Skip to content

Microsoft.Identity.Web refactor #272

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 60 commits into from
Feb 19, 2020
Merged

Microsoft.Identity.Web refactor #272

merged 60 commits into from
Feb 19, 2020

Conversation

TiagoBrenck
Copy link
Contributor

@TiagoBrenck TiagoBrenck commented Jan 27, 2020
edited
Loading

Intro

This PR might look like a beast, but it is less scary than you think. A lot of files got changed because this branch also includes the renaming of the methods: AddMicrosoftIdentityPlatformAuthentication, AddMsal and GetAccessTokenOnBehalfOfUserAsync.

I will add a comment on each file that have been modified on the refactoring, explaining the "why's"

Purpose

The mainly 3 purpose of this change are:

  • Remove AzureAD.UI and AzureADB2C.UI packages
  • Unify B2C and AAD logic to acquire tokens, remove accounts, sign-in and all helpers provided by the extension library
  • Leverage OpenIdConnectOptions and JwtBearerOptions classes for configuration

The byproduct of this refactoring includes, but is not limited to:

  • Given more flexibility to developer customize their authN/authZ configurations using Microsoft.Identity.Web
  • Possibility to have more OIDC schemes configured without having shemes conflicts. Using AAD and Google for instance, or maybe multiple AAD configurarions
  • Taken control of configurations once blocked by AzureAD.UI packages, like the usage of all attributes of OpenIdConnectOptions

Does this introduce a breaking change?

[ ] Yes
[x] No (Although [Obsolete] attribute was used)

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[x] Refactoring (no functional changes, no api changes)
[x] Documentation content changes
[ ] Other... Please describe:

Pending tasks

  1. Include a B2C calling Web API
  2. Investigate RemoveAccountAsync on B2C scenario
  3. Update Readme s
  4. Have a scenario with 2 different OIDC configurations

jmprieur and others added 27 commits December 5, 2019 14:15
@jmprieur
Renamings:
3ef8aab 
- AddMicrosoftIdentityPlatformAuthentication => AddSignIn
- AddMsal => AddWebAppCallProtectedWebApi
@jmprieur
More renaming for consistency
ec18b4d
@jmprieur
Updating the README.md with a breaking changes section
81126a6
@jmprieur
Attempt to move to pure OIDC and JwtBearer implementation (dropping t…
2086d17 
…he comfort AzureAD layers)

This code does not work yet ....
Raw OIDC configuration suggestion
6f32783
missing commit
ff0cca9
Using AzureAD appsettings section
6988e56
Experimenting UI as external RazorLibrary project
09ef790
@jennyf19 @jmprieur
fix some comments and namings (#244)
794daae
Removing AzureADOptions class
60aa290
Added missing OpenIdConnectOptions binding
e347406 
Added logic to check if authority has v2.0 before modifying it
removed Microsoft.AspNetCore.Authentication.AzureAD.UI reference from…
cc31b76 
… web project
reversing testing method
7962851
Commented non-working method
2ed5158
Partial changes for B2C login
d7de325
Fixes for B2C sign-in
5dfebbc
Fixed B2C NameClaimType to "name"
dd95f87
@jmprieur
Renaming2 (#269)
8c373f6 
* Renaming GetAccessTokenOnBehalfOfUserAsync into GetAccessTokenForUserAsync
as the OnBehalfOfUser was telling too much about OBO, whereas in the case of a Web App this was not the OBO flow.
* Addressing PR feedback
Merge branch 'master' into jmprieur/removingUis
821c756 
# Conflicts:
#	1-WebApp-OIDC/1-2-AnyOrg/README-1-1-to-1-2.md
#	1-WebApp-OIDC/1-5-B2C/Startup.cs
#	1-WebApp-OIDC/1-5-B2C/WebApp-OpenIDConnect-DotNet.sln
#	2-WebApp-graph-user/2-1-Call-MSGraph/Properties/launchSettings.json
#	5-WebApp-AuthZ/5-1-Roles/README-incremental-instructions.md
#	Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs
New class MicrosoftIdentityOptions, so we can merge AAD and B2C optio…
bda9d3e 
…ns in the same class

Add AuthorityHelpers
Helper method to check if authority is V2
Helper method to build AAD or B2C AuthorityHelpers
Refactored AddSignIn so parameters shows in a logical order
Attempt to merge B2C and AAD acquireToken logic
c379423
Allowing multiple OIDC schemes to be configured
1242c3d
@jmprieur
Merge branch 'master' into renaming
c3852b3
Added B2C ResetPassword and EditProfile in UI project
7d69b73 
Added B2C exclusive OIDC event handlers
Fixed 1-5 samples to use Microsoft.Identity.UI project
Merge branch 'renaming' into jmprieur/removingUis
649cb96 
# Conflicts:
#	1-WebApp-OIDC/1-2-AnyOrg/README-1-1-to-1-2.md
#	2-WebApp-graph-user/2-1-Call-MSGraph/AspnetCoreWebApp-calls-Microsoft-Graph.sln
#	5-WebApp-AuthZ/5-1-Roles/README-incremental-instructions.md
#	Microsoft.Identity.Web/ClaimsPrincipalExtensions.cs
#	Microsoft.Identity.Web/TokenAcquisition.cs
#	Microsoft.Identity.Web/TokenCacheProviders/Session/MsalSessionTokenCacheProvider.cs
#	Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs
Added comments and preparation for PR
079aae7
Preparation for PR
ed9b55c
@TiagoBrenck TiagoBrenck added the do not merge PR not ready to merge yet label Jan 27, 2020
jennyf19
jennyf19 approved these changes Jan 30, 2020
View reviewed changes
Copy link
Contributor

@jennyf19 jennyf19 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the quick updates, @TiagoBrenck

jennyf19
jennyf19 reviewed Jan 30, 2020
View reviewed changes
jennyf19
jennyf19 reviewed Jan 30, 2020
View reviewed changes
@jennyf19
Copy link
Contributor

jennyf19 commented Jan 30, 2020
edited by TiagoBrenck
Loading

this comment is not valid anymore right? #Resolved

Refers to: Microsoft.Identity.Web/ClaimsPrincipalExtensions.cs:15 in 14dd663. [](commit_id = 14dd663, deletion_comment = False)

jennyf19
jennyf19 reviewed Jan 30, 2020
View reviewed changes
jennyf19
jennyf19 reviewed Jan 30, 2020
View reviewed changes
@TiagoBrenck TiagoBrenck mentioned this pull request Jan 31, 2020
Closed
8 tasks
pmaytak and others added 3 commits January 31, 2020 16:52
@pmaytak
Added B2C Password Reset Policy
190780f 
Added B2C Password Reset Policy ID to app settings.
@pmaytak
Merge pull request #275 from Azure-Samples/B2C-reset-policy
16141bc 
Added B2C Password Reset Policy
Merge branch 'master' into jmprieur/removingUis
f161eb3 
# Conflicts:
#	Microsoft.Identity.Web/AuthorizeForScopesAttribute.cs
@jmprieur jmprieur added the enhancement New feature or request label Feb 9, 2020
@jmprieur jmprieur mentioned this pull request Feb 10, 2020
Closed
14 tasks
jmprieur and others added 11 commits February 9, 2020 17:46
@jmprieur
Merging from master and resolving the conflicts
686751e
@jmprieur
Moving Web app calling Web API to its own sub folder
075bfc8
@jmprieur @jennyf19
Jmprieur/webappwebapib2c (#298)
45b1750 
* Experiment for a B2C Web app calling a B2C Web API.
Needs more work.

* Test and fix B2C web app calls web api scenario
Fix issue in AadIssuerValidator when certains claims are not present (ex. policy) in the token
Fix bug w/scopes and scopeKeySection
Send "client_info=1" to request to get client info back from AAD B2C
Add ClientInfo class + methods to pull out the TenantId from the ClientInfo
Add full value to UserFlow as it was not picking up on short version
In TokenAcquisition, check first for b2c and then do null tenant and then tenant specific, was using the wrong authority for b2c previously
Fix bug in determining audience validation

* Fixing missing references

* Uncommenting a needed line

* Fixing a build break

* Fixing the configuration and a problem brought bad a by merge by jmprieur

* add uitid to the claims for b2c

* moving Web app calling Web API with B2C in own folder

* Reading the 4-1-MyOrg folder

* Update README.md

Co-authored-by: jennyf19 <jeferrie@microsoft.com>
@jmprieur
Merge branch 'master' into jmprieur/removingUis
00e7c8c
- Cleaned appsettings
0505666 
- Removed DisallowsSameSiteNone from WebAppServiceCollectionExtensions because it got moved to another class
- Added edit profile button on login bar
- Fixed merge on AuthorizeForScopesAttribute
- Added options.TokenValidationParameters.NameClaimType = "name" on web api Startup to fix todo list
Added older role claim const
c2929ff
Added policy on APIs to check for scope 'read'
5a0e144
Refactored scopes policy
5132107
Renamings and PR comments
5c86721
Merge pull request #300 from Azure-Samples/tibre/mergeCleanup
cc36d77 
Fixing merge
@jmprieur
Fixing the failing unit test (because the tenant ID is now retrieved …
ed250ae 
…from the issuer) (#302)
@TiagoBrenck TiagoBrenck removed the do not merge PR not ready to merge yet label Feb 19, 2020
@jmprieur jmprieur merged commit b1b0b4b into master Feb 19, 2020
@jmprieur
Copy link
Contributor

Thanks @TiagoBrenck @jennyf19 @kalyankrishna1 for this big achievement!

@jmprieur jmprieur deleted the jmprieur/removingUis branch February 21, 2020 18:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kalyankrishna1 kalyankrishna1 kalyankrishna1 left review comments

@jennyf19 jennyf19 jennyf19 approved these changes

@bgavrilMS bgavrilMS Awaiting requested review from bgavrilMS

@jmprieur jmprieur Awaiting requested review from jmprieur

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@TiagoBrenck @jennyf19 @jmprieur @kalyankrishna1 @pmaytak