Adding CAE to sample

[salman90]

Purpose

• Adding CAE to sample

Does this introduce a breaking change?

[ x ] Yes
[ ] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[ x ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

• Get the code

git https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial.git
cd 2-Authorization-I/1-call-graph/SPA
git checkout  supporting-CAE
npm install

• Test the code

What to Check

Verify that the following are valid

• ...

Other Information

[derisen]

let's move the http client into the service file (graph.service). the component shouldn't do http calls by itself

[derisen]

should the key schema also contain something to identify which resource this claims challenge is for?

[derisen]

Looks good to me -couple of comments to address, but it's working fine. thanks @salman90

[kalyankrishna1]

PS prints the following, please remove

• Navigate to the Manifest page, find the 'replyUrlsWithType' section and change the type of redirect URI to 'Spa'

[kalyankrishna1]

@derisen , please add a section about cliant capabilities and code handling CAE (as explained in https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/blob/master/2-WebApp-graph-user/2-1-Call-MSGraph/README.md#optional---handle-continuous-access-evaluation-cae-challenge-from-microsoft-graph) in the following tow readme and the code generator

1. This sample's readme
2. "D:\github\Azure-Samples\ms-identity-javascript-react-tutorial\2-Authorization-I\1-call-graph\README.md"

In the codegen, please append a task to generate a stub about CAE whenever the "service" in sample.json is MS Graph.

Thanks

[kalyankrishna1]

pressing the login button throws the following error

getPrototypeOf.js:5980 ERROR ServerError: invalid_request: 9002326 - [2022-08-17 11:05:16Z]: AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. Request origin: 'http://localhost:4200'.
Trace ID: 6d13a6b6-3d2d-44cd-8645-cce70ad55501
Correlation ID: d3d17b46-8c16-4541-87b6-39b23dc9842e
Timestamp: 2022-08-17 11:05:16Z - Correlation ID: d3d17b46-8c16-4541-87b6-39b23dc9842e - Trace ID: 6d13a6b6-3d2d-44cd-8645-cce70ad55501
at ServerError.AuthError [as constructor] (AuthError.ts:40:9)
at new ServerError (ServerError.ts:14:9)
at ResponseHandler.validateTokenResponse (virtual-scroll-strategy.ts:99:19)
at AuthorizationCodeClient. (AuthorizationCodeClient.ts:82:25)
at step (vendor.js:131492:19)
at Object.next (vendor.js:131422:14)
at fulfilled (vendor.js:131376:24)
at ZoneDelegate.invoke (zone.js:386:30)
at Object.onInvoke (getPrototypeOf.js:28301:33)
at ZoneDelegate.invoke (zone.js:385:36)

[derisen]

pressing the login button throws the following error

getPrototypeOf.js:5980 ERROR ServerError: invalid_request: 9002326 - [2022-08-17 11:05:16Z]: AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. Request origin: 'http://localhost:4200'. Trace ID: 6d13a6b6-3d2d-44cd-8645-cce70ad55501 Correlation ID: d3d17b46-8c16-4541-87b6-39b23dc9842e Timestamp: 2022-08-17 11:05:16Z - Correlation ID: d3d17b46-8c16-4541-87b6-39b23dc9842e - Trace ID: 6d13a6b6-3d2d-44cd-8645-cce70ad55501 at ServerError.AuthError [as constructor] (AuthError.ts:40:9) at new ServerError (ServerError.ts:14:9) at ResponseHandler.validateTokenResponse (virtual-scroll-strategy.ts:99:19) at AuthorizationCodeClient. (AuthorizationCodeClient.ts:82:25) at step (vendor.js:131492:19) at Object.next (vendor.js:131422:14) at fulfilled (vendor.js:131376:24) at ZoneDelegate.invoke (zone.js:386:30) at Object.onInvoke (getPrototypeOf.js:28301:33) at ZoneDelegate.invoke (zone.js:385:36)

This is because the redirect Uri is not of type SPA. The scripts are using Azure AD module, which can't register a SPA, so it needs to be manually changed for now.

[kalyankrishna1]