Merge pull request #174 from Azure-Samples/tibre/mergeFixes

Tiago Brenck · web-flow · commit 0ba646fd2bea · 2019-09-05T11:40:57.000-07:00
Merge Fixes
diff --git a/4-WebApp-your-API/Client/Startup.cs b/4-WebApp-your-API/Client/Startup.cs
@@ -40,7 +40,7 @@ public void ConfigureServices(IServiceCollection services)
             // By default, the claims mapping will map claim names in the old format to accommodate older SAML applications.
             // 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role' instead of 'roles'
             // This flag ensures that the ClaimsIdentity claims collection will be built from the claims in the token
-            JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
+            //JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
 
             // Token acquisition service based on MSAL.NET
             // and chosen token cache implementation
diff --git a/4-WebApp-your-API/TodoListService/Startup.cs b/4-WebApp-your-API/TodoListService/Startup.cs
@@ -51,13 +51,9 @@ public void ConfigureServices(IServiceCollection services)
             // By default, the claims mapping will map claim names in the old format to accommodate older SAML applications.
             // 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role' instead of 'roles'
             // This flag ensures that the ClaimsIdentity claims collection will be built from the claims in the token
-            JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
+            //JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
 
             services.AddProtectedWebApi(Configuration);
-            services.Configure<JwtBearerOptions>(AzureADDefaults.JwtBearerAuthenticationScheme, options =>
-            {
-                options.TokenValidationParameters.NameClaimType = "name";
-            });
 
             services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
         }
diff --git a/5-WebApp-AuthZ/5-1-Roles/appsettings.json b/5-WebApp-AuthZ/5-1-Roles/appsettings.json
@@ -1,21 +1,20 @@
 {
-  "AzureAd": {
-    "Instance": "https://login.microsoftonline.com/",
-    "Domain": "kalyankrishna.com",
-    "TenantId": "4d39e77c-b0f3-4253-ae0b-7068ddd47949",
-    "ClientId": "7f1d4458-72e7-41b5-ad81-103bd6e307b7",
-    "CallbackPath": "/signin-oidc",
-    "SignedOutCallbackPath ": "/signout-callback-oidc",
+	"AzureAd": {
+		"Instance": "https://login.microsoftonline.com/",
+		"Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
+		"TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
+		"ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
+		"CallbackPath": "/signin-oidc",
+		"SignedOutCallbackPath ": "/signout-callback-oidc",
 
-    // To call an API
-    "ClientSecret": "9Y7lZKjDwKYZC3Ut1S8Dzg3TmAqVEJKUIbmIbH0jMdM="
-
-  },
-  "Logging": {
-    "LogLevel": {
-      "Default": "Warning"
-    }
-  },
-  "AllowedHosts": "*",
-  "GraphApiUrl": "https://graph.microsoft.com/beta"
+		// To call an API
+		"ClientSecret": "[Copy the client secret added to the app from the Azure portal]"
+	},
+	"Logging": {
+		"LogLevel": {
+			"Default": "Warning"
+		}
+	},
+	"AllowedHosts": "*",
+	"GraphApiUrl": "https://graph.microsoft.com/beta"
 }
diff --git a/Microsoft.Identity.Web/WebApiServiceCollectionExtensions.cs b/Microsoft.Identity.Web/WebApiServiceCollectionExtensions.cs
@@ -41,12 +41,10 @@ public static IServiceCollection AddProtectedWebApi(
             string configSectionName = "AzureAD",
             bool subscribeToJwtBearerMiddlewareDiagnosticsEvents = false)
         {
-            services.Configure<AzureADOptions>(options => configuration.Bind(configSectionName, options));
             services.AddAuthentication(AzureADDefaults.JwtBearerAuthenticationScheme)
                     .AddAzureADBearer(options => configuration.Bind(configSectionName, options));
 
-            // Add session if you are planning to use session based token cache , .AddSessionTokenCaches()
-            // services.AddSession(); // Commented as we cannot force session on someone who wants to use an alternative token cache provider.
+            services.AddHttpContextAccessor();
 
             // Change the authentication configuration to accommodate the Microsoft identity platform endpoint (v2.0).
             services.Configure<JwtBearerOptions>(AzureADDefaults.JwtBearerAuthenticationScheme, options =>
