Jmprieur/fix with graph service (#87)

jmprieur · web-flow · commit 407932f4e583 · 2019-04-09T18:53:53.000+02:00
* Improving the MsalUiRequiredExceptionFilterAttribute so that it accepts MsalUiRequiredExceptions as inner exceptions.

Refactoring of the HomeController to extract the creation of the GraphServiceClient, and moving the acquisition of the token in authentication provider callback

* Renaming
diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/Controllers/HomeController.cs b/2-WebApp-graph-user/2-1-Call-MSGraph/Controllers/HomeController.cs
@@ -5,6 +5,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+using Graph=Microsoft.Graph;
 using Microsoft.Identity.Web.Client;
 using WebApp_OpenIDConnect_DotNet.Infrastructure;
 using WebApp_OpenIDConnect_DotNet.Models;
@@ -15,13 +16,13 @@ namespace WebApp_OpenIDConnect_DotNet.Controllers
     [Authorize]
     public class HomeController : Controller
     {
-        readonly         ITokenAcquisition   tokenAcquisition;
-        readonly         WebOptions          webOptions;
+        readonly ITokenAcquisition tokenAcquisition;
+        readonly WebOptions webOptions;
 
-        public HomeController(ITokenAcquisition   tokenAcquisition,
+        public HomeController(ITokenAcquisition tokenAcquisition,
                               IOptions<WebOptions> webOptionValue)
         {
-            this.tokenAcquisition   = tokenAcquisition;
+            this.tokenAcquisition = tokenAcquisition;
             this.webOptions = webOptionValue.Value;
         }
 
@@ -30,18 +31,12 @@ public IActionResult Index()
             return View();
         }
 
-        [MsalUiRequiredExceptionFilter(Scopes = new[] {Constants.ScopeUserRead})]
+        [MsalUiRequiredExceptionFilter(Scopes = new[] { Constants.ScopeUserRead })]
         public async Task<IActionResult> Profile()
         {
-            // Initialize the GraphServiceClient.   
-            var graphClient = await GraphServiceClientFactory.GetAuthenticatedGraphClient(async () =>
-            {
-                string result = await tokenAcquisition.GetAccessTokenOnBehalfOfUser(
-                       HttpContext, new[] { Constants.ScopeUserRead });
-                return result;
-            }, webOptions.GraphApiUrl);
+            // Initialize the GraphServiceClient. 
+            Graph::GraphServiceClient graphClient = GetGraphServiceClient(new[] { Constants.ScopeUserRead });
 
-            // Get user profile info.
             var me = await graphClient.Me.Request().GetAsync();
             ViewData["Me"] = me;
 
@@ -55,16 +50,26 @@ public async Task<IActionResult> Profile()
             catch (System.Exception)
             {
                 ViewData["Photo"] = null;
-            }                       
+            }
 
             return View();
         }
 
+        private Graph::GraphServiceClient GetGraphServiceClient(string[] scopes)
+        {
+            return GraphServiceClientFactory.GetAuthenticatedGraphClient(async () =>
+            {
+                string result = await tokenAcquisition.GetAccessTokenOnBehalfOfUser(
+                       HttpContext, scopes);
+                return result;
+            }, webOptions.GraphApiUrl);
+        }
+
         [AllowAnonymous]
         [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
         public IActionResult Error()
         {
-            return View(new ErrorViewModel {RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier});
+            return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
         }
     }
 }
diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/Services/GraphServiceClientFactory.cs b/2-WebApp-graph-user/2-1-Call-MSGraph/Services/GraphServiceClientFactory.cs
@@ -1,27 +1,37 @@
 ﻿using Microsoft.Graph;
 using System;
-using System.Collections.Generic;
-using System.Linq;
+using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Threading.Tasks;
 
 namespace WebApp_OpenIDConnect_DotNet.Services
 {
     public class GraphServiceClientFactory
     {
-        public static async Task<GraphServiceClient> GetAuthenticatedGraphClient(Func<Task<string>> acquireAccessToken, 
+        public static GraphServiceClient GetAuthenticatedGraphClient(Func<Task<string>> acquireAccessToken, 
                                                                                  string baseUrl = null)
         {
-            // Fetch the access token
+  
+            return new GraphServiceClient(baseUrl, new CustomAuthenticationProvider(acquireAccessToken));
+        }
+    }
+
+    class CustomAuthenticationProvider : IAuthenticationProvider
+    {
+        public CustomAuthenticationProvider(Func<Task<string>> acquireTokenCallback)
+        {
+            acquireAccessToken = acquireTokenCallback;
+        }
+
+        private Func<Task<string>> acquireAccessToken;
+
+        public async Task AuthenticateRequestAsync(HttpRequestMessage request)
+        {
             string accessToken = await acquireAccessToken.Invoke();
 
-            return new GraphServiceClient(baseUrl, new DelegateAuthenticationProvider(
-                    async (requestMessage) =>
-                    {
-                        // Append the access token to the request.
-                        requestMessage.Headers.Authorization = new AuthenticationHeaderValue(
-                            Infrastructure.Constants.BearerAuthorizationScheme, accessToken);
-                    }));
+            // Append the access token to the request.
+            request.Headers.Authorization = new AuthenticationHeaderValue(
+                Infrastructure.Constants.BearerAuthorizationScheme, accessToken);
         }
     }
 }
diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/appsettings.json b/2-WebApp-graph-user/2-1-Call-MSGraph/appsettings.json
@@ -17,5 +17,5 @@
     }
   },
   "AllowedHosts": "*",
-  "GraphApiUrl": "https://graph.microsoft.com/v1.0"
+  "GraphApiUrl": "https://graph.microsoft.com/beta"
 }
diff --git a/Microsoft.Identity.Web/Client/MsalUiRequiredExceptionFilterAttribute.cs b/Microsoft.Identity.Web/Client/MsalUiRequiredExceptionFilterAttribute.cs
@@ -27,7 +27,13 @@ public class MsalUiRequiredExceptionFilterAttribute : ExceptionFilterAttribute
         
         public override void OnException(ExceptionContext context)
         {
-            if (context.Exception is MsalUiRequiredException msalUiRequiredException)
+            MsalUiRequiredException msalUiRequiredException = context.Exception as MsalUiRequiredException;
+            if (msalUiRequiredException == null)
+            {
+                msalUiRequiredException = context.Exception?.InnerException as MsalUiRequiredException;
+            }
+
+            if (msalUiRequiredException!=null)
             {
                 if (CanBeSolvedByReSignInUser(msalUiRequiredException))
                 {

Original file line number	Diff line number	Diff line change
`@@ -17,5 +17,5 @@`
`17`	`17`	`}`
`18`	`18`	`},`
`19`	`19`	`"AllowedHosts": "*",`
`20`		`- "GraphApiUrl": "https://graph.microsoft.com/v1.0"`
	`20`	`+ "GraphApiUrl": "https://graph.microsoft.com/beta"`
`21`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,13 @@ public class MsalUiRequiredExceptionFilterAttribute : ExceptionFilterAttribute`
`27`	`27`
`28`	`28`	`public override void OnException(ExceptionContext context)`
`29`	`29`	`{`
`30`		`- if (context.Exception is MsalUiRequiredException msalUiRequiredException)`
	`30`	`+ MsalUiRequiredException msalUiRequiredException = context.Exception as MsalUiRequiredException;`
	`31`	`+ if (msalUiRequiredException == null)`
	`32`	`+ {`
	`33`	`+ msalUiRequiredException = context.Exception?.InnerException as MsalUiRequiredException;`
	`34`	`+ }`
	`35`	`+`
	`36`	`+ if (msalUiRequiredException!=null)`
`31`	`37`	`{`
`32`	`38`	`if (CanBeSolvedByReSignInUser(msalUiRequiredException))`
`33`	`39`	`{`