Jmprieur/webappwebapib2c

.gitignore

@@ -39,9 +39,6 @@
 /2-WebApp-graph-user/2-2-TokenCache/.vs
 /2-WebApp-graph-user/2-2-TokenCache/bin
 /2-WebApp-graph-user/2-2-TokenCache/obj
-/2-WebApp-graph-user/2-3-Best-Practices/.vs
-/2-WebApp-graph-user/2-3-Best-Practices/bin
-/2-WebApp-graph-user/2-3-Best-Practices/obj
 /2-WebApp-graph-user/2-3-Multi-Tenant/.vs
 /2-WebApp-graph-user/2-3-Multi-Tenant/bin
 /2-WebApp-graph-user/2-3-Multi-Tenant/obj
@@ -121,11 +118,13 @@
 /2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/bin
 /2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/obj
 /Microsoft.Identity.Web.Test/obj
-/4-WebApp-your-API/4-2-B2C/.vs
-/4-WebApp-your-API/4-2-B2C/Client/obj
-/4-WebApp-your-API/4-2-B2C/TodoListService/obj
 /4-WebApp-your-API/4-1-MyOrg/.vs
 /4-WebApp-your-API/4-1-MyOrg/Client/bin
 /4-WebApp-your-API/4-1-MyOrg/Client/obj
 /4-WebApp-your-API/4-1-MyOrg/TodoListService/bin
 /4-WebApp-your-API/4-1-MyOrg/TodoListService/obj
+/4-WebApp-your-API/4-2-B2C/.vs
+/4-WebApp-your-API/4-2-B2C/Client/obj
+/4-WebApp-your-API/4-2-B2C/TodoListService/obj
+/4-WebApp-your-API/4-2-B2C/Client/bin
+/4-WebApp-your-API/4-2-B2C/TodoListService/bin

2-WebApp-graph-user/2-1-Call-MSGraph/AspnetCoreWebApp-calls-Microsoft-Graph.sln

@@ -30,14 +30,14 @@ Global
 		{E0CEF26A-6CE6-4505-851B-6580D5564752}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{E0CEF26A-6CE6-4505-851B-6580D5564752}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{E0CEF26A-6CE6-4505-851B-6580D5564752}.Release|Any CPU.Build.0 = Release|Any CPU
+		{8CCEAE2A-BDF6-470C-B6DE-7FC81A74DBD7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{8CCEAE2A-BDF6-470C-B6DE-7FC81A74DBD7}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{8CCEAE2A-BDF6-470C-B6DE-7FC81A74DBD7}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{8CCEAE2A-BDF6-470C-B6DE-7FC81A74DBD7}.Release|Any CPU.Build.0 = Release|Any CPU
 		{8CC22202-F66C-4332-A4F0-A2C09EBA08EC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{8CC22202-F66C-4332-A4F0-A2C09EBA08EC}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{8CC22202-F66C-4332-A4F0-A2C09EBA08EC}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{8CC22202-F66C-4332-A4F0-A2C09EBA08EC}.Release|Any CPU.Build.0 = Release|Any CPU
-		{0EEC3E2E-69D0-4A7F-98D6-4386330F4965}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{0EEC3E2E-69D0-4A7F-98D6-4386330F4965}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{0EEC3E2E-69D0-4A7F-98D6-4386330F4965}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{0EEC3E2E-69D0-4A7F-98D6-4386330F4965}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

4-WebApp-your-API/4-1-MyOrg/Client/Program.cs

@@ -1,4 +1,7 @@
-using Microsoft.AspNetCore.Hosting;
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Hosting;
 
 namespace WebApp_OpenIDConnect_DotNet

4-WebApp-your-API/4-1-MyOrg/Client/Services/TodoListService.cs

@@ -1,26 +1,5 @@
-/*
- The MIT License (MIT)
-
-Copyright (c) 2018 Microsoft Corporation
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
- */
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Configuration;
@@ -59,11 +38,11 @@ public class TodoListService : ITodoListService
 
         public TodoListService(ITokenAcquisition tokenAcquisition, HttpClient httpClient, IConfiguration configuration, IHttpContextAccessor contextAccessor)
         {
-            this._httpClient = httpClient;
-            this._tokenAcquisition = tokenAcquisition;
-            this._contextAccessor = contextAccessor;
-            this._TodoListScope = configuration["TodoList:TodoListScope"];
-            this._TodoListBaseAddress = configuration["TodoList:TodoListBaseAddress"];
+            _httpClient = httpClient;
+            _tokenAcquisition = tokenAcquisition;
+            _contextAccessor = contextAccessor;
+            _TodoListScope = configuration["TodoList:TodoListScope"];
+            _TodoListBaseAddress = configuration["TodoList:TodoListBaseAddress"];
         }
 
         public async Task<Todo> AddAsync(Todo todo)
@@ -72,8 +51,7 @@ public async Task<Todo> AddAsync(Todo todo)
 
             var jsonRequest = JsonConvert.SerializeObject(todo);
             var jsoncontent = new StringContent(jsonRequest, Encoding.UTF8, "application/json");
-
-            var response = await this._httpClient.PostAsync($"{this._TodoListBaseAddress}/api/todolist", jsoncontent);
+            var response = await this._httpClient.PostAsync($"{ _TodoListBaseAddress}/api/todolist", jsoncontent);
 
             if (response.StatusCode == HttpStatusCode.OK)
             {
@@ -90,7 +68,7 @@ public async Task DeleteAsync(int id)
         {
             await PrepareAuthenticatedClient();
 
-            var response = await this._httpClient.DeleteAsync($"{this._TodoListBaseAddress}/api/todolist/{id}");
+            var response = await _httpClient.DeleteAsync($"{ _TodoListBaseAddress}/api/todolist/{id}");
 
             if (response.StatusCode == HttpStatusCode.OK)
             {
@@ -106,8 +84,7 @@ public async Task<Todo> EditAsync(Todo todo)
 
             var jsonRequest = JsonConvert.SerializeObject(todo);
             var jsoncontent = new StringContent(jsonRequest, Encoding.UTF8, "application/json-patch+json");
-
-            var response = await this._httpClient.PatchAsync($"{this._TodoListBaseAddress}/api/todolist/{todo.Id}", jsoncontent);
+            var response = await _httpClient.PatchAsync($"{ _TodoListBaseAddress}/api/todolist/{todo.Id}", jsoncontent);
 
             if (response.StatusCode == HttpStatusCode.OK)
             {
@@ -123,8 +100,7 @@ public async Task<Todo> EditAsync(Todo todo)
         public async Task<IEnumerable<Todo>> GetAsync()
         {
             await PrepareAuthenticatedClient();
-
-            var response = await this._httpClient.GetAsync($"{this._TodoListBaseAddress}/api/todolist");
+            var response = await _httpClient.GetAsync($"{ _TodoListBaseAddress}/api/todolist");
             if (response.StatusCode == HttpStatusCode.OK)
             {
                 var content = await response.Content.ReadAsStringAsync();
@@ -138,17 +114,16 @@ public async Task<IEnumerable<Todo>> GetAsync()
 
         private async Task PrepareAuthenticatedClient()
         {
-            var accessToken = await this._tokenAcquisition.GetAccessTokenForUserAsync(new[] { this._TodoListScope });
+            var accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(new[] { _TodoListScope });
             Debug.WriteLine($"access token-{accessToken}");
-            this._httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
-            this._httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+            _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
+            _httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
         }
 
         public async Task<Todo> GetAsync(int id)
         {
             await PrepareAuthenticatedClient();
-
-            var response = await this._httpClient.GetAsync($"{this._TodoListBaseAddress}/api/todolist/{id}");
+            var response = await _httpClient.GetAsync($"{ _TodoListBaseAddress}/api/todolist/{id}");
             if (response.StatusCode == HttpStatusCode.OK)
             {
                 var content = await response.Content.ReadAsStringAsync();

4-WebApp-your-API/4-1-MyOrg/Client/Startup.cs

@@ -1,4 +1,7 @@
-using Microsoft.AspNetCore.Authorization;
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
@@ -7,7 +10,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Identity.Web;
 using Microsoft.Identity.Web.TokenCacheProviders.InMemory;
-using System.IdentityModel.Tokens.Jwt;
+
 using TodoListClient.Services;
 using Microsoft.Extensions.Hosting;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;

4-WebApp-your-API/4-1-MyOrg/Client/TodoListClient.csproj

@@ -22,6 +22,7 @@
   </ItemGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.DataProtection.Abstractions" Version="3.1.1" />
     <PackageReference Include="Microsoft.Graph" Version="1.16.0" />
     <PackageReference Include="WindowsAzure.Storage" Version="9.3.3" />
   </ItemGroup>

4-WebApp-your-API/4-1-MyOrg/TodoListService/Program.cs

@@ -1,26 +1,5 @@
-/*
- The MIT License (MIT)
-
-Copyright (c) 2018 Microsoft Corporation
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
- */
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Hosting;

4-WebApp-your-API/4-1-MyOrg/TodoListService/Startup.cs

@@ -1,34 +1,13 @@
-/*
- The MIT License (MIT)
-
-Copyright (c) 2018 Microsoft Corporation
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
- */
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Identity.Web;
-using System.IdentityModel.Tokens.Jwt;
+
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 
 namespace TodoListService

4-WebApp-your-API/4-2-B2C/Client/Controllers/HomeController.cs

@@ -0,0 +1,31 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Identity.Web;
+using System.Diagnostics;
+using WebApp_OpenIDConnect_DotNet.Models;
+
+namespace WebApp_OpenIDConnect_DotNet.Controllers
+{
+    [Authorize]
+    public class HomeController : Controller
+    {
+        private readonly ITokenAcquisition tokenAcquisition;
+
+        public HomeController(ITokenAcquisition tokenAcquisition)
+        {
+            this.tokenAcquisition = tokenAcquisition;
+        }
+
+        public IActionResult Index()
+        {
+            return View();
+        }
+
+        [AllowAnonymous]
+        [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+        public IActionResult Error()
+        {
+            return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
+        }
+    }
+}

4-WebApp-your-API/4-2-B2C/Client/Controllers/TodoListController.cs

@@ -0,0 +1,92 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Identity.Web;
+using System.Threading.Tasks;
+using TodoListClient.Services;
+using TodoListService.Models;
+
+namespace TodoListClient.Controllers
+{
+    public class TodoListController : Controller
+    {
+        private ITodoListService _todoListService;
+
+        public TodoListController(ITodoListService todoListService)
+        {
+            _todoListService = todoListService;
+        }
+
+        // GET: TodoList
+        [AuthorizeForScopes(ScopeKeySection = "TodoList:TodoListScope")]
+        public async Task<ActionResult> Index()
+        {
+            return View(await _todoListService.GetAsync());
+        }
+
+        // GET: TodoList/Details/5
+        public async Task<ActionResult> Details(int id)
+        {
+            return View(await _todoListService.GetAsync(id));
+        }
+
+        // GET: TodoList/Create
+        public ActionResult Create()
+        {
+            Todo todo = new Todo() { Owner = HttpContext.User.Identity.Name };
+            return View(todo);
+        }
+
+        // POST: TodoList/Create
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<ActionResult> Create([Bind("Title,Owner")] Todo todo)
+        {
+            await _todoListService.AddAsync(todo);
+            return RedirectToAction("Index");
+        }
+
+        // GET: TodoList/Edit/5
+        public async Task<ActionResult> Edit(int id)
+        {
+            Todo todo = await this._todoListService.GetAsync(id);
+
+            if (todo == null)
+            {
+                return NotFound();
+            }
+
+            return View(todo);
+        }
+
+        // POST: TodoList/Edit/5
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<ActionResult> Edit(int id, [Bind("Id,Title,Owner")] Todo todo)
+        {
+            await _todoListService.EditAsync(todo);
+            return RedirectToAction("Index");
+        }
+
+        // GET: TodoList/Delete/5
+        public async Task<ActionResult> Delete(int id)
+        {
+            Todo todo = await this._todoListService.GetAsync(id);
+
+            if (todo == null)
+            {
+                return NotFound();
+            }
+
+            return View(todo);
+        }
+
+        // POST: TodoList/Delete/5
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<ActionResult> Delete(int id, [Bind("Id,Title,Owner")] Todo todo)
+        {
+            await _todoListService.DeleteAsync(id);
+            return RedirectToAction("Index");
+        }
+    }
+}

4-WebApp-your-API/4-2-B2C/Client/Infrastructure/Constants.cs

@@ -0,0 +1,8 @@
+namespace WebApp_OpenIDConnect_DotNet.Infrastructure
+{
+    public static class Constants
+    {
+        public const string ScopeUserImpersonation = "user_impersonation";
+        public const string BearerAuthorizationScheme = "Bearer";
+    }
+}