Activities of "ysp"

Hi, Do you mean that i don't use AddMicrosoftIdentityWebApp, but instead just use .AddOpenIdConnect instead with IConfidentialClientApplication? Is it not possible to use AddMicrosoftIdentityWebApp?

I have an issue very similar to this: https://support.abp.io/QA/Questions/2666/Implementing-MicrosoftGraph-in-ABP-App

ABP Framework version: v5.3.4

UI type: Angular

DB provider: EF Core

Tiered (MVC) or Identity Server Separated (Angular): no

We are attempting to incorporate support for calling Microsoft Graph APIs in our ABP application, using the Microsoft.Graph package. We've already successfully implemented authentication using Azure AD accounts according to the directions in this post: https://community.abp.io/posts/how-to-use-the-azure-active-directory-authentication-for-mvc-razor-page-applications-4603b9cf (we used the second approach, using AddMicrosoftIdentityWebApp).

However, when attempting AddMicrosoftIdentityWebApp, login with Azure AD no longer works (when Azure AD is selected as the login option, the login page reloads without logging in). Here is the code for configuring the authentication:

context.Services
    // Use OpenId authentication
    .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)


    // Specify this is a web app and needs auth code flow
    .AddMicrosoftIdentityWebApp(options =>
    {
        configuration.Bind("AzureAd", options);
        options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"] + "/v2.0/";

        options.Scope.Add("email user.read");
        options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");

        // This causes the signin to prompt the user for which
        // account to use - useful when there are multiple accounts signed
        // into the browser
        options.Prompt = "select_account";

        options.TokenValidationParameters.SaveSigninToken = true;
        options.RequireHttpsMetadata = false;
        options.SaveTokens = true;
        options.GetClaimsFromUserInfoEndpoint = true;

    })
    // Add ability to call web API (Graph)
    // and get access tokens
    .EnableTokenAcquisitionToCallDownstreamApi(options => { }, GraphConstants.Scopes)
    // Add a GraphServiceClient via dependency injection
    .AddMicrosoftGraph(options =>
    {
        options.Scopes = string.Join(' ', GraphConstants.Scopes);
    })
    // Use in-memory token cache
    // See https://github.com/AzureAD/microsoft-identity-web/wiki/token-cache-serialization
    .AddInMemoryTokenCaches();

Does this option work with ABP?

Showing 1 to 2 of 2 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09