WIP

Author: Kalyan Krishna

.gitignore

@@ -84,3 +84,4 @@
 /4-WebApp-your-API/4-1-Your-API/.vs/WebApp-OpenIDConnect-DotNet/v16
 /4-WebApp-your-API/4-1-Your-API/Client/bin/Debug/netcoreapp2.2
 /4-WebApp-your-API/4-1-Your-API/Client/obj
+/4-WebApp-your-API/4-1-Your-API/.vs/WebApp-OpenIDConnect-DotNet

4-WebApp-your-API/4-1-Your-API/Client/Controllers/TodoListController.cs

@@ -0,0 +1,101 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Identity.Web.Client;
+
+namespace TodoListClient.Controllers
+{
+    public class TodoListController : Controller
+    {
+        ITokenAcquisition _tokenAcquisition;
+
+        public TodoListController(ITokenAcquisition tokenAcquisition)
+        {
+            _tokenAcquisition = tokenAcquisition;
+        }
+
+        // GET: TodoList
+        public ActionResult Index()
+        {
+            return View();
+        }
+
+        // GET: TodoList/Details/5
+        public ActionResult Details(int id)
+        {
+            return View();
+        }
+
+        // GET: TodoList/Create
+        public ActionResult Create()
+        {
+            return View();
+        }
+
+        // POST: TodoList/Create
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public ActionResult Create(IFormCollection collection)
+        {
+            try
+            {
+                // TODO: Add insert logic here
+
+                return RedirectToAction(nameof(Index));
+            }
+            catch
+            {
+                return View();
+            }
+        }
+
+        // GET: TodoList/Edit/5
+        public ActionResult Edit(int id)
+        {
+            return View();
+        }
+
+        // POST: TodoList/Edit/5
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public ActionResult Edit(int id, IFormCollection collection)
+        {
+            try
+            {
+                // TODO: Add update logic here
+
+                return RedirectToAction(nameof(Index));
+            }
+            catch
+            {
+                return View();
+            }
+        }
+
+        // GET: TodoList/Delete/5
+        public ActionResult Delete(int id)
+        {
+            return View();
+        }
+
+        // POST: TodoList/Delete/5
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public ActionResult Delete(int id, IFormCollection collection)
+        {
+            try
+            {
+                // TODO: Add delete logic here
+
+                return RedirectToAction(nameof(Index));
+            }
+            catch
+            {
+                return View();
+            }
+        }
+    }
+}

4-WebApp-your-API/4-1-Your-API/Client/Infrastructure/Constants.cs

@@ -2,7 +2,7 @@ namespace WebApp_OpenIDConnect_DotNet.Infrastructure
 {
     public static class Constants
     {
-        public const string ScopeUserRead = "User.Read";
+        public const string ScopeUserImpersonation = "user_impersonation";
         public const string BearerAuthorizationScheme = "Bearer";
     }
 }

4-WebApp-your-API/4-1-Your-API/Client/Models/TodoItem.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace TodoListClient.Models
+{
+    public class Todo
+    {
+        public string Title { get; set; }
+    }
+}

4-WebApp-your-API/4-1-Your-API/Client/Properties/launchSettings.json

@@ -3,7 +3,7 @@
     "windowsAuthentication": false,
     "anonymousAuthentication": true,
     "iisExpress": {
-      "applicationUrl": "http://localhost:3110/",
+      "applicationUrl": "https://localhost:44321/",
       "sslPort": 44321
     }
   },

4-WebApp-your-API/4-1-Your-API/Client/Startup.cs

@@ -37,7 +37,7 @@ public void ConfigureServices(IServiceCollection services)
             // Token acquisition service based on MSAL.NET
             // and chosen token cache implementation
             services.AddAzureAdV2Authentication(Configuration)
-                    .AddMsal(new string[] { Constants.ScopeUserRead })
+                    .AddMsal(new string[] { Constants.ScopeUserImpersonation })
                     .AddInMemoryTokenCaches();
 
             // Add APIs

4-WebApp-your-API/4-1-Your-API/Client/TodoListClient.csproj

@@ -21,6 +21,7 @@
     <PackageReference Include="Microsoft.AspNetCore.App" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.AzureAD.UI" Version="2.2.0" />
     <PackageReference Include="Microsoft.Graph" Version="1.12.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="2.2.3" />
     <PackageReference Include="WindowsAzure.Storage" Version="9.3.3" />
   </ItemGroup>
 

4-WebApp-your-API/4-1-Your-API/Client/Views/TodoList/Index.cshtml

@@ -0,0 +1,35 @@
+@model IEnumerable<TodoListClient.Models.Todo>
+
+@{
+    ViewData["Title"] = "Index";
+}
+
+<h2>Index</h2>
+
+<p>
+    <a asp-action="Create">Create New</a>
+</p>
+<table class="table">
+    <thead>
+        <tr>
+            <th>
+                @Html.DisplayNameFor(model => model.Title)
+            </th>
+            <th></th>
+        </tr>
+    </thead>
+    <tbody>
+@foreach (var item in Model) {
+        <tr>
+            <td>
+                @Html.DisplayFor(modelItem => item.Title)
+            </td>
+            <td>
+                @Html.ActionLink("Edit", "Edit", new { /* id=item.PrimaryKey */ }) |
+                @Html.ActionLink("Details", "Details", new { /* id=item.PrimaryKey */ }) |
+                @Html.ActionLink("Delete", "Delete", new { /* id=item.PrimaryKey */ })
+            </td>
+        </tr>
+}
+    </tbody>
+</table>

4-WebApp-your-API/4-1-Your-API/Client/appsettings.json

@@ -3,19 +3,27 @@
     "Instance": "https://login.microsoftonline.com/",
     "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
     "TenantId": "[Enter 'common', or 'organizations' or the Tenant Id (Obtained from the Azure portal. Select 'Endpoints' from the 'App registrations' blade and use the GUID in any of the URLs), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
-    "ClientId": "[Enter the Client Id (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
+    "ClientId": "[Enter the Client Id of the web app (Application ID obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
     "CallbackPath": "/signin-oidc",
     "SignedOutCallbackPath ": "/signout-callback-oidc",
 
     // To call an API
-    "ClientSecret": "[Copy the client secret added to the app from the Azure portal]"
+    "ClientSecret": "[Copy the client secret added to the app from the Azure portal]",
+
+    /*
+      TodoListScope is the scope of the Web API you want to call. This can be: "api://bf3599a0-9ea9-4532-b623-4351a8c7ee74/user_impersonation",
+      - a scope for a V2 application (for instance api://b3682cc7-8b30-4bd2-aaba-080c6bf0fd31/access_as_user)
+      - a scope corresponding to a V1 application (for instance <GUID>/user_impersonation, where  <GUID> is the
+        clientId of a V1 application, created in the https://portal.azure.com portal.
+    */
+    "TodoListScope": "api://[Enter_client_ID_Of_TodoListService-v2_from_Azure_Portal,_e.g._2ec40e65-ba09-4853-bcde-bcb60029e596]/user_impersonation",
+    "TodoListBaseAddress": "https://localhost:44351/"
 
   },
   "Logging": {
     "LogLevel": {
       "Default": "Warning"
     }
   },
-  "AllowedHosts": "*",
-  "GraphApiUrl": "https://graph.microsoft.com"
+  "AllowedHosts": "*"
 }