rbrayb

using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.IdentityModel.Tokens;

namespace B2CPoCConsoleApp
{
    class Program

rbrayb

<RelyingParty>
    <DefaultUserJourney ReferenceId="PasswordResetJWT" />
    <TechnicalProfile Id="PolicyProfile">
      <DisplayName>PolicyProfile</DisplayName>
      <Protocol Name="OpenIdConnect" />
	  <InputTokenFormat>JWT</InputTokenFormat>
    <CryptographicKeys>
      <Key Id="client_secret" StorageReferenceId="B2C_1A_JWTSigningKeyContainer" />
    </CryptographicKeys>
	<InputClaims>

rbrayb

<UserJourney Id="PasswordResetJWT">
			<OrchestrationSteps>
				<OrchestrationStep Order="1" Type="ClaimsExchange">
					<ClaimsExchanges>
						<ClaimsExchange Id="PasswordResetUsingEmailAddress" TechnicalProfileReferenceId="AAD-UserReadUsingEmailAddress" />
					</ClaimsExchanges>
				</OrchestrationStep>
				<OrchestrationStep Order="2" Type="ClaimsExchange">
					<ClaimsExchanges>
						<ClaimsExchange Id="NewCredentials" TechnicalProfileReferenceId="LocalAccountWritePasswordUsingObjectId" />

rbrayb

[HttpGet]
        public IHttpActionResult CheckPassword(string password)
        {
            string hashSH1 = Hash(password);
            string hashSH1FirstFive = hashSH1.Substring(0, 5);
            string hashSH1Rest = hashSH1.Substring(5, hashSH1.Length - 5);

            string responseFromServer = "";

            string url = "https://api.pwnedpasswords.com/range/" + hashSH1FirstFive;

rbrayb

<ClaimsProvider>
  <DisplayName>REST APIs</DisplayName>
    <TechnicalProfiles>
	<!-- Custom Restful service -->
	<TechnicalProfile Id="REST-API-PwnedPassword">
	<DisplayName>Validate user's password</DisplayName>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	  <Item Key="ServiceUrl">https://mywebapplication.azurewebsites.net/api/Identity/CheckPassword</Item>
	  <Item Key="AuthenticationType">None</Item>

rbrayb

<ClaimType Id="errorMessage">
	<DisplayName>There was an error</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Add help text here</UserHelpText>
	<UserInputType>Paragraph</UserInputType>
</ClaimType>

<ClaimsTransformations>
	<ClaimsTransformation Id="CreateRegErrorMessage" TransformationMethod="CreateStringClaim">
		<InputParameters>

rbrayb

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2"/>
  </startup>
  <appSettings>
    <add key="ida:ClientId" value="428...2bd"/>
    <add key="ida:AppKey" value="nH7...48h_"/>
    <add key="todo:TodoListResourceId" value="https://localhost/ToDoListService"/>
    <add key="ida:AADInstance" value="https://login.microsoftonline.com/{0}"/>

rbrayb

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.IdentityModel.Tokens;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Options;

rbrayb

using System;
using System.Threading;
using System.Threading.Tasks;

namespace ValidateJWT
{
    internal static class AsyncHelper
    {
        private static readonly TaskFactory TaskFactory = new TaskFactory(CancellationToken.None, TaskCreationOptions.None, 
                                                                          TaskContinuationOptions.None, TaskScheduler.Default);

rbrayb

using Swashbuckle.Swagger;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http;
using System.Web.Http.Description;

namespace TodoListService
{