Open Closed

Token Authentication #5253


User avatar
0
in4tek.abp created
  • ABP Framework version: v7.2.0
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes

Hi, I have a question about the functionality Microsoft Azure Login. I would retrieve the token authentication double-via to pass PowerBI Dashboard, but i don't found the code about it. Can you help me? Tnx


10 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    HI,

    Can you explain it in detail? thanks.

  • User Avatar
    0
    in4tek.abp created

    Hi, I logged into my abp application with Microsoft account; now, I would like to embed PowerBI Dashboard, but to do this I need to have a Token to pass to PowerBI. I can't intercept the token... How can I do it? Thank you

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You can try :

    .AddMicrosoftAccount(MicrosoftAccountDefaults.AuthenticationScheme, options =>
    {
        //Personal Microsoft accounts as an example.
        options.AuthorizationEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize";
        options.TokenEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token";
        options.Events.OnCreatingTicket = ticketContext =>
        {
            ticketContext.Identity.AddClaim(new Claim("urn:microsoftaccount:access_token", ticketContext.AccessToken));
            return  Task.CompletedTask;
        };
        
    })
    

    Azure access token is added to the claim

  • User Avatar
    0
    in4tek.abp created

    Thank you so much Now, I would to have the token in Controller or Service, but when I look into the "CurrentUser", after Microsoft Login to retireve Claims, it's Empty. What is the best practice to do this? The Token is necessary to call PowerBI Dashboard, thank you.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    You can set the SaveTokens to true:

    .AddMicrosoftAccount(MicrosoftAccountDefaults.AuthenticationScheme, options =>
    {
        //Personal Microsoft accounts as an example.
        options.AuthorizationEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize";
        options.TokenEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token";
        
        options.SaveTokens = true;    
    
        options.Events.OnCreatingTicket = ticketContext =>
        {
            ticketContext.Identity.AddClaim(new Claim("urn:microsoftaccount:access_token", ticketContext.AccessToken));
            return  Task.CompletedTask;
        };
        
    })
    
    HttpContext.GetTokenAsync(scheme: MicrosoftAccountDefaults.AuthenticationScheme,"access_token");
    
  • User Avatar
    0
    in4tek.abp created

    Thank you liangshiwei. Last question... is there a link where it is explain embedding PowerBI in angular abp application? With API calls, of course. tnx

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    I think this is not related to ABP, I'm not a PowerBI expert.

    You can check those:

    • https://github.com/microsoft/powerbi-client-angular
    • https://learn.microsoft.com/en-us/javascript/api/overview/powerbi/powerbi-client-angular
  • User Avatar
    0
    in4tek.abp created

    You can set the SaveTokens to true:

    .AddMicrosoftAccount(MicrosoftAccountDefaults.AuthenticationScheme, options => 
    { 
        //Personal Microsoft accounts as an example. 
        options.AuthorizationEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize"; 
        options.TokenEndpoint = "https://login.microsoftonline.com/consumers/oauth2/v2.0/token"; 
         
        options.SaveTokens = true;     
     
        options.Events.OnCreatingTicket = ticketContext => 
        { 
            ticketContext.Identity.AddClaim(new Claim("urn:microsoftaccount:access_token", ticketContext.AccessToken)); 
            return  Task.CompletedTask; 
        }; 
         
    }) 
    
    HttpContext.GetTokenAsync(scheme: MicrosoftAccountDefaults.AuthenticationScheme,"access_token"); 
    

    Hi, I added this code in my application, but whe i check into the httpContext to find the value of token, it's empty I must have its value available in the controller Thank you

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Please try:

    using IdentityUser = Volo.Abp.Identity.IdentityUser;
    
    [Dependency(ServiceLifetime.Transient, ReplaceServices = true)]
    [ExposeServices(typeof(SignInManager<IdentityUser>))]
    public class MySignInManager : SignInManager<IdentityUser>
    {
        public MySignInManager(Microsoft.AspNetCore.Identity.UserManager<IdentityUser> userManager,
            IHttpContextAccessor contextAccessor,
            Microsoft.AspNetCore.Identity.IUserClaimsPrincipalFactory<IdentityUser> claimsFactory,
            IOptions<IdentityOptions> optionsAccessor, ILogger<SignInManager<IdentityUser>> logger,
            IAuthenticationSchemeProvider schemes, IUserConfirmation<IdentityUser> confirmation) : base(userManager,
            contextAccessor, claimsFactory, optionsAccessor, logger, schemes, confirmation)
        {
        }
    
        public override async Task SignInAsync(IdentityUser user, AuthenticationProperties authenticationProperties,
            string authenticationMethod = null)
        {
            if (authenticationMethod == "AzureOpenId") // is github external login
            {
                var githubAuthenticateResult = await Context.AuthenticateAsync(IdentityConstants.ExternalScheme);
                if (githubAuthenticateResult.Succeeded)
                {
                    if (githubAuthenticateResult.Properties != null)
                    {
                        authenticationProperties.StoreTokens(githubAuthenticateResult.Properties.GetTokens());
                    }
                }
            }
    
            await base.SignInAsync(user, authenticationProperties, authenticationMethod);
        }
    }
    
    var accessToken = await HttpContext.GetTokenAsync( OpenIdConnectParameterNames.AccessToken);
    
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    AzureAD config:

    context.Services.AddAuthentication()
    .AddOpenIdConnect("AzureOpenId", "Azure AD OpenId", options =>
    {
        options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"] + "/v2.0/";
        options.ClientId = configuration["AzureAd:ClientId"];
        options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
        options.CallbackPath = configuration["AzureAd:CallbackPath"];
        options.ClientSecret = configuration["AzureAd:ClientSecret"];
        options.RequireHttpsMetadata = false;
        options.SaveTokens = true;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.Scope.Add("email");
        options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
      
    })
    
Made with ❤️ on ABP v9.1.0-preview. Updated on November 01, 2024, 05:35