+        /// </value>
+        public string Issuer
+        {
+            get
+            {
+                RetrieveMetadata();
+                _synclock.EnterReadLock();
+                try
+                {
+                    return _issuer;
+                }
+                finally
+                {
+                    _synclock.ExitReadLock();
+                }
+            }
+        }
+
+        /// <summary>
+        /// Gets all known security keys.
+        /// </summary>
+        /// <value>
+        /// All known security keys.
+        /// </value>
+        public IEnumerable<SecurityKey> SecurityKeys
+        {
+            get
+            {
+                RetrieveMetadata();
+                _synclock.EnterReadLock();
+                try
+                {
+                    return _keys;
+                }
+                finally
+                {
+                    _synclock.ExitReadLock();
+                }
+            }
+        }
+
+        private void RetrieveMetadata()
+        {
+            _synclock.EnterWriteLock();
+            try
+            {
+                OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
+                _issuer = config.Issuer;
+                _keys = config.SigningKeys;
+            }
+            finally
+            {
+                _synclock.ExitWriteLock();
+            }
+        }
+    }
+}
diff --git a/TaskService/Web.config b/TaskService/Web.config
@@ -19,6 +19,13 @@
     <!-- The following settings is used for requesting access tokens -->
     <add key="api:ReadScope" value="read" />
     <add key="api:WriteScope" value="write" />
+
+      <!-- Replace the following with your proxy server's settings -->    
+    <add key="ProxyServerUrl" value="http://contoso:8080"/>
+    <add key="ProxyUsername" value="******"/>
+    <add key="ProxyDomain" value="****"/>
+    <add key="ProxyPassword" value="******"/>
+
   </appSettings>
   <!--
     For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.
@@ -104,4 +111,6 @@
       <remove name="TRACEVerbHandler" />
       <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
     </handlers>
-  </system.webServer></configuration>
+  </system.webServer>
+
+</configuration>