Created
October 8, 2018 09:10
-
-
Save robertmuehsig/d3439f60cb5540b6c442f21d5a464f62 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
services.AddAuthentication() | |
.AddOpenIdConnect(office365Config.Id, office365Config.Caption, options => | |
{ | |
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; | |
options.SignOutScheme = IdentityServerConstants.SignoutScheme; | |
options.ClientId = office365Config.MicrosoftAppClient; | |
options.ClientSecret = office365Config.MicrosoftAppClientSecret; | |
options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false }; | |
options.Authority = office365Config.AuthorizationEndpoint; | |
options.SignedOutRedirectUri = office365Config.Url; | |
options.ResponseType = "code id_token"; | |
options.GetClaimsFromUserInfoEndpoint = true; | |
options.SaveTokens = true; | |
options.CallbackPath = "/oidc-signin"; | |
foreach (var scope in office365Scopes) | |
{ | |
options.Scope.Add(scope); | |
} | |
options.Events = new OpenIdConnectEvents | |
{ | |
OnAuthorizationCodeReceived = async context => | |
{ | |
var clientCred = new ClientCredential(office365Config.MicrosoftAppClient, office365Config.MicrosoftAppClientSecret); | |
var authContext = new AuthenticationContext(office365Config.AuthorizationEndpoint); | |
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code.ToString(), new Uri(context.Properties.Items[OpenIdConnectDefaults.RedirectUriForCodePropertiesKey]), clientCred); | |
try | |
{ | |
var graphServiceClient = new GraphServiceClient(new AccessTokenAuthenticationProvider(authResult.AccessToken)); | |
var groupies = await graphServiceClient.Me.GetMemberGroups(false).Request().PostAsync(); | |
// ... | |
} | |
catch (Exception exc) | |
{ | |
// ... | |
} | |
} | |
}; | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The AccessTokenAuthProvider: