peted70/ADToken.cs

## ADToken.cs
  public void ConfigureServices(IServiceCollection services)
  {
      services.Configure<CookiePolicyOptions>(options =>
      {
          // This lambda determines whether user consent for non-essential cookies is needed for a given request.
          options.CheckConsentNeeded = context => true;
          options.MinimumSameSitePolicy = SameSiteMode.None;
      });

      services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
          .AddAzureAD(options => Configuration.Bind("AzureAd", options));

      services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
      {
          options.TokenValidationParameters = new TokenValidationParameters
          {
              // Instead of using the default validation (validating against a single issuer value, as we do in
              // line of business apps), we inject our own multitenant validation logic
              ValidateIssuer = false,

              // If the app is meant to be accessed by entire organizations, add your issuer validation logic here.
              //IssuerValidator = (issuer, securityToken, validationParameters) => {
              //    if (myIssuerValidationLogic(issuer)) return issuer;
              //}
          };

          options.Events = new OpenIdConnectEvents
          {
              OnTicketReceived = context =>
              {
                  // If your authentication logic is based on users then add your logic here
                  return Task.CompletedTask;
              },
              OnAuthenticationFailed = context =>
              {
                  context.Response.Redirect("/Error");
                  context.HandleResponse(); // Suppress the exception
                  return Task.CompletedTask;
              },
              // If your application needs to do authenticate single users, add your user validation below.
              OnTokenValidated = context =>
              {
                  var token = context.SecurityToken.RawData;

                  return Task.CompletedTask;
              }
          };
      });
	public void ConfigureServices(IServiceCollection services)
	{
	services.Configure<CookiePolicyOptions>(options =>
	{
	// This lambda determines whether user consent for non-essential cookies is needed for a given request.
	options.CheckConsentNeeded = context => true;
	options.MinimumSameSitePolicy = SameSiteMode.None;
	});

	services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
	.AddAzureAD(options => Configuration.Bind("AzureAd", options));

	services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
	{
	options.TokenValidationParameters = new TokenValidationParameters
	{
	// Instead of using the default validation (validating against a single issuer value, as we do in
	// line of business apps), we inject our own multitenant validation logic
	ValidateIssuer = false,

	// If the app is meant to be accessed by entire organizations, add your issuer validation logic here.
	//IssuerValidator = (issuer, securityToken, validationParameters) => {
	// if (myIssuerValidationLogic(issuer)) return issuer;
	//}
	};

	options.Events = new OpenIdConnectEvents
	{
	OnTicketReceived = context =>
	{
	// If your authentication logic is based on users then add your logic here
	return Task.CompletedTask;
	},
	OnAuthenticationFailed = context =>
	{
	context.Response.Redirect("/Error");
	context.HandleResponse(); // Suppress the exception
	return Task.CompletedTask;
	},
	// If your application needs to do authenticate single users, add your user validation below.
	OnTokenValidated = context =>
	{
	var token = context.SecurityToken.RawData;

	return Task.CompletedTask;
	}
	};
	});