bachoang

# This script will require the Web Application and permissions setup in Azure Active Directory
$ClientID       = "client id"                # Should be a ~35 character string insert your info here
$ClientSecret   = "secret”                   # Should be a ~44 character string insert your info here
$loginURL       = "https://login.microsoftonline.com"
$tenantdomain   = "<tenantname>.onmicrosoft.com"          # For example, contoso.onmicrosoft.com
$resource       = "https://graph.microsoft.com"

# Get an Oauth 2 access token based on client id, secret and tenant domain
$body       = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
$oauth      = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token -Body $body

bachoang

        public void ConfigureAuth(IAppBuilder app)
        {
            app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
            app.UseCookieAuthentication(new CookieAuthenticationOptions());
            app.UseOpenIdConnectAuthentication(
                new OpenIdConnectAuthenticationOptions
                {
                    ClientId = clientId,
                    Authority = authority,
                    PostLogoutRedirectUri = postLogoutRedirectUri,

bachoang

/*
    Workaround below to detect Office request comes from the user smichtch in
    https://github.com/aspnet/AspNetKatana/issues/78
*/

using System;
using System.Collections.Generic;
using System.Configuration;
using System.Globalization;
using System.Linq;

bachoang

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.Identity.Client;
using System.Net.Http;

namespace MSALConsoleApp
{

bachoang

using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Microsoft.Identity.Client;
using System.Net.Http;
using System.Net;

namespace msalb2c
{
    class Program

bachoang

using System.Collections.Generic;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace CoreWebAPIAAD
{

bachoang

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

bachoang

using Microsoft.Azure.Management.Graph.RBAC.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent;
using System;

namespace AzureSDKNetConsoleApp
{
    class Program
    {
        static void Main(string[] args)
        {

bachoang

POST https://www.contoso.com/adfs/services/trust/2005/usernamemixed

HTTP Headers:
SOAPAction: http://schemas.xmlsoap.org/ws/2005/trust/RST/issue
Content-Type: application/soap+xml
client-request-id: 6ca4424a-8d29-4b62-b7cb-5e44ce038af5
return-client-request-id: true
Accept: application/json

bachoang

# script to manage User Consent (Delegated permission).  The following script does 
#    - Remove all MS Graph Delegated permissions (if any) for the user
#    - Perform user consent for an initial set of MS Graph permission
#    - Update the consented permission list with some additional permissions
#    - Remove some permissions from the consented permission list
#    - Remove (revoke) all consented permissions for the user

# Continue to output logs - SilentlyContinue to keep going
$GLOBAL:DebugPreference="SilentlyContinue"