Merge pull request #13 from damienbod/dev/object-identifier-ms-graph

damienbod · web-flow · commit 5194b7ef2914 · 2022-02-06T19:41:26.000+01:00
Object identifier Microsoft graph
diff --git a/Changelog.md b/Changelog.md
@@ -2,6 +2,9 @@
 
 [Readme](https://github.com/damienbod/Blazor.BFF.AzureB2C.Template/blob/main/README.md) 
 
+**2022-01-23** 1.0.8
+- Using the object identifier to request the MS graph data
+
 **2022-01-23** 1.0.7
 - Remove PWA items, default template uses anti-forgery cookies and no PWA support
   (Will consider supporting this later, requires switching to CORS preflight CSRF protection)
diff --git a/README.md b/README.md
@@ -91,7 +91,7 @@ nuget pack content/Blazor.BFF.AzureB2C.Template.nuspec
 Locally built nupkg:
 
 ```
-dotnet new -i Blazor.BFF.AzureB2C.Template.1.0.7.nupkg
+dotnet new -i Blazor.BFF.AzureB2C.Template.1.0.8.nupkg
 ```
 
 Local folder:
diff --git a/content/Blazor.BFF.AzureB2C.Template.nuspec b/content/Blazor.BFF.AzureB2C.Template.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2012/06/nuspec.xsd">
 	<metadata>
 		<id>Blazor.BFF.AzureB2C.Template</id>
-		<version>1.0.7</version>
+		<version>1.0.8</version>
 		<title>Blazor.BFF.AzureB2C.Template</title>
 		<license type="file">LICENSE</license>
 		<description>Blazor BFF template for WASM ASP.NET Core hosted</description>
@@ -15,7 +15,7 @@
 		<requireLicenseAcceptance>false</requireLicenseAcceptance>
 		<copyright>2022 damienbod</copyright>
 		<summary>This template provides a simple Blazor template with BFF server authentication WASM hosted</summary>
-		<releaseNotes>Remove PWA items, default template uses anti-forgery cookies and no PWA support, Using the AuthorizedHandler for protected requests</releaseNotes>
+		<releaseNotes>Use object identifier to select MS Graph users</releaseNotes>
 		<repository type="git" url="https://github.com/damienbod/Blazor.BFF.AzureB2C.Template" />
 		<packageTypes>
 			<packageType name="Template" />
diff --git a/content/BlazorBffAzureB2C/Server/BlazorBffAzureB2C.Server.csproj b/content/BlazorBffAzureB2C/Server/BlazorBffAzureB2C.Server.csproj
@@ -15,9 +15,9 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="6.0.1" NoWarn="NU1605" />
-	<PackageReference Include="Microsoft.Graph" Version="4.14.0" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="1.22.1" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="1.22.1" />
+	<PackageReference Include="Microsoft.Graph" Version="4.17.0" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="1.22.3" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="1.22.3" />
     <PackageReference Include="IdentityModel.AspNetCore" Version="4.1.2" />
     <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.16.1" />
   </ItemGroup>
diff --git a/content/BlazorBffAzureB2C/Server/Controllers/GraphApiCallsController.cs b/content/BlazorBffAzureB2C/Server/Controllers/GraphApiCallsController.cs
@@ -15,9 +15,9 @@ namespace BlazorBffAzureB2C.Server.Controllers
     [Route("api/[controller]")]
     public class GraphApiCallsController : ControllerBase
     {
-        private GraphApiClientService _graphApiClientService;
+        private MsGraphService _graphApiClientService;
 
-        public GraphApiCallsController(GraphApiClientService graphApiClientService)
+        public GraphApiCallsController(MsGraphService graphApiClientService)
         {
             _graphApiClientService = graphApiClientService;
         }
diff --git a/content/BlazorBffAzureB2C/Server/MsGraphClaimsTransformation.cs b/content/BlazorBffAzureB2C/Server/MsGraphClaimsTransformation.cs
@@ -6,14 +6,14 @@
 
 namespace BlazorBffAzureB2C.Server
 {
-    public class GraphApiClaimsTransformation : IClaimsTransformation
+    public class MsGraphClaimsTransformation : IClaimsTransformation
     {
-        private readonly GraphApiClientService _graphApiClientService;
+        private readonly MsGraphService _msGraphService;
 
-        public GraphApiClaimsTransformation(GraphApiClientService graphApiClientService)
+        public MsGraphClaimsTransformation(MsGraphService msGraphService)
         {
 
-            _graphApiClientService = graphApiClientService;
+            _msGraphService = msGraphService;
         }
 
         public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
@@ -22,10 +22,10 @@ public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
             var groupClaimType = "group";
             if (!principal.HasClaim(claim => claim.Type == groupClaimType))
             {
-                var nameidentifierClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier";
-                var nameidentifier = principal.Claims.FirstOrDefault(t => t.Type == nameidentifierClaimType);
+                var objectidentifierClaimType = "http://schemas.microsoft.com/identity/claims/objectidentifier";
+                var objectIdentifier = principal.Claims.FirstOrDefault(t => t.Type == objectidentifierClaimType);
 
-                var groupIds = await _graphApiClientService.GetGraphApiUserMemberGroups(nameidentifier.Value);
+                var groupIds = await _msGraphService.GetGraphApiUserMemberGroups(objectIdentifier.Value);
 
                 foreach (var groupId in groupIds.ToList())
                 {
diff --git a/content/BlazorBffAzureB2C/Server/Program.cs b/content/BlazorBffAzureB2C/Server/Program.cs
@@ -1,11 +1,5 @@
 ﻿using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Hosting;
-using Microsoft.Extensions.Logging;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
 
 namespace BlazorBffAzureB2C.Server
 {
diff --git a/content/BlazorBffAzureB2C/Server/Services/MsGraphService.cs b/content/BlazorBffAzureB2C/Server/Services/MsGraphService.cs
@@ -5,11 +5,11 @@
 
 namespace BlazorBffAzureB2C.Server.Services
 {
-    public class GraphApiClientService
+    public class MsGraphService
     {
         private readonly GraphServiceClient _graphServiceClient;
 
-        public GraphApiClientService(IConfiguration configuration)
+        public MsGraphService(IConfiguration configuration)
         {
             string[] scopes = configuration.GetValue<string>("GraphApi:Scopes")?.Split(' ');
             var tenantId = configuration.GetValue<string>("GraphApi:TenantId");
@@ -33,18 +33,16 @@ public GraphApiClientService(IConfiguration configuration)
         public async Task<User> GetGraphApiUser(string userId)
         {
             return await _graphServiceClient.Users[userId]
-                    .Request()
-                    .GetAsync()
-                    .ConfigureAwait(false);
+                .Request()
+                .GetAsync();
         }
 
         public async Task<IUserAppRoleAssignmentsCollectionPage> GetGraphApiUserAppRoles(string userId)
         {
             return await _graphServiceClient.Users[userId]
-                    .AppRoleAssignments
-                    .Request()
-                    .GetAsync()
-                    .ConfigureAwait(false);
+                .AppRoleAssignments
+                .Request()
+                .GetAsync();
         }
 
         public async Task<IDirectoryObjectGetMemberGroupsCollectionPage> GetGraphApiUserMemberGroups(string userId)
@@ -53,8 +51,8 @@ public async Task<IDirectoryObjectGetMemberGroupsCollectionPage> GetGraphApiUser
 
             return await _graphServiceClient.Users[userId]
                 .GetMemberGroups(securityEnabledOnly)
-                .Request().PostAsync()
-                .ConfigureAwait(false);
+                .Request()
+                .PostAsync();
         }
     }
 }
diff --git a/content/BlazorBffAzureB2C/Server/Startup.cs b/content/BlazorBffAzureB2C/Server/Startup.cs
@@ -23,8 +23,8 @@ public Startup(IConfiguration configuration)
 
         public void ConfigureServices(IServiceCollection services)
         {
-            services.AddScoped<GraphApiClientService>();
-            services.AddTransient<IClaimsTransformation, GraphApiClaimsTransformation>();
+            services.AddScoped<MsGraphService>();
+            services.AddTransient<IClaimsTransformation, MsGraphClaimsTransformation>();
 
             services.AddAntiforgery(options =>
             {

Original file line number	Diff line number	Diff line change
`@@ -15,9 +15,9 @@ namespace BlazorBffAzureB2C.Server.Controllers`
`15`	`15`	`[Route("api/[controller]")]`
`16`	`16`	`public class GraphApiCallsController : ControllerBase`
`17`	`17`	`{`
`18`		`- private GraphApiClientService _graphApiClientService;`
	`18`	`+ private MsGraphService _graphApiClientService;`
`19`	`19`
`20`		`- public GraphApiCallsController(GraphApiClientService graphApiClientService)`
	`20`	`+ public GraphApiCallsController(MsGraphService graphApiClientService)`
`21`	`21`	`{`
`22`	`22`	`_graphApiClientService = graphApiClientService;`
`23`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6,14 +6,14 @@`
`6`	`6`
`7`	`7`	`namespace BlazorBffAzureB2C.Server`
`8`	`8`	`{`
`9`		`- public class GraphApiClaimsTransformation : IClaimsTransformation`
	`9`	`+ public class MsGraphClaimsTransformation : IClaimsTransformation`
`10`	`10`	`{`
`11`		`- private readonly GraphApiClientService _graphApiClientService;`
	`11`	`+ private readonly MsGraphService _msGraphService;`
`12`	`12`
`13`		`- public GraphApiClaimsTransformation(GraphApiClientService graphApiClientService)`
	`13`	`+ public MsGraphClaimsTransformation(MsGraphService msGraphService)`
`14`	`14`	`{`
`15`	`15`
`16`		`- _graphApiClientService = graphApiClientService;`
	`16`	`+ _msGraphService = msGraphService;`
`17`	`17`	`}`
`18`	`18`
`19`	`19`	`public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)`
`@@ -22,10 +22,10 @@ public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)`
`22`	`22`	`var groupClaimType = "group";`
`23`	`23`	`if (!principal.HasClaim(claim => claim.Type == groupClaimType))`
`24`	`24`	`{`
`25`		`- var nameidentifierClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier";`
`26`		`- var nameidentifier = principal.Claims.FirstOrDefault(t => t.Type == nameidentifierClaimType);`
	`25`	`+ var objectidentifierClaimType = "http://schemas.microsoft.com/identity/claims/objectidentifier";`
	`26`	`+ var objectIdentifier = principal.Claims.FirstOrDefault(t => t.Type == objectidentifierClaimType);`
`27`	`27`
`28`		`- var groupIds = await _graphApiClientService.GetGraphApiUserMemberGroups(nameidentifier.Value);`
	`28`	`+ var groupIds = await _msGraphService.GetGraphApiUserMemberGroups(objectIdentifier.Value);`
`29`	`29`
`30`	`30`	`foreach (var groupId in groupIds.ToList())`
`31`	`31`	`{`
Original file line number	Diff line number	Diff line change
`@@ -5,11 +5,11 @@`
`5`	`5`
`6`	`6`	`namespace BlazorBffAzureB2C.Server.Services`
`7`	`7`	`{`
`8`		`- public class GraphApiClientService`
	`8`	`+ public class MsGraphService`
`9`	`9`	`{`
`10`	`10`	`private readonly GraphServiceClient _graphServiceClient;`
`11`	`11`
`12`		`- public GraphApiClientService(IConfiguration configuration)`
	`12`	`+ public MsGraphService(IConfiguration configuration)`
`13`	`13`	`{`
`14`	`14`	`string[] scopes = configuration.GetValue<string>("GraphApi:Scopes")?.Split(' ');`
`15`	`15`	`var tenantId = configuration.GetValue<string>("GraphApi:TenantId");`
`@@ -33,18 +33,16 @@ public GraphApiClientService(IConfiguration configuration)`
`33`	`33`	`public async Task<User> GetGraphApiUser(string userId)`
`34`	`34`	`{`
`35`	`35`	`return await _graphServiceClient.Users[userId]`
`36`		`- .Request()`
`37`		`- .GetAsync()`
`38`		`- .ConfigureAwait(false);`
	`36`	`+ .Request()`
	`37`	`+ .GetAsync();`
`39`	`38`	`}`
`40`	`39`
`41`	`40`	`public async Task<IUserAppRoleAssignmentsCollectionPage> GetGraphApiUserAppRoles(string userId)`
`42`	`41`	`{`
`43`	`42`	`return await _graphServiceClient.Users[userId]`
`44`		`- .AppRoleAssignments`
`45`		`- .Request()`
`46`		`- .GetAsync()`
`47`		`- .ConfigureAwait(false);`
	`43`	`+ .AppRoleAssignments`
	`44`	`+ .Request()`
	`45`	`+ .GetAsync();`
`48`	`46`	`}`
`49`	`47`
`50`	`48`	`public async Task<IDirectoryObjectGetMemberGroupsCollectionPage> GetGraphApiUserMemberGroups(string userId)`
`@@ -53,8 +51,8 @@ public async Task<IDirectoryObjectGetMemberGroupsCollectionPage> GetGraphApiUser`
`53`	`51`
`54`	`52`	`return await _graphServiceClient.Users[userId]`
`55`	`53`	`.GetMemberGroups(securityEnabledOnly)`
`56`		`- .Request().PostAsync()`
`57`		`- .ConfigureAwait(false);`
	`54`	`+ .Request()`
	`55`	`+ .PostAsync();`
`58`	`56`	`}`
`59`	`57`	`}`
`60`	`58`	`}`
Original file line number	Diff line number	Diff line change
`@@ -23,8 +23,8 @@ public Startup(IConfiguration configuration)`
`23`	`23`
`24`	`24`	`public void ConfigureServices(IServiceCollection services)`
`25`	`25`	`{`
`26`		`- services.AddScoped<GraphApiClientService>();`
`27`		`- services.AddTransient<IClaimsTransformation, GraphApiClaimsTransformation>();`
	`26`	`+ services.AddScoped<MsGraphService>();`
	`27`	`+ services.AddTransient<IClaimsTransformation, MsGraphClaimsTransformation>();`
`28`	`28`
`29`	`29`	`services.AddAntiforgery(options =>`
`30`	`30`	`{`