Merge pull request #138 from Azure-Samples/jennyf/fixNuget

fix build errors

Author: jennyf19

2. Web API now calls Microsoft Graph/TodoListService/Controllers/TodoListController.cs

@@ -92,7 +92,7 @@ public async Task<string> CallGraphApiOnBehalfOfUser()
             // we use MSAL.NET to get a token to call the API On Behalf Of the current user
             try
             {
-                string accessToken = await _tokenAcquisition.GetAccessTokenOnBehalfOfUserAsync(scopes);
+                string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes);
                 dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);
                 return me.userPrincipalName;
             }

2. Web API now calls Microsoft Graph/TodoListService/Startup.cs

@@ -24,7 +24,7 @@ public Startup(IConfiguration configuration)
         public void ConfigureServices(IServiceCollection services)
         {
             services.AddProtectedWebApi(Configuration)
-                    .AddProtectedApiCallsWebApis(Configuration)
+                    .AddProtectedWebApiCallsProtectedWebApi(Configuration)
                     .AddInMemoryTokenCaches();
             services.AddControllers();
         }

3.-Web-api-call-Microsoft-graph-for-personal-accounts/TodoListService/Controllers/TodoListController.cs

@@ -92,7 +92,7 @@ public async Task<string> CallGraphApiOnBehalfOfUser()
             // we use MSAL.NET to get a token to call the API On Behalf Of the current user
             try
             {
-                string accessToken = await _tokenAcquisition.GetAccessTokenOnBehalfOfUserAsync(scopes);
+                string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes);
                 dynamic me = await CallGraphApiOnBehalfOfUser(accessToken);
                 return me.userPrincipalName;
             }

3.-Web-api-call-Microsoft-graph-for-personal-accounts/TodoListService/Startup.cs

@@ -24,7 +24,7 @@ public Startup(IConfiguration configuration)
         public void ConfigureServices(IServiceCollection services)
         {
             services.AddProtectedWebApi(Configuration)
-                    .AddProtectedApiCallsWebApis(Configuration)
+                    .AddProtectedWebApiCallsProtectedWebApi(Configuration)
                     .AddInMemoryTokenCaches();
             services.AddControllers();
         }

4.-Console-app-calls-web-API-with-PoP/Desktop-App-calls-Web-API-using-PoP.sln

@@ -12,7 +12,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		README.md = README.md
 	EndProjectSection
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Future", "..\Microsoft.Identity.Web\Microsoft.Identity.Web.Future.csproj", "{F29C8FF6-5725-4C26-B0B4-682FCF218E6D}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Future", "Microsoft.Identity.Web.Future\Microsoft.Identity.Web.Future.csproj", "{CBA23165-BA0B-469A-B3A4-3299989AAECD}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -28,10 +28,10 @@ Global
 		{443FB1A8-4F29-4D18-A4EB-23C3D764580C}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{443FB1A8-4F29-4D18-A4EB-23C3D764580C}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{443FB1A8-4F29-4D18-A4EB-23C3D764580C}.Release|Any CPU.Build.0 = Release|Any CPU
-		{F29C8FF6-5725-4C26-B0B4-682FCF218E6D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{F29C8FF6-5725-4C26-B0B4-682FCF218E6D}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{F29C8FF6-5725-4C26-B0B4-682FCF218E6D}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{F29C8FF6-5725-4C26-B0B4-682FCF218E6D}.Release|Any CPU.Build.0 = Release|Any CPU
+		{CBA23165-BA0B-469A-B3A4-3299989AAECD}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CBA23165-BA0B-469A-B3A4-3299989AAECD}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CBA23165-BA0B-469A-B3A4-3299989AAECD}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CBA23165-BA0B-469A-B3A4-3299989AAECD}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

Microsoft.Identity.Web/Resource/AadIssuerValidator.cs renamed to 4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/AadIssuerValidator.cs

@@ -9,14 +9,14 @@
 using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Protocols;
 using Microsoft.IdentityModel.Tokens;
-using Microsoft.Identity.Web.InstanceDiscovery;
+using Microsoft.Identity.Web.Future;
 
-namespace Microsoft.Identity.Web.Resource
+namespace Microsoft.Identity.Future
 {
     /// <summary>
     /// Generic class that validates token issuer from the provided Azure AD authority. Use the <see cref="AadIssuerValidatorFactory"/> to create instances of this class.
     /// </summary>
-    public class AadIssuerValidator
+    internal class AadIssuerValidator
     {
         private const string AzureADIssuerMetadataUrl = "https://login.microsoftonline.com/common/discovery/instance?authorization_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize&api-version=1.1";
         private const string FallbackAuthority = "https://login.microsoftonline.com/";
@@ -71,6 +71,7 @@ public static AadIssuerValidator GetIssuerValidator(string aadAuthority)
                 var aliases = issuerMetadata.Metadata
                     .Where(m => m.Aliases.Any(a => string.Equals(a, authority, StringComparison.OrdinalIgnoreCase)))
                     .SelectMany(m => m.Aliases)
+                    .Append(authority) // For b2c scenarios, the alias will be the authorityHost itself
                     .Distinct();
                 s_issuerValidators[authority] = new AadIssuerValidator(aliases);
                 return s_issuerValidators[authority];
@@ -94,7 +95,7 @@ public static AadIssuerValidator GetIssuerValidator(string aadAuthority)
         /// <exception cref="SecurityTokenInvalidIssuerException">if the issuer </exception>
         public string Validate(string actualIssuer, SecurityToken securityToken, TokenValidationParameters validationParameters)
         {
-            if (String.IsNullOrEmpty(actualIssuer))
+            if (string.IsNullOrEmpty(actualIssuer))
                 throw new ArgumentNullException(nameof(actualIssuer));
 
             if (securityToken == null)
@@ -159,21 +160,43 @@ private static bool IsValidTidInLocalPath(string tenantId, Uri uri)
         /// <remarks>Only <see cref="JwtSecurityToken"/> and <see cref="JsonWebToken"/> are acceptable types.</remarks>
         private static string GetTenantIdFromToken(SecurityToken securityToken)
         {
+            string tid = "tid";
             if (securityToken is JwtSecurityToken jwtSecurityToken)
             {
-                if (jwtSecurityToken.Payload.TryGetValue(ClaimConstants.Tid, out object tenantId))
+                if (jwtSecurityToken.Payload.TryGetValue(tid, out object tenantId))
                     return tenantId as string;
+
+                // Since B2C doesn't have TID as default, get it from issuer
+                return GetTenantIdFromIss(jwtSecurityToken.Issuer);
             }
 
-            // brentsch - todo, TryGetPayloadValue is available in 5.5.0
             if (securityToken is JsonWebToken jsonWebToken)
             {
-                var tid = jsonWebToken.GetPayloadValue<string>(ClaimConstants.Tid);
-                if (tid != null)
-                    return tid;
+                jsonWebToken.TryGetPayloadValue(tid, out string tid2);
+                if (tid2 != null)
+                    return tid2;
+
+                // Since B2C doesn't have TID as default, get it from issuer
+                return GetTenantIdFromIss(jsonWebToken.Issuer);
+            }
+
+            return string.Empty;
+        }
+
+        // The AAD iss claims contains the tenantId in its value. The uri is {domain}/{tid}/v2.0
+        private static string GetTenantIdFromIss(string iss)
+        {
+            if (string.IsNullOrEmpty(iss))
+                return string.Empty;
+
+            var uri = new Uri(iss);
+
+            if (uri.Segments.Length > 1)
+            {
+                return uri.Segments[1].TrimEnd('/');
             }
 
             return string.Empty;
         }
     }
-}
+}

Microsoft.Identity.Web/InstanceDiscovery/IssuerConfigurationRetriever.cs renamed to 4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/IssuerConfigurationRetriever.cs

@@ -7,7 +7,7 @@
 using Microsoft.IdentityModel.Protocols;
 using Newtonsoft.Json;
 
-namespace Microsoft.Identity.Web.InstanceDiscovery
+namespace Microsoft.Identity.Web.Future
 {
     /// <summary>
     /// An implementation of IConfigurationRetriever geared towards Azure AD issuers metadata />

Microsoft.Identity.Web/InstanceDiscovery/IssuerMetadata.cs renamed to 4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/IssuerMetadata.cs

@@ -4,7 +4,7 @@
 using System.Collections.Generic;
 using Newtonsoft.Json;
 
-namespace Microsoft.Identity.Web.InstanceDiscovery
+namespace Microsoft.Identity.Web.Future
 {
     /// <summary>
     /// Model class to hold information parsed from the Azure AD issuer endpoint

Microsoft.Identity.Web/InstanceDiscovery/Metadata.cs renamed to 4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/Metadata.cs

@@ -4,7 +4,7 @@
 using System.Collections.Generic;
 using Newtonsoft.Json;
 
-namespace Microsoft.Identity.Web.InstanceDiscovery
+namespace Microsoft.Identity.Web.Future
 {
     /// <summary>
     /// Model child class to hold alias information parsed from the Azure AD issuer endpoint.

Microsoft.Identity.Web/Microsoft.Identity.Web.Future.csproj renamed to 4.-Console-app-calls-web-API-with-PoP/Microsoft.Identity.Web.Future/Microsoft.Identity.Web.Future.csproj

@@ -2,7 +2,7 @@
   <PropertyGroup>
 
     <!--This should be passed from the VSTS build-->
-    <ClientSemVer Condition="'$(ClientSemVer)' == ''">1.0.0-localbuild</ClientSemVer>
+    <ClientSemVer Condition="'$(ClientSemVer)' == ''">1.0.0-preview</ClientSemVer>
     <!--This will generate AssemblyVersion, AssemblyFileVersion and AssemblyInformationVersion-->
     <Version>$(ClientSemVer)</Version>
 
@@ -26,34 +26,6 @@
     <SymbolPackageFormat>snupkg</SymbolPackageFormat>
   </PropertyGroup>
 
-  <ItemGroup>
-    <Compile Remove="InstanceDiscovery\**" />
-    <Compile Remove="Resource\**" />
-    <Compile Remove="TokenCacheProviders\**" />
-    <EmbeddedResource Remove="InstanceDiscovery\**" />
-    <EmbeddedResource Remove="Resource\**" />
-    <EmbeddedResource Remove="TokenCacheProviders\**" />
-    <None Remove="InstanceDiscovery\**" />
-    <None Remove="Resource\**" />
-    <None Remove="TokenCacheProviders\**" />
-  </ItemGroup>
-
-  <ItemGroup>
-    <Compile Remove="AccountExtensions.cs" />
-    <Compile Remove="AuthorizeForScopesAttribute.cs" />
-    <Compile Remove="ClaimConstants.cs" />
-    <Compile Remove="ClaimsPrincipalExtensions.cs" />
-    <Compile Remove="ClaimsPrincipalFactory.cs" />
-    <Compile Remove="Extensions.cs" />
-    <Compile Remove="HttpContextExtensions.cs" />
-    <Compile Remove="InternalsVisibleTo.cs" />
-    <Compile Remove="ITokenAcquisition.cs" />
-    <Compile Remove="OidcConstants.cs" />
-    <Compile Remove="ServiceCollectionExtensions.cs" />
-    <Compile Remove="TokenAcquisition.cs" />
-    <Compile Remove="WebAppServiceCollectionExtensions.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <None Remove="NuGet.Config" />
     <None Remove="README.md" />
@@ -68,21 +40,7 @@
     <TargetFramework>netcoreapp3.1</TargetFramework>
   </PropertyGroup>
 
-  
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
-    <CodeAnalysisRuleSet>Microsoft.Identity.Web.ruleset</CodeAnalysisRuleSet>
-  </PropertyGroup>
-
-  
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
-    <CodeAnalysisRuleSet>Microsoft.Identity.Web.ruleset</CodeAnalysisRuleSet>
-  </PropertyGroup>
-
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.AzureAD.UI" Version="3.1.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.AzureADB2C.UI" Version="3.1.0" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="3.1.3" />
-    <PackageReference Include="Microsoft.Identity.Client" Version="4.10.0" />
     <PackageReference Include="Microsoft.Identity.Web" Version="0.1.0-preview" />
     <PackageReference Include="Microsoft.IdentityModel.Protocols.SignedHttpRequest" Version="6.5.0" />
     <PackageReference Include="System.Collections" Version="4.3.0" />