Created
May 30, 2020 13:33
-
-
Save manoj-choudhari-git/9ab46b20d9b846f9d97094b30d6b8a9f to your computer and use it in GitHub Desktop.
Azure AD B2C Authentication with .NET Core WPF App
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public partial class MainWindow : Window | |
{ | |
public MainWindow() | |
{ | |
InitializeComponent(); | |
} | |
//// Get Account details, which is input for acquring token silently | |
private IAccount GetAccountByPolicy(IEnumerable<IAccount> accounts, string policy) | |
{ | |
foreach (var account in accounts) | |
{ | |
string accountIdentifier = account.HomeAccountId.ObjectId.Split('.')[0]; | |
if (accountIdentifier.EndsWith(policy.ToLower())) return account; | |
} | |
return null; | |
} | |
//// Sign In | |
private async void SignInButton_Click(object sender, RoutedEventArgs e) | |
{ | |
AuthenticationResult authResult = null; | |
var app = App.PublicClientApp; | |
try | |
{ | |
ResultText.Text = ""; | |
authResult = await (app as PublicClientApplication).AcquireTokenInteractive(App.Scopes) | |
.ExecuteAsync(); | |
DisplayUserInfo(authResult); | |
UpdateSignInState(true); | |
} | |
catch (MsalException ex) | |
{ | |
try | |
{ | |
if (ex.Message.Contains("AADB2C90118")) | |
{ | |
authResult = await (app as PublicClientApplication).AcquireTokenInteractive(App.Scopes) | |
.WithPrompt(Prompt.SelectAccount) | |
.WithB2CAuthority(App.AuthorityResetPassword) | |
.ExecuteAsync(); | |
} | |
else | |
{ | |
ResultText.Text = $"Error Acquiring Token:{Environment.NewLine}{ex}"; | |
} | |
} | |
catch (Exception exe) | |
{ | |
ResultText.Text = $"Error Acquiring Token:{Environment.NewLine}{exe}"; | |
} | |
} | |
catch (Exception ex) | |
{ | |
ResultText.Text = $"Error Acquiring Token:{Environment.NewLine}{ex}"; | |
} | |
} | |
//// To Sign out | |
private async void SignOutButton_Click(object sender, RoutedEventArgs e) | |
{ | |
IEnumerable<IAccount> accounts = await App.PublicClientApp.GetAccountsAsync(); | |
try | |
{ | |
while (accounts.Any()) | |
{ | |
await App.PublicClientApp.RemoveAsync(accounts.FirstOrDefault()); | |
accounts = await App.PublicClientApp.GetAccountsAsync(); | |
} | |
UpdateSignInState(false); | |
} | |
catch (MsalException ex) | |
{ | |
ResultText.Text = $"Error signing-out user: {ex.Message}"; | |
} | |
} | |
//// To acquire token when application is restarted without sing out | |
private async void Window_Loaded(object sender, RoutedEventArgs e) | |
{ | |
try | |
{ | |
var app = App.PublicClientApp; | |
IEnumerable<IAccount> accounts = await App.PublicClientApp.GetAccountsAsync(); | |
AuthenticationResult authResult = await app.AcquireTokenSilent(App.Scopes, | |
GetAccountByPolicy(accounts, App.PolicySignUpSignIn)) | |
.ExecuteAsync(); | |
DisplayUserInfo(authResult); | |
UpdateSignInState(true); | |
} | |
catch (MsalUiRequiredException) | |
{ | |
// Ignore, user will need to sign in interactively. | |
ResultText.Text = "You need to sign-in first, and then Call API"; | |
} | |
catch (Exception ex) | |
{ | |
ResultText.Text = $"Error Acquiring Token Silently:{Environment.NewLine}{ex}"; | |
} | |
} | |
//// Method to toggle visibility of Sign In button | |
private void UpdateSignInState(bool signedIn) | |
{ | |
if (signedIn) | |
{ | |
SignOutButton.Visibility = Visibility.Visible; | |
SignInButton.Visibility = Visibility.Collapsed; | |
} | |
else | |
{ | |
ResultText.Text = ""; | |
TokenInfoText.Text = ""; | |
SignOutButton.Visibility = Visibility.Collapsed; | |
SignInButton.Visibility = Visibility.Visible; | |
} | |
} | |
//// Method to display claims and their values | |
private void DisplayUserInfo(AuthenticationResult authResult) | |
{ | |
TokenInfoText.Text = ""; | |
var jwtHandler = new JwtSecurityTokenHandler(); | |
var jwtInput = authResult.IdToken; | |
//Check if readable token (string is in a JWT format) | |
var readableToken = jwtHandler.CanReadToken(jwtInput); | |
if (readableToken != true) | |
{ | |
TokenInfoText.Text = "The token doesn't seem to be in a proper JWT format."; | |
} | |
if (readableToken == true) | |
{ | |
var token = jwtHandler.ReadJwtToken(jwtInput); | |
//Extract the headers of the JWT | |
var headers = token.Header; | |
var jwtHeader = "{"; | |
foreach (var h in headers) | |
{ | |
jwtHeader += '"' + h.Key + "\":\"" + h.Value + "\","; | |
} | |
jwtHeader += "}"; | |
TokenInfoText.Text = "Header:\r\n" + JToken.Parse(jwtHeader).ToString(Formatting.Indented); | |
//Extract the payload of the JWT | |
var claims = token.Claims; | |
var jwtPayload = "{"; | |
foreach (Claim c in claims) | |
{ | |
jwtPayload += '"' + c.Type + "\":\"" + c.Value + "\","; | |
} | |
jwtPayload += "}"; | |
TokenInfoText.Text += "\r\nPayload:\r\n" + JToken.Parse(jwtPayload).ToString(Formatting.Indented); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment