harshbaid · August 27, 2020 18:41
diff --git a/Snippet from Startup.cs b/Snippet from Startup.cs
 app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
 {
    ClientId = clientId,
    ClientSecret = clientSecret,
    Authority = authority,
    MetadataAddress = metaDataUri,
    RedirectUri = redirectUri,
    ResponseType = OpenIdConnectResponseType.Code,
    Scope = OpenIdConnectScope.OpenId,
    PostLogoutRedirectUri = postLogoutRedirectUri,
    TokenValidationParameters = new TokenValidationParameters
    {
        NameClaimType = "name"
    },
    Notifications = new OpenIdConnectAuthenticationNotifications
    {
        AuthorizationCodeReceived = ProcessAuthorizationCodeReceivedNotification,
        RedirectToIdentityProvider = ProcessRedirectToIdentityProviderNotification,
        MessageReceived = ProcessMessageReceivedNotification
    },
 });

 List<Claim> claims = new List<Claim>();
 private async Task ProcessMessageReceivedNotification(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> args)
 {
    if (!string.IsNullOrWhiteSpace(args.ProtocolMessage.Code))
    {
        var openIdConfiguration = await args.Options.ConfigurationManager.GetConfigurationAsync(new CancellationToken()).ConfigureAwait(false);

        // Exchange code for access and ID tokens
        var tokenClient = new TokenClient(openIdConfiguration.TokenEndpoint, clientId, clientSecret);
        var tokenResponse = await tokenClient.RequestAuthorizationCodeAsync(args.ProtocolMessage.Code, redirectUri);

        if (tokenResponse.IsError)
        {
            throw new Exception(tokenResponse.Error);
        }

        var userInfoClient = new UserInfoClient(openIdConfiguration.UserInfoEndpoint);
        var userInfoResponse = await userInfoClient.GetAsync(tokenResponse.AccessToken);
        args.ProtocolMessage.IdToken = tokenResponse.IdentityToken;
        //args.ProtocolMessage.AccessToken = tokenResponse.AccessToken;
        //args.ProtocolMessage.RefreshToken = tokenResponse.RefreshToken;
        claims.AddRange(userInfoResponse.Claims);

        claims.AddRange(userInfoResponse.Claims);
        claims.Add(new Claim("id_token", tokenResponse.IdentityToken));
        claims.Add(new Claim("access_token", tokenResponse.AccessToken));

        if (!string.IsNullOrEmpty(tokenResponse.RefreshToken))
        {
            claims.Add(new Claim("refresh_token", tokenResponse.RefreshToken));
        }
    }
 }

 private Task ProcessAuthorizationCodeReceivedNotification(AuthorizationCodeReceivedNotification args)
 {
    if (args.AuthenticationTicket != null)
        args.AuthenticationTicket.Identity.AddClaims(claims);

    return Task.FromResult(0);
 }
	app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
	{
	ClientId = clientId,
	ClientSecret = clientSecret,
	Authority = authority,
	MetadataAddress = metaDataUri,
	RedirectUri = redirectUri,
	ResponseType = OpenIdConnectResponseType.Code,
	Scope = OpenIdConnectScope.OpenId,
	PostLogoutRedirectUri = postLogoutRedirectUri,
	TokenValidationParameters = new TokenValidationParameters
	{
	NameClaimType = "name"
	},
	Notifications = new OpenIdConnectAuthenticationNotifications
	{
	AuthorizationCodeReceived = ProcessAuthorizationCodeReceivedNotification,
	RedirectToIdentityProvider = ProcessRedirectToIdentityProviderNotification,
	MessageReceived = ProcessMessageReceivedNotification
	},
	});

	List<Claim> claims = new List<Claim>();
	private async Task ProcessMessageReceivedNotification(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> args)
	{
	if (!string.IsNullOrWhiteSpace(args.ProtocolMessage.Code))
	{
	var openIdConfiguration = await args.Options.ConfigurationManager.GetConfigurationAsync(new CancellationToken()).ConfigureAwait(false);

	// Exchange code for access and ID tokens
	var tokenClient = new TokenClient(openIdConfiguration.TokenEndpoint, clientId, clientSecret);
	var tokenResponse = await tokenClient.RequestAuthorizationCodeAsync(args.ProtocolMessage.Code, redirectUri);

	if (tokenResponse.IsError)
	{
	throw new Exception(tokenResponse.Error);
	}

	var userInfoClient = new UserInfoClient(openIdConfiguration.UserInfoEndpoint);
	var userInfoResponse = await userInfoClient.GetAsync(tokenResponse.AccessToken);
	args.ProtocolMessage.IdToken = tokenResponse.IdentityToken;
	//args.ProtocolMessage.AccessToken = tokenResponse.AccessToken;
	//args.ProtocolMessage.RefreshToken = tokenResponse.RefreshToken;
	claims.AddRange(userInfoResponse.Claims);

	claims.AddRange(userInfoResponse.Claims);
	claims.Add(new Claim("id_token", tokenResponse.IdentityToken));
	claims.Add(new Claim("access_token", tokenResponse.AccessToken));

	if (!string.IsNullOrEmpty(tokenResponse.RefreshToken))
	{
	claims.Add(new Claim("refresh_token", tokenResponse.RefreshToken));
	}
	}
	}

	private Task ProcessAuthorizationCodeReceivedNotification(AuthorizationCodeReceivedNotification args)
	{
	if (args.AuthenticationTicket != null)
	args.AuthenticationTicket.Identity.AddClaims(claims);

	return Task.FromResult(0);
	}