ramandeep-singh-1983 · September 20, 2018 05:50 · ramandeep-singh-1983 · Sep 20, 2018 · selmantayyar · Jul 17, 2019
diff --git a/PowerBiController.cs b/PowerBiController.cs
 /// <summary>
 /// Retrieves the access token required to access the Power BI Pro account data.
 /// </summary>
 /// <returns>Access token required to access Power BI reports</returns>
 /// <response code="200">OK</response>
 /// <response code="401">Unauthorized</response>
 // GET: api/reports/accessToken
 [HttpGet]
 [Route("api/reports/accessToken")]
 public async Task<IHttpActionResult> GetAccessToken()
 {
    var accessToken = await GetAccessTokenInternalAsync();

    if (accessToken == "")
    {
        return Unauthorized();
    }
    return Ok(accessToken);
 }
        
 /// <summary>
 /// Retrieves the access token required to access the Power BI Pro account data.
 /// </summary>
 /// <returns>Access token required to access Power BI reports or empty string on error.</returns>
 private async Task<string> GetAccessTokenInternalAsync()
 {
    // Check for existing and valid access token
    if (powerBiAccessToken != "" && ValidateToken(powerBiAccessToken))
    {
        return powerBiAccessToken;
    }

    // We might need to change the following code for .NET Core in near future. 
    // Refer https://community.powerbi.com/t5/Developer/Embed-Power-BI-dashboard-in-ASP-Net-core/m-p/284314#M8436
    try
    {
        // Create a user password credentials.
        var credential = new UserPasswordCredential(powerBiConfiguration.UserName, powerBiConfiguration.Password);

        // Authenticate using created credentials
        var authenticationContext = new AuthenticationContext(powerBiConfiguration.AuthorityUrl);
        var authenticationResult = await authenticationContext.AcquireTokenAsync(powerBiConfiguration.ResourceUrl, powerBiConfiguration.ClientId, credential);

        if (authenticationResult == null)
        {
            return "";
        }
        powerBiAccessToken = authenticationResult.AccessToken;
        return authenticationResult.AccessToken;
    }
    catch (Exception e)
    {
        Console.WriteLine("Failed to fetch Power BI access token, exception details: ", e);
    }
    return "";
 }

 /// <summary>
 /// Validates the given access token.
 /// </summary>
 /// <param name="token">Access token to be checked for validity (required)</param>
 /// <returns>True if token is valid, false otherwise.</returns>
 private bool ValidateToken(string token)
 {
    // Code reference: https://github.com/dream-365/OfficeDev-Samples/blob/master/samples/Office365DevQuickStart/OAuth2-basic/JsonWebTokenValidator.cs
    bool isValid = true;
    try
    {
        string stsDiscoveryEndpoint = "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration";
        SecurityToken jwt;
        ConfigurationManager<OpenIdConnectConfiguration> configManager =
            new ConfigurationManager<OpenIdConnectConfiguration>(stsDiscoveryEndpoint,
            new OpenIdConnectConfigurationRetriever());

        OpenIdConnectConfiguration config = configManager.GetConfigurationAsync().Result;

        TokenValidationParameters validationParameters = new TokenValidationParameters
        {
            ValidateAudience = false,
            ValidateIssuer = false,
            IssuerSigningKeys = config.SigningKeys,
            ValidateLifetime = true
        };

        JwtSecurityTokenHandler tokendHandler = new JwtSecurityTokenHandler();
        tokendHandler.ValidateToken(token, validationParameters, out jwt);
    }
    catch (Exception)   // Token invalid/expired
    {
        isValid = false;
    }

    return isValid;
 }
diff --git a/Web.config b/Web.config
 pbiConfig.AuthorityUrl = "https://login.windows.net/common/oauth2/authorize/";
 pbiConfig.ResourceUrl = "https://analysis.windows.net/powerbi/api";
 pbiConfig.ApiUrl = "https://api.powerbi.com/";
 pbiConfig.ClientId = "Provide application/client ID of the app registered in Azure AD here";
 pbiConfig.GroupId = "Provide Power BI workspace/group ID here";
 pbiConfig.UserName = "Provide Power BI service (app.powerbi.com) user name here";
 pbiConfig.Password = "Provide Power BI service (app.powerbi.com) password here";
	/// <summary>
	/// Retrieves the access token required to access the Power BI Pro account data.
	/// </summary>
	/// <returns>Access token required to access Power BI reports</returns>
	/// <response code="200">OK</response>
	/// <response code="401">Unauthorized</response>
	// GET: api/reports/accessToken
	[HttpGet]
	[Route("api/reports/accessToken")]
	public async Task<IHttpActionResult> GetAccessToken()
	{
	var accessToken = await GetAccessTokenInternalAsync();

	if (accessToken == "")
	{
	return Unauthorized();
	}
	return Ok(accessToken);
	}

	/// <summary>
	/// Retrieves the access token required to access the Power BI Pro account data.
	/// </summary>
	/// <returns>Access token required to access Power BI reports or empty string on error.</returns>
	private async Task<string> GetAccessTokenInternalAsync()
	{
	// Check for existing and valid access token
	if (powerBiAccessToken != "" && ValidateToken(powerBiAccessToken))
	{
	return powerBiAccessToken;
	}

	// We might need to change the following code for .NET Core in near future.
	// Refer https://community.powerbi.com/t5/Developer/Embed-Power-BI-dashboard-in-ASP-Net-core/m-p/284314#M8436
	try
	{
	// Create a user password credentials.
	var credential = new UserPasswordCredential(powerBiConfiguration.UserName, powerBiConfiguration.Password);

	// Authenticate using created credentials
	var authenticationContext = new AuthenticationContext(powerBiConfiguration.AuthorityUrl);
	var authenticationResult = await authenticationContext.AcquireTokenAsync(powerBiConfiguration.ResourceUrl, powerBiConfiguration.ClientId, credential);

	if (authenticationResult == null)
	{
	return "";
	}
	powerBiAccessToken = authenticationResult.AccessToken;
	return authenticationResult.AccessToken;
	}
	catch (Exception e)
	{
	Console.WriteLine("Failed to fetch Power BI access token, exception details: ", e);
	}
	return "";
	}

	/// <summary>
	/// Validates the given access token.
	/// </summary>
	/// <param name="token">Access token to be checked for validity (required)</param>
	/// <returns>True if token is valid, false otherwise.</returns>
	private bool ValidateToken(string token)
	{
	// Code reference: https://github.com/dream-365/OfficeDev-Samples/blob/master/samples/Office365DevQuickStart/OAuth2-basic/JsonWebTokenValidator.cs
	bool isValid = true;
	try
	{
	string stsDiscoveryEndpoint = "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration";
	SecurityToken jwt;
	ConfigurationManager<OpenIdConnectConfiguration> configManager =
	new ConfigurationManager<OpenIdConnectConfiguration>(stsDiscoveryEndpoint,
	new OpenIdConnectConfigurationRetriever());

	OpenIdConnectConfiguration config = configManager.GetConfigurationAsync().Result;

	TokenValidationParameters validationParameters = new TokenValidationParameters
	{
	ValidateAudience = false,
	ValidateIssuer = false,
	IssuerSigningKeys = config.SigningKeys,
	ValidateLifetime = true
	};

	JwtSecurityTokenHandler tokendHandler = new JwtSecurityTokenHandler();
	tokendHandler.ValidateToken(token, validationParameters, out jwt);
	}
	catch (Exception) // Token invalid/expired
	{
	isValid = false;
	}

	return isValid;
	}
	pbiConfig.AuthorityUrl = "https://login.windows.net/common/oauth2/authorize/";
	pbiConfig.ResourceUrl = "https://analysis.windows.net/powerbi/api";
	pbiConfig.ApiUrl = "https://api.powerbi.com/";
	pbiConfig.ClientId = "Provide application/client ID of the app registered in Azure AD here";
	pbiConfig.GroupId = "Provide Power BI workspace/group ID here";
	pbiConfig.UserName = "Provide Power BI service (app.powerbi.com) user name here";
	pbiConfig.Password = "Provide Power BI service (app.powerbi.com) password here";