Update Microsoft Identity Web to 0.2.2-preview. (#155)

pmaytak · web-flow · commit f6ad19103f0b · 2020-08-07T09:52:28.000-07:00
diff --git a/1. Desktop app calls Web API/TodoListService/TodoListService.csproj b/1. Desktop app calls Web API/TodoListService/TodoListService.csproj
@@ -7,6 +7,6 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.1-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.2-preview" />
   </ItemGroup>
 </Project>
diff --git a/2. Web API now calls Microsoft Graph/README-incremental.md b/2. Web API now calls Microsoft Graph/README-incremental.md
@@ -169,10 +169,15 @@ This method:
         // we use MSAL.NET to get a token to call the API On Behalf Of the current user
         try
         {
-            string accessToken = await tokenAcquisition.GetAccessTokenOnBehalfOfUser(HttpContext, scopes);
+            string accessToken = await tokenAcquisition.GetAccessTokenForUserAsync(scopes);
             dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);
             return me.userPrincipalName;
         }
+        catch (MicrosoftIdentityWebChallengeUserException ex)
+        {
+            await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex.MsalUiRequiredException);
+            return string.Empty;
+        }
         catch (MsalUiRequiredException ex)
         {
             await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex);
diff --git a/2. Web API now calls Microsoft Graph/README.md b/2. Web API now calls Microsoft Graph/README.md
@@ -338,10 +338,15 @@ This method:
         // we use MSAL.NET to get a token to call the API On Behalf Of the current user
         try
         {
-            string accessToken = await tokenAcquisition.GetAccessTokenOnBehalfOfUser(HttpContext, scopes);
+            string accessToken = await tokenAcquisition.GetAccessTokenForUserAsync(scopes);
             dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);
             return me.userPrincipalName;
         }
+        catch (MicrosoftIdentityWebChallengeUserException ex)
+        {
+            await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex.MsalUiRequiredException);
+            return string.Empty;
+        }
         catch (MsalUiRequiredException ex)
         {
             await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex);
@@ -354,7 +359,7 @@ This method:
 
 #### On the Web API side
 
-An interesting piece is how `MsalUiRequiredException` are handled. These exceptions are typically sent by Azure AD when there is a need for a user interaction. This can be the case when the user needs to re-sign-in, or needs to grant some additional consent, or to obtain additional claims. For instance, the user might need to do multi-factor authentication required specifically by a specific downstream API. When these exceptions happen, given that the Web API does not have any UI, it needs to challenge the client app passing all the required information, so this client app can handle the interaction with the user.
+An interesting piece is how `MicrosoftIdentityWebChallengeUserException` are handled. These exceptions are typically sent by Azure AD when there is a need for a user interaction. This can be the case when the user needs to re-sign-in, or needs to grant some additional consent, or to obtain additional claims. For instance, the user might need to do multi-factor authentication required specifically by a specific downstream API. When these exceptions happen, given that the Web API does not have any UI, it needs to challenge the client app passing all the required information, so this client app can handle the interaction with the user.
 
 This sample uses the `ReplyForbiddenWithWwwAuthenticateHeaderAsync` available on the `TokenAcquisition` service (part of Microsoft.Identity.Web library), which uses the HttpResponse to:
 
diff --git a/2. Web API now calls Microsoft Graph/TodoListService/Controllers/TodoListController.cs b/2. Web API now calls Microsoft Graph/TodoListService/Controllers/TodoListController.cs
@@ -97,6 +97,11 @@ public async Task<string> CallGraphApiOnBehalfOfUser()
                 dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);
                 return me.UserPrincipalName;
             }
+            catch (MicrosoftIdentityWebChallengeUserException ex)
+            {
+                await _tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex.MsalUiRequiredException);
+                return string.Empty;
+            }
             catch (MsalUiRequiredException ex)
             {
                 await _tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex);
diff --git a/2. Web API now calls Microsoft Graph/TodoListService/TodoListService.csproj b/2. Web API now calls Microsoft Graph/TodoListService/TodoListService.csproj
@@ -11,7 +11,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.1-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.2-preview" />
     <PackageReference Include="Microsoft.Graph" Version="3.8.0" />
   </ItemGroup>
 
diff --git a/4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/Microsoft.Identity.Web.Future.csproj b/4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/Microsoft.Identity.Web.Future.csproj
@@ -41,7 +41,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.1-preview" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="0.2.2-preview" />
     <PackageReference Include="Microsoft.IdentityModel.Protocols.SignedHttpRequest" Version="6.7.1" />
     <PackageReference Include="System.Collections" Version="4.3.0" />
     <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="6.7.1" />

Original file line number	Diff line number	Diff line change
`@@ -169,10 +169,15 @@ This method:`
`169`	`169`	`// we use MSAL.NET to get a token to call the API On Behalf Of the current user`
`170`	`170`	`try`
`171`	`171`	`{`
`172`		`- string accessToken = await tokenAcquisition.GetAccessTokenOnBehalfOfUser(HttpContext, scopes);`
	`172`	`+ string accessToken = await tokenAcquisition.GetAccessTokenForUserAsync(scopes);`
`173`	`173`	`dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);`
`174`	`174`	`return me.userPrincipalName;`
`175`	`175`	`}`
	`176`	`+ catch (MicrosoftIdentityWebChallengeUserException ex)`
	`177`	`+ {`
	`178`	`+ await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex.MsalUiRequiredException);`
	`179`	`+ return string.Empty;`
	`180`	`+ }`
`176`	`181`	`catch (MsalUiRequiredException ex)`
`177`	`182`	`{`
`178`	`183`	`await tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex);`
Original file line number	Diff line number	Diff line change
`@@ -97,6 +97,11 @@ public async Task<string> CallGraphApiOnBehalfOfUser()`
`97`	`97`	`dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);`
`98`	`98`	`return me.UserPrincipalName;`
`99`	`99`	`}`
	`100`	`+ catch (MicrosoftIdentityWebChallengeUserException ex)`
	`101`	`+ {`
	`102`	`+ await _tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex.MsalUiRequiredException);`
	`103`	`+ return string.Empty;`
	`104`	`+ }`
`100`	`105`	`catch (MsalUiRequiredException ex)`
`101`	`106`	`{`
`102`	`107`	`await _tokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeaderAsync(scopes, ex);`