review changes

Author: derisen

2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF/ClientApp/src/components/FetchGraph.js

@@ -37,9 +37,12 @@ export class FetchGraph extends Component {
   getGraphProfile = async () => {
     try {
       const response = await fetch('api/profile');
+
       if (response.ok) {
         const data = await response.json();
         this.setState({ profile: data, loading: false }); 
+      } else if (response.status === 401) {
+        this.props.login();
       }
     } catch (error) {
       console.log(error);

2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF/Controllers/AuthController.cs

@@ -38,7 +38,7 @@ public async Task<ActionResult> Logout()
     [HttpGet("account")]
     public ActionResult GetAccount()
     {
-        if (User.Identity.IsAuthenticated)
+        if (User.Identity != null && User.Identity.IsAuthenticated)
         {
             var claims = ((ClaimsIdentity)this.User.Identity).Claims
                 .Select(c => new { type = c.Type, value = c.Value })

2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF/Controllers/ProfileController.cs

@@ -1,14 +1,12 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.Identity.Client;
 using Microsoft.Identity.Web;
 using Microsoft.Graph;
 
 namespace TodoListBFF.Controllers;
 
 [Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)]
-[AuthorizeForScopes(Scopes = new string[] { "user.read" })]
 [Route("api/[controller]")]
 [ApiController]
 public class ProfileController : Controller
@@ -32,13 +30,13 @@ public async Task<ActionResult<User>> GetProfile()
 
             return Ok(profile);
         }
-        catch (ServiceException svcex) when (svcex.Message.Contains("Continuous access evaluation"))
+        catch (ServiceException svcex) when (svcex.InnerException != null && svcex.InnerException.Message.Contains("MsalUiRequiredException"))
         {
-            return Unauthorized("Continuous access evaluation challenge occurred\n" + svcex.Message);
+            return Unauthorized("MsalUiRequiredException occurred. Please sign-in again.\n" + svcex.Message);
         }
-        catch (MsalUiRequiredException ex)
+        catch (ServiceException svcex) when (svcex.Message.Contains("Continuous access evaluation"))
         {
-            return Unauthorized("MsalUiRequiredException occurred while calling the downstream API\n" + ex.Message);
+            return Unauthorized("Continuous access evaluation challenge occurred. Please sign-in again.\n" + svcex.Message);
         }
         catch (Exception ex)
         {

2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF/Program.cs

@@ -24,18 +24,6 @@
     options.Cookie.IsEssential = true;
 
     options.Events = new RejectSessionCookieWhenAccountNotInCacheEvents();
-
-    //options.Events.OnRedirectToLogin = context =>
-    //{
-    //    context.Response.StatusCode = 401;
-    //    return Task.CompletedTask;
-    //};
-
-    //options.Events.OnRedirectToAccessDenied = context =>
-    //{
-    //    context.Response.StatusCode = 401;
-    //    return Task.CompletedTask;
-    //};
 });
 
 builder.Services.AddControllersWithViews()

2-WebApp-graph-user/2-6-BFF-Proxy/README.md

@@ -71,10 +71,19 @@ or download and extract the repository *.zip* file.
 ### Step 2: Navigate to project folder
 
 ```console
-    cd 2-WebApp-graph-user/2-6-BFF-Proxy
+    cd 2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF
 ```
 
-### Step 3: Register the sample application(s) in your tenant
+### Step 3. Trust development certificates
+
+```console
+   dotnet dev-certs https --clean
+   dotnet dev-certs https --trust
+```
+
+For more information and potential issues, see: [HTTPS in .NET Core](https://docs.microsoft.com/aspnet/core/security/enforcing-ssl).
+
+### Step 4: Register the sample application(s) in your tenant
 
 There is one project in this sample. To register it, you can:
 
@@ -166,12 +175,12 @@ Open the project in your IDE (like Visual Studio or Visual Studio Code) to confi
 1. Find the key `ClientId` and replace the existing value with the application ID (clientId) of `CallGraphBFF` app copied from the Azure portal.
 1. Find the key `ClientSecret` and replace the existing value with the generated secret that you saved during the creation of `CallGraphBFF` copied from the Azure portal.
 
-### Step 4: Running the sample
+### Step 5: Running the sample
 
 From your shell or command line, execute the following commands:
 
 ```console
-    cd 2-WebApp-graph-user/2-6-BFF-Proxy
+    cd 2-WebApp-graph-user/2-6-BFF-Proxy/CallGraphBFF
     dotnet run
 ```