cocowalla · November 9, 2018 15:49
diff --git a/ClaimsIdentity.cs b/ClaimsIdentity.cs
 builder.AddOpenIdConnect(options =>
 {
    options.Events = new OpenIdConnectEvents
    {
        OnTokenValidated = async ctx =>
        {
            var db = ctx.HttpContext.RequestServices.GetRequiredService<DataContext>();

            // Get the user's Azure Active Directory ID
            var userId = Guid.Parse(ctx.Principal.FindFirst(OBJECT_ID_CLAIM_TYPE).Value);

            // Find the user profile
            var profile = await db.Users.SingleAsync(x => x.AzureId == userId);

            // Add our app-specific identity to the list of identities known to the principal
            var identity = new AppIdentity(ctx.Principal, profile);
            ctx.Principal.AddIdentity(identity);
        }
    };
 });
diff --git a/Startup.cs b/Startup.cs
 public void ConfigureServices(IServiceCollection services)
 {
    services.AddAuthentication(options =>
    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    })
    .AddAzureAd(options => this.configuration.Bind("AzureAd", options))
    .AddCookie(options =>
    {
        options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
        options.SlidingExpiration = true;
        options.LoginPath = new PathString("/Account/SignIn");
        options.LogoutPath = new PathString("/Account/SignOut");
        options.AccessDeniedPath = new PathString("/Account/AccessDenied");
    });
    
    ...
 }

 public void Configure(IApplicationBuilder app, IHostingEnvironment env)
 {
    ....
    app.UseAuthentication();
    ...
 }
	builder.AddOpenIdConnect(options =>
	{
	options.Events = new OpenIdConnectEvents
	{
	OnTokenValidated = async ctx =>
	{
	var db = ctx.HttpContext.RequestServices.GetRequiredService<DataContext>();

	// Get the user's Azure Active Directory ID
	var userId = Guid.Parse(ctx.Principal.FindFirst(OBJECT_ID_CLAIM_TYPE).Value);

	// Find the user profile
	var profile = await db.Users.SingleAsync(x => x.AzureId == userId);

	// Add our app-specific identity to the list of identities known to the principal
	var identity = new AppIdentity(ctx.Principal, profile);
	ctx.Principal.AddIdentity(identity);
	}
	};
	});
	public void ConfigureServices(IServiceCollection services)
	{
	services.AddAuthentication(options =>
	{
	options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
	options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
	})
	.AddAzureAd(options => this.configuration.Bind("AzureAd", options))
	.AddCookie(options =>
	{
	options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
	options.SlidingExpiration = true;
	options.LoginPath = new PathString("/Account/SignIn");
	options.LogoutPath = new PathString("/Account/SignOut");
	options.AccessDeniedPath = new PathString("/Account/AccessDenied");
	});

	...
	}

	public void Configure(IApplicationBuilder app, IHostingEnvironment env)
	{
	....
	app.UseAuthentication();
	...
	}