From 3ea15142ee05f8513a40aa714b02d3e49848bb6d Mon Sep 17 00:00:00 2001 From: damienbod Date: Fri, 24 Nov 2023 21:00:56 +0100 Subject: [PATCH] Update MICROSOFT_ENTRA_ID --- .../MultiMicrosoftEntraIDWebApi/Consts.cs | 15 +++++++-------- .../Controllers/MultiController.cs | 2 +- .../Controllers/SingleController.cs | 2 +- .../HostingExtensions.cs | 14 +++++++------- MultiIdentityProvider/WebApi/AllSchemesHandler.cs | 2 +- MultiIdentityProvider/WebApi/Consts.cs | 6 +++--- MultiIdentityProvider/WebApi/HostingExtensions.cs | 8 ++++---- 7 files changed, 24 insertions(+), 25 deletions(-) diff --git a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Consts.cs b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Consts.cs index 4f5396f..47f0783 100644 --- a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Consts.cs +++ b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Consts.cs @@ -1,11 +1,10 @@ -namespace WebApi +namespace WebApi; + +public static class Consts { - public static class Consts - { - public const string AAD_MULTI_SCHEME = "multiTenantApiScheme"; - public const string AAD_SINGLE_SCHEME = "singleTenantApiScheme"; + public const string MICROSOFT_ENTRA_ID_MULTI_SCHEME = "multiTenantApiScheme"; + public const string MICROSOFT_ENTRA_ID_SINGLE_SCHEME = "singleTenantApiScheme"; - public const string MUTLI_AAD_POLICY = "myAadPolicy"; - public const string SINGLE_AAD_POLICY = "myAuth0Policy"; - } + public const string MUTLI_MICROSOFT_ENTRA_ID_POLICY = "myAadPolicy"; + public const string SINGLE_MICROSOFT_ENTRA_ID_POLICY = "myAuth0Policy"; } diff --git a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/MultiController.cs b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/MultiController.cs index 6f5fa59..bc417e6 100644 --- a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/MultiController.cs +++ b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/MultiController.cs @@ -3,7 +3,7 @@ namespace WebApi.Controllers; -[Authorize(AuthenticationSchemes = Consts.AAD_MULTI_SCHEME, Policy = Consts.MUTLI_AAD_POLICY)] +[Authorize(AuthenticationSchemes = Consts.MICROSOFT_ENTRA_ID_MULTI_SCHEME, Policy = Consts.MUTLI_MICROSOFT_ENTRA_ID_POLICY)] [Route("api/[controller]")] public class MultiController : Controller { diff --git a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/SingleController.cs b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/SingleController.cs index 5b29547..c54a89b 100644 --- a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/SingleController.cs +++ b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/Controllers/SingleController.cs @@ -3,7 +3,7 @@ namespace WebApi.Controllers; -[Authorize(AuthenticationSchemes = Consts.AAD_SINGLE_SCHEME, Policy = Consts.SINGLE_AAD_POLICY)] +[Authorize(AuthenticationSchemes = Consts.MICROSOFT_ENTRA_ID_SINGLE_SCHEME, Policy = Consts.SINGLE_MICROSOFT_ENTRA_ID_POLICY)] [Route("api/[controller]")] public class SingleController : Controller { diff --git a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/HostingExtensions.cs b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/HostingExtensions.cs index 85dcea6..ca93056 100644 --- a/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/HostingExtensions.cs +++ b/MicrosoftEntraIDMultiApis/MultiMicrosoftEntraIDWebApi/HostingExtensions.cs @@ -15,15 +15,15 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde var configuration = builder.Configuration; _env = builder.Environment; - services.AddAuthentication(Consts.AAD_MULTI_SCHEME) - .AddMicrosoftIdentityWebApi(configuration, "AzureADMultiApi", Consts.AAD_MULTI_SCHEME); + services.AddAuthentication(Consts.MICROSOFT_ENTRA_ID_MULTI_SCHEME) + .AddMicrosoftIdentityWebApi(configuration, "AzureADMultiApi", Consts.MICROSOFT_ENTRA_ID_MULTI_SCHEME); - services.AddAuthentication(Consts.AAD_SINGLE_SCHEME) - .AddMicrosoftIdentityWebApi(configuration, "AzureADSingleApi", Consts.AAD_SINGLE_SCHEME); + services.AddAuthentication(Consts.MICROSOFT_ENTRA_ID_SINGLE_SCHEME) + .AddMicrosoftIdentityWebApi(configuration, "AzureADSingleApi", Consts.MICROSOFT_ENTRA_ID_SINGLE_SCHEME); services.AddAuthorization(policies => { - policies.AddPolicy(Consts.MUTLI_AAD_POLICY, p => + policies.AddPolicy(Consts.MUTLI_MICROSOFT_ENTRA_ID_POLICY, p => { // application access token // "roles": [ @@ -36,7 +36,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde p.RequireClaim("azpacr", "1"); }); - policies.AddPolicy(Consts.SINGLE_AAD_POLICY, p => + policies.AddPolicy(Consts.SINGLE_MICROSOFT_ENTRA_ID_POLICY, p => { // delegated access token => "scp": "access_as_user", // "azp": "46d2f651-813a-4b5c-8a43-63abcb4f692c", @@ -51,7 +51,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() - .AddAuthenticationSchemes(Consts.AAD_MULTI_SCHEME, Consts.AAD_SINGLE_SCHEME) + .AddAuthenticationSchemes(Consts.MICROSOFT_ENTRA_ID_MULTI_SCHEME, Consts.MICROSOFT_ENTRA_ID_SINGLE_SCHEME) .Build(); options.Filters.Add(new AuthorizeFilter(policy)); }); diff --git a/MultiIdentityProvider/WebApi/AllSchemesHandler.cs b/MultiIdentityProvider/WebApi/AllSchemesHandler.cs index 9a7748e..3dc85e8 100644 --- a/MultiIdentityProvider/WebApi/AllSchemesHandler.cs +++ b/MultiIdentityProvider/WebApi/AllSchemesHandler.cs @@ -35,7 +35,7 @@ public class AllSchemesHandler : AuthorizationHandler } } - if (issuer == Consts.MY_AAD_ISS) // AAD + if (issuer == Consts.MY_MICROSOFT_ENTRA_ID_ISS) // AAD { // "azp": "--your-azp-claim-value--", var azpClaim = context.User.Claims.FirstOrDefault(c => c.Type == "azp" diff --git a/MultiIdentityProvider/WebApi/Consts.cs b/MultiIdentityProvider/WebApi/Consts.cs index 3c4b293..26b8272 100644 --- a/MultiIdentityProvider/WebApi/Consts.cs +++ b/MultiIdentityProvider/WebApi/Consts.cs @@ -2,12 +2,12 @@ public static class Consts { - public const string MY_AAD_SCHEME = "myAadScheme"; + public const string MY_MICROSOFT_ENTRA_ID_SCHEME = "myAadScheme"; public const string MY_AUTH0_SCHEME = "myAuth0Scheme"; public const string MY_OPENIDDICT_SCHEME = "myOpenIddictScheme"; // OpenIddict scheme = OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme; - public const string ALL_MY_SCHEMES = MY_AAD_SCHEME + "," + MY_AUTH0_SCHEME + "," + MY_OPENIDDICT_SCHEME; + public const string ALL_MY_SCHEMES = MY_MICROSOFT_ENTRA_ID_SCHEME + "," + MY_AUTH0_SCHEME + "," + MY_OPENIDDICT_SCHEME; public const string MY_AAD_POLICY = "myAadPolicy"; public const string MY_AUTH0_POLICY = "myAuth0Policy"; @@ -15,7 +15,7 @@ public static class Consts public const string MY_POLICY_ALL_IDP = "myPolicyForAllIdp"; - public const string MY_AAD_ISS = "https://login.microsoftonline.com/7ff95b15-dc21-4ba6-bc92-824856578fc1/v2.0"; + public const string MY_MICROSOFT_ENTRA_ID_ISS = "https://login.microsoftonline.com/7ff95b15-dc21-4ba6-bc92-824856578fc1/v2.0"; public const string MY_AUTH0_ISS = "https://dev-damienbod.eu.auth0.com/"; public const string MY_OPENIDDICT_ISS = "https://localhost:44318/"; } diff --git a/MultiIdentityProvider/WebApi/HostingExtensions.cs b/MultiIdentityProvider/WebApi/HostingExtensions.cs index 36c5189..61cb7b0 100644 --- a/MultiIdentityProvider/WebApi/HostingExtensions.cs +++ b/MultiIdentityProvider/WebApi/HostingExtensions.cs @@ -36,7 +36,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde ValidIssuers = configuration.GetSection("ValidIssuers").Get() }; }) - .AddJwtBearer(Consts.MY_AAD_SCHEME, jwtOptions => + .AddJwtBearer(Consts.MY_MICROSOFT_ENTRA_ID_SCHEME, jwtOptions => { jwtOptions.MetadataAddress = configuration["AzureAd:MetadataAddress"]!; jwtOptions.Authority = configuration["AzureAd:Authority"]; @@ -87,15 +87,15 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde return Consts.MY_AUTH0_SCHEME; } - if (issuer == Consts.MY_AAD_ISS) // AAD + if (issuer == Consts.MY_MICROSOFT_ENTRA_ID_ISS) // Microsoft Entra ID { - return Consts.MY_AAD_SCHEME; + return Consts.MY_MICROSOFT_ENTRA_ID_SCHEME; } } } // We don't know what it is - return Consts.MY_AAD_SCHEME; + return Consts.MY_MICROSOFT_ENTRA_ID_SCHEME; }; });