I have an issue very similar to this: https://support.abp.io/QA/Questions/2666/Implementing-MicrosoftGraph-in-ABP-App
ABP Framework version: v5.3.4
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): no
We are attempting to incorporate support for calling Microsoft Graph APIs in our ABP application, using the Microsoft.Graph package. We've already successfully implemented authentication using Azure AD accounts according to the directions in this post: https://community.abp.io/posts/how-to-use-the-azure-active-directory-authentication-for-mvc-razor-page-applications-4603b9cf (we used the second approach, using AddMicrosoftIdentityWebApp).
However, when attempting AddMicrosoftIdentityWebApp, login with Azure AD no longer works (when Azure AD is selected as the login option, the login page reloads without logging in). Here is the code for configuring the authentication:
context.Services
// Use OpenId authentication
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
// Specify this is a web app and needs auth code flow
.AddMicrosoftIdentityWebApp(options =>
{
configuration.Bind("AzureAd", options);
options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"] + "/v2.0/";
options.Scope.Add("email user.read");
options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
// This causes the signin to prompt the user for which
// account to use - useful when there are multiple accounts signed
// into the browser
options.Prompt = "select_account";
options.TokenValidationParameters.SaveSigninToken = true;
options.RequireHttpsMetadata = false;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
})
// Add ability to call web API (Graph)
// and get access tokens
.EnableTokenAcquisitionToCallDownstreamApi(options => { }, GraphConstants.Scopes)
// Add a GraphServiceClient via dependency injection
.AddMicrosoftGraph(options =>
{
options.Scopes = string.Join(' ', GraphConstants.Scopes);
})
// Use in-memory token cache
// See https://github.com/AzureAD/microsoft-identity-web/wiki/token-cache-serialization
.AddInMemoryTokenCaches();
Does this option work with ABP?
3 Answer(s)
-
0
Hi,
Is this can help you? https://support.abp.io/QA/Questions/1672/Access-Token-Conflict-while-Integrating-with-Microsoft-Graph
-
0
Hi, Do you mean that i don't use AddMicrosoftIdentityWebApp, but instead just use .AddOpenIdConnect instead with IConfidentialClientApplication? Is it not possible to use AddMicrosoftIdentityWebApp?
-
0
AddMicrosoftIdentityWebAppis basically using the OpenIdConnect. Try getting token manually and calling the Graph API as in the sample above since we don't have direct support for Microsoft Graph API.
