Skip to content
This repository has been archived by the owner on Nov 16, 2023. It is now read-only.

Commit

Permalink
Merge pull request #22 from microsoftgraph/msal-graph-sdk
Browse files Browse the repository at this point in the history 
Bring sample up to date
  • Loading branch information
@jasonjoh
jasonjoh committed May 23, 2018
2 parents 3fd361b + 4c43231 commit d6e3c5c
Show file tree
Hide file tree
Showing 98 changed files with 60,984 additions and 1,269 deletions.
8 changes: 7 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@ publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# TODO: Comment the next line if you want to checkin your web deploy settings
# TODO: Comment the next line if you want to checkin your web deploy settings
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
Expand Down Expand Up @@ -234,3 +234,9 @@ _Pvt_Extensions

# FAKE - F# Make
.fake/

# Visual Studio Code settings
.vscode/

# File with app ID and secret - prevent accidental commit of this info
PrivateSettings.config
215 changes: 0 additions & 215 deletions CONTRIBUTING.md
View file

This file was deleted.

68 changes: 37 additions & 31 deletions GraphWebhooks/App_Start/Startup.Auth.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,17 @@
* See LICENSE in the source repository root for complete license information.
*/

using System;
using System.Configuration;
using System.Threading.Tasks;
using System.Web;
using GraphWebhooks.TokenStorage;
using Microsoft.Identity.Client;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.Notifications;
using Microsoft.Owin.Security.OpenIdConnect;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Owin;
using GraphWebhooks.TokenStorage;
using System;
using System.Configuration;
using System.IdentityModel.Tokens;
using System.Threading.Tasks;

namespace GraphWebhooks
{
Expand All @@ -21,21 +22,24 @@ public partial class Startup
public static string ClientId = ConfigurationManager.AppSettings["ida:ClientId"];
public static string ClientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"];
public static string AadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
public static string GraphResourceId = ConfigurationManager.AppSettings["ida:ResourceId"];
public static string[] Scopes = ConfigurationManager.AppSettings["ida:AppScopes"]
.Replace(' ', ',').Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);

public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

app.UseCookieAuthentication(new CookieAuthenticationOptions { });
app.UseCookieAuthentication(new CookieAuthenticationOptions());

app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = ClientId,
Authority = $"{ AadInstance }/common",
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
Authority = $"{ AadInstance }/common/v2.0",
Scope = "openid offline_access profile email " + string.Join(" ", Scopes),
TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
// instead of using the default validation (validating against a single issuer value, as we do in line of business apps),
// we inject our own multitenant validation logic
ValidateIssuer = false,
Expand All @@ -45,27 +49,7 @@ public void ConfigureAuth(IAppBuilder app)
},
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthorizationCodeReceived = (context) =>
{
// If there is a code in the OpenID Connect response, redeem it for an access token and store it away.
var code = context.Code;
string userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
string tenantId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
string authority = $"{ AadInstance }/{ tenantId }";
AuthenticationContext authContext = new AuthenticationContext(
authority,
new SampleTokenCache(userObjectId));
authContext.AcquireTokenByAuthorizationCodeAsync(
code,
new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)),
new ClientCredential(ClientId, ClientSecret),
GraphResourceId);
return Task.FromResult(0);
},
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
RedirectToIdentityProvider = (context) =>
{
// This ensures that the address used for sign in and sign out is picked up dynamically from the request.
Expand All @@ -90,5 +74,27 @@ public void ConfigureAuth(IAppBuilder app)
}
});
}

private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification context)
{
// If there is a code in the OpenID Connect response, redeem it for an access token and store it away.
var code = context.Code;
string userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;

SampleTokenCache tokenCache = new SampleTokenCache(userObjectId);

var cca = new ConfidentialClientApplication(ClientId, context.Request.Uri.ToString(),
new ClientCredential(ClientSecret), tokenCache.GetMsalCacheInstance(), null);

try
{
var result = await cca.AcquireTokenByAuthorizationCodeAsync(code, Scopes);
}
catch (MsalException ex)
{
context.HandleResponse();
context.Response.Redirect($"/error/index?message={ex.Message}");
}
}
}
}
12 changes: 11 additions & 1 deletion GraphWebhooks/Content/Site.css
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
body {
padding-top: 50px;
padding-top: 4.5rem;
padding-bottom: 20px;
}

Expand All @@ -22,3 +22,13 @@ select,
textarea {
max-width: 280px;
}

.code-block {
padding: 10px;
background-color: #f8f9fa;
margin-bottom: 1rem;
}

.code-block pre {
margin-bottom: 0;
}
Loading

0 comments on commit d6e3c5c

Please sign in to comment.