diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 08b9de7..995c5ca 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -16,7 +16,7 @@ jobs: - name: Setup .NET uses: actions/setup-dotnet@v1 with: - dotnet-version: '7.0' + dotnet-version: '8.0' include-prerelease: True - name: Build AngularAzureADMultipleApis run: dotnet build ./AngularAzureADMultipleApis/ApiWithMutlipleApis.sln diff --git a/AngularAzureADMultipleApis/ApiWithMutlipleApis/ApiWithMutlipleApis.csproj b/AngularAzureADMultipleApis/ApiWithMutlipleApis/ApiWithMutlipleApis.csproj index 688389f..7193cdf 100644 --- a/AngularAzureADMultipleApis/ApiWithMutlipleApis/ApiWithMutlipleApis.csproj +++ b/AngularAzureADMultipleApis/ApiWithMutlipleApis/ApiWithMutlipleApis.csproj @@ -1,27 +1,27 @@  - net7.0 + net8.0 3e9ac996-8e75-4dd9-9a5b-27a6e01a3f3d enable enable - - - + + + - - + + - - + + - - - + + + diff --git a/AngularAzureADMultipleApis/ApiWithMutlipleApis/HostingExtensions.cs b/AngularAzureADMultipleApis/ApiWithMutlipleApis/HostingExtensions.cs index 7d622ef..b6f631a 100644 --- a/AngularAzureADMultipleApis/ApiWithMutlipleApis/HostingExtensions.cs +++ b/AngularAzureADMultipleApis/ApiWithMutlipleApis/HostingExtensions.cs @@ -3,9 +3,9 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc.Authorization; using Microsoft.Identity.Web; +using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Logging; using Microsoft.OpenApi.Models; -using System.IdentityModel.Tokens.Jwt; namespace ApiWithMutlipleApis; @@ -93,7 +93,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde public static WebApplication ConfigurePipeline(this WebApplication app) { IdentityModelEventSource.ShowPII = true; - JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); + JsonWebTokenHandler.DefaultInboundClaimTypeMap.Clear(); app.UseSwagger(); app.UseSwaggerUI(c => diff --git a/AngularAzureADMultipleApis/ServiceApi/SecurityHeadersDefinitions.cs b/AngularAzureADMultipleApis/ServiceApi/SecurityHeadersDefinitions.cs index 7e13048..cc0c1dc 100644 --- a/AngularAzureADMultipleApis/ServiceApi/SecurityHeadersDefinitions.cs +++ b/AngularAzureADMultipleApis/ServiceApi/SecurityHeadersDefinitions.cs @@ -8,7 +8,6 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev) { var policy = new HeaderPolicyCollection() .AddFrameOptionsDeny() - .AddXssProtectionBlock() .AddContentTypeOptionsNoSniff() .AddReferrerPolicyStrictOriginWhenCrossOrigin() .RemoveServerHeader() diff --git a/AngularAzureADMultipleApis/ServiceApi/ServiceApi.csproj b/AngularAzureADMultipleApis/ServiceApi/ServiceApi.csproj index e0840d6..5439c67 100644 --- a/AngularAzureADMultipleApis/ServiceApi/ServiceApi.csproj +++ b/AngularAzureADMultipleApis/ServiceApi/ServiceApi.csproj @@ -1,25 +1,25 @@  - net7.0 + net8.0 196b270c-b0c0-4b90-8f04-d3108e701d51 enable - + - - + + - - + + - - - + + + diff --git a/AngularAzureADMultipleApis/UserApi/UserApi.csproj b/AngularAzureADMultipleApis/UserApi/UserApi.csproj index 0a6bc84..7071290 100644 --- a/AngularAzureADMultipleApis/UserApi/UserApi.csproj +++ b/AngularAzureADMultipleApis/UserApi/UserApi.csproj @@ -1,14 +1,14 @@  - net7.0 + net8.0 aspnet-UserApiOne-2ba0bbf9-49f5-452e-8333-1e33a467b74e enable enable - + diff --git a/AppRoles/README_CONFIG.md b/AppRoles/README_CONFIG.md index c7536a0..8aaafd6 100644 --- a/AppRoles/README_CONFIG.md +++ b/AppRoles/README_CONFIG.md @@ -25,7 +25,7 @@ https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies -# Azure authorization +# Microsoft Entra ID authorization https://docs.microsoft.com/en-us/azure/role-based-access-control/overview diff --git a/AppRoles/WebApiWithRoles/WebApiWithRoles.csproj b/AppRoles/WebApiWithRoles/WebApiWithRoles.csproj index 920dc01..ebf986f 100644 --- a/AppRoles/WebApiWithRoles/WebApiWithRoles.csproj +++ b/AppRoles/WebApiWithRoles/WebApiWithRoles.csproj @@ -1,13 +1,13 @@  - net7.0 + net8.0 enable enable - + diff --git a/AppRoles/WebAppWithRoles/Pages/Index.cshtml b/AppRoles/WebAppWithRoles/Pages/Index.cshtml index 748f30d..b81aae9 100644 --- a/AppRoles/WebAppWithRoles/Pages/Index.cshtml +++ b/AppRoles/WebAppWithRoles/Pages/Index.cshtml @@ -1,10 +1,10 @@ @page @model IndexModel @{ - ViewData["Title"] = "Azure AD App roles"; + ViewData["Title"] = "Microsoft Entra ID App roles"; }
-

Azure AD authentication, authorization with roles

+

Microsoft Entra ID authentication, authorization with roles

Web App which accesses Web API with different roles

diff --git a/AppRoles/WebAppWithRoles/WebAppWithRoles.csproj b/AppRoles/WebAppWithRoles/WebAppWithRoles.csproj index 5bf5b11..4f49bbb 100644 --- a/AppRoles/WebAppWithRoles/WebAppWithRoles.csproj +++ b/AppRoles/WebAppWithRoles/WebAppWithRoles.csproj @@ -1,16 +1,16 @@  - net7.0 + net8.0 bdff93cf-79ea-4b5e-aeaf-ea1490d39566 enable enable - - - + + + diff --git a/BlazorBff/BlazorAzureAdBff/Client/BlazorAzureADWithApis.Client.csproj b/BlazorBff/BlazorAzureAdBff/Client/BlazorAzureADWithApis.Client.csproj index 4083370..cb43ed3 100644 --- a/BlazorBff/BlazorAzureAdBff/Client/BlazorAzureADWithApis.Client.csproj +++ b/BlazorBff/BlazorAzureAdBff/Client/BlazorAzureADWithApis.Client.csproj @@ -1,17 +1,17 @@  - net7.0 + net8.0 true enable enable - - - - + + + + diff --git a/BlazorBff/BlazorAzureAdBff/Server/BlazorAzureADWithApis.Server.csproj b/BlazorBff/BlazorAzureAdBff/Server/BlazorAzureADWithApis.Server.csproj index 9f90c4a..51441fa 100644 --- a/BlazorBff/BlazorAzureAdBff/Server/BlazorAzureADWithApis.Server.csproj +++ b/BlazorBff/BlazorAzureAdBff/Server/BlazorAzureADWithApis.Server.csproj @@ -1,14 +1,14 @@  - net7.0 + net8.0 enable 7b7a3ab3-3ad6-4820-a521-dcdaf28f15cb enable - + @@ -17,12 +17,12 @@ - - - - - - + + + + + + diff --git a/BlazorBff/BlazorAzureAdBff/Server/Controllers/GraphProfileController.cs b/BlazorBff/BlazorAzureAdBff/Server/Controllers/GraphProfileController.cs index a994ee8..b91105c 100644 --- a/BlazorBff/BlazorAzureAdBff/Server/Controllers/GraphProfileController.cs +++ b/BlazorBff/BlazorAzureAdBff/Server/Controllers/GraphProfileController.cs @@ -26,7 +26,7 @@ public GraphProfileController(MsGraphDelegatedService microsoftGraphDelegatedCli public async Task> Get() { var userData = await _microsoftGraphDelegatedClientService.GetGraphApiUser(); - return new List { $"DisplayName: {userData.DisplayName}", + return new List { $"DisplayName: {userData!.DisplayName}", $"GivenName: {userData.GivenName}", $"AboutMe: {userData.AboutMe}" }; } } diff --git a/BlazorBff/BlazorAzureAdBff/Server/Services/Application/MsGraphApplicationService.cs b/BlazorBff/BlazorAzureAdBff/Server/Services/Application/MsGraphApplicationService.cs index f20054a..f2dc17e 100644 --- a/BlazorBff/BlazorAzureAdBff/Server/Services/Application/MsGraphApplicationService.cs +++ b/BlazorBff/BlazorAzureAdBff/Server/Services/Application/MsGraphApplicationService.cs @@ -23,7 +23,7 @@ public MsGraphApplicationService(IConfiguration configuration) .GetAsync(); } - public async Task GetGraphApiUserMemberGroups(string userId) + public async Task GetGraphApiUserMemberGroups(string userId) { var graphServiceClient = GetGraphClient(); @@ -34,7 +34,7 @@ public MsGraphApplicationService(IConfiguration configuration) return await graphServiceClient.Users[userId] .GetMemberGroups - .PostAsync(requestBody); + .PostAsGetMemberGroupsPostResponseAsync(requestBody); } private GraphServiceClient GetGraphClient() { diff --git a/BlazorBff/BlazorAzureAdBff/Shared/BlazorAzureADWithApis.Shared.csproj b/BlazorBff/BlazorAzureAdBff/Shared/BlazorAzureADWithApis.Shared.csproj index 82e7f88..43e82e3 100644 --- a/BlazorBff/BlazorAzureAdBff/Shared/BlazorAzureADWithApis.Shared.csproj +++ b/BlazorBff/BlazorAzureAdBff/Shared/BlazorAzureADWithApis.Shared.csproj @@ -1,13 +1,13 @@  - net7.0 + net8.0 enable enable - + diff --git a/BlazorWithApis/BlazorAzureADWithApis/Client/BlazorAzureADWithApis.Client.csproj b/BlazorWithApis/BlazorAzureADWithApis/Client/BlazorAzureADWithApis.Client.csproj index cdcb40d..f40c4b6 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Client/BlazorAzureADWithApis.Client.csproj +++ b/BlazorWithApis/BlazorAzureADWithApis/Client/BlazorAzureADWithApis.Client.csproj @@ -1,18 +1,18 @@  - net7.0 + net8.0 service-worker-assets.js enable enable - - - - - + + + + + diff --git a/BlazorWithApis/BlazorAzureADWithApis/Client/Pages/Index.razor b/BlazorWithApis/BlazorAzureADWithApis/Client/Pages/Index.razor index 89ebf8d..02fbd81 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Client/Pages/Index.razor +++ b/BlazorWithApis/BlazorAzureADWithApis/Client/Pages/Index.razor @@ -1,3 +1,3 @@ @page "/" -

Azure AD with multiple APIs

+

Microsoft Entra ID with multiple APIs

diff --git a/BlazorWithApis/BlazorAzureADWithApis/Client/Shared/NavMenu.razor b/BlazorWithApis/BlazorAzureADWithApis/Client/Shared/NavMenu.razor index 4f8e647..ba135aa 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Client/Shared/NavMenu.razor +++ b/BlazorWithApis/BlazorAzureADWithApis/Client/Shared/NavMenu.razor @@ -1,5 +1,5 @@ 
- Blazor Azure AD & APIs + Blazor Microsoft Entra ID & APIs diff --git a/BlazorWithApis/BlazorAzureADWithApis/Client/wwwroot/index.html b/BlazorWithApis/BlazorAzureADWithApis/Client/wwwroot/index.html index 1d8003c..d00bbae 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Client/wwwroot/index.html +++ b/BlazorWithApis/BlazorAzureADWithApis/Client/wwwroot/index.html @@ -4,7 +4,7 @@ - BlazorAzureADWithApis + Blazor Microsoft Entra ID with APIs diff --git a/BlazorWithApis/BlazorAzureADWithApis/Server/BlazorAzureADWithApis.Server.csproj b/BlazorWithApis/BlazorAzureADWithApis/Server/BlazorAzureADWithApis.Server.csproj index d2f2e8f..c2c2907 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Server/BlazorAzureADWithApis.Server.csproj +++ b/BlazorWithApis/BlazorAzureADWithApis/Server/BlazorAzureADWithApis.Server.csproj @@ -1,7 +1,7 @@  - net7.0 + net8.0 3c83752e-aded-433a-8d36-41e450f542f2 enable enable @@ -13,10 +13,10 @@ - - - - + + + + diff --git a/BlazorWithApis/BlazorAzureADWithApis/Server/Services/ServiceApiClientService.cs b/BlazorWithApis/BlazorAzureADWithApis/Server/Services/ServiceApiClientService.cs index ec813be..c078b9f 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Server/Services/ServiceApiClientService.cs +++ b/BlazorWithApis/BlazorAzureADWithApis/Server/Services/ServiceApiClientService.cs @@ -21,7 +21,7 @@ public ServiceApiClientService( { var client = _clientFactory.CreateClient(); - // CC flow access_as_application" (App Role in Azure AD app registration) + // CC flow access_as_application" (App Role in Microsoft Entra ID app registration) var scope = "api://b178f3a5-7588-492a-924f-72d7887b7e48/.default"; var accessToken = await _tokenAcquisition.GetAccessTokenForAppAsync(scope); diff --git a/BlazorWithApis/BlazorAzureADWithApis/Shared/BlazorAzureADWithApis.Shared.csproj b/BlazorWithApis/BlazorAzureADWithApis/Shared/BlazorAzureADWithApis.Shared.csproj index 49722e9..8fd51ca 100644 --- a/BlazorWithApis/BlazorAzureADWithApis/Shared/BlazorAzureADWithApis.Shared.csproj +++ b/BlazorWithApis/BlazorAzureADWithApis/Shared/BlazorAzureADWithApis.Shared.csproj @@ -1,7 +1,7 @@ - net7.0 + net8.0 enable enable diff --git a/BlazorWithApis/README_CONFIG.md b/BlazorWithApis/README_CONFIG.md index 7998dec..15b62cd 100644 --- a/BlazorWithApis/README_CONFIG.md +++ b/BlazorWithApis/README_CONFIG.md @@ -1,5 +1,5 @@ -## BlazorAzureADWithApis.Server secrets +## Blazor Microsoft Entra ID with APIs.Server secrets ``` "AzureAd": { diff --git a/BlazorWithApis/ServiceApi/ServiceApi.csproj b/BlazorWithApis/ServiceApi/ServiceApi.csproj index 01fee61..2d9dd8b 100644 --- a/BlazorWithApis/ServiceApi/ServiceApi.csproj +++ b/BlazorWithApis/ServiceApi/ServiceApi.csproj @@ -1,14 +1,14 @@  - net7.0 + net8.0 196b270c-b0c0-4b90-8f04-d3108e701d51 enable enable - + diff --git a/BlazorWithApis/UserApi/UserApi.csproj b/BlazorWithApis/UserApi/UserApi.csproj index 0a6bc84..7071290 100644 --- a/BlazorWithApis/UserApi/UserApi.csproj +++ b/BlazorWithApis/UserApi/UserApi.csproj @@ -1,14 +1,14 @@  - net7.0 + net8.0 aspnet-UserApiOne-2ba0bbf9-49f5-452e-8333-1e33a467b74e enable enable - + diff --git a/ClientCredentialsFlows/ServiceApi/HostingExtensions.cs b/ClientCredentialsFlows/ServiceApi/HostingExtensions.cs index a2741bb..01a4ee9 100644 --- a/ClientCredentialsFlows/ServiceApi/HostingExtensions.cs +++ b/ClientCredentialsFlows/ServiceApi/HostingExtensions.cs @@ -4,11 +4,11 @@ using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.Identity.Web; +using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Logging; using Microsoft.OpenApi.Models; using Serilog; using System; -using System.IdentityModel.Tokens.Jwt; namespace ServiceApi; @@ -89,7 +89,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde public static WebApplication ConfigurePipeline(this WebApplication app) { IdentityModelEventSource.ShowPII = true; - JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); + JsonWebTokenHandler.DefaultInboundClaimTypeMap.Clear(); app.UseSerilogRequestLogging(); diff --git a/ClientCredentialsFlows/ServiceApi/ServiceApi.csproj b/ClientCredentialsFlows/ServiceApi/ServiceApi.csproj index eae03ee..365b465 100644 --- a/ClientCredentialsFlows/ServiceApi/ServiceApi.csproj +++ b/ClientCredentialsFlows/ServiceApi/ServiceApi.csproj @@ -1,25 +1,25 @@  - net7.0 + net8.0 196b270c-b0c0-4b90-8f04-d3108e701d51 enable - + - - + + - - + + - - - + + + diff --git a/ClientCredentialsFlows/ServiceApiClientConsole/ServiceApiClientConsole.csproj b/ClientCredentialsFlows/ServiceApiClientConsole/ServiceApiClientConsole.csproj index 015e695..ee69e2a 100644 --- a/ClientCredentialsFlows/ServiceApiClientConsole/ServiceApiClientConsole.csproj +++ b/ClientCredentialsFlows/ServiceApiClientConsole/ServiceApiClientConsole.csproj @@ -2,17 +2,17 @@ Exe - net7.0 + net8.0 enable enable 78cf2604-554c-4a6e-8846-3505f2c0697d - - - - + + + + diff --git a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/MyServerRenderedPortal.csproj b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/MyServerRenderedPortal.csproj index 26a62b4..5919873 100644 --- a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/MyServerRenderedPortal.csproj +++ b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/MyServerRenderedPortal.csproj @@ -1,24 +1,24 @@  - net7.0 + net8.0 49923f65-f8d2-428e-bb30-b72ca351e521 enable enable - - + + - - - + + + - - - + + + diff --git a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/Pages/CallApi.cshtml b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/Pages/CallApi.cshtml index 7faeae0..20c2ac8 100644 --- a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/Pages/CallApi.cshtml +++ b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/Pages/CallApi.cshtml @@ -6,7 +6,7 @@ }

Call API

-
gets the data from the Azure AD protected Web API
+
gets the data from the Microsoft Entra ID protected Web API
@{ if(Model.DataFromApi != null) diff --git a/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs b/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs index f6d7a30..8ad500d 100644 --- a/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs +++ b/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs @@ -1,8 +1,8 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.Identity.Web; +using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Logging; using Serilog; -using System.IdentityModel.Tokens.Jwt; namespace ServiceApi; @@ -43,7 +43,7 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde public static WebApplication ConfigurePipeline(this WebApplication app) { IdentityModelEventSource.ShowPII = true; - JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); + JsonWebTokenHandler.DefaultInboundClaimTypeMap.Clear(); app.UseSerilogRequestLogging(); diff --git a/ConfidentialClientCredentialsCertificate/ServiceApi/ServiceApi.csproj b/ConfidentialClientCredentialsCertificate/ServiceApi/ServiceApi.csproj index 170825e..0d6beea 100644 --- a/ConfidentialClientCredentialsCertificate/ServiceApi/ServiceApi.csproj +++ b/ConfidentialClientCredentialsCertificate/ServiceApi/ServiceApi.csproj @@ -1,20 +1,20 @@  - net7.0 + net8.0 196b270c-b0c0-4b90-8f04-d3108e701d51 enable enable - - - + + + - - - + + + diff --git a/DecryptionCertificates/ApiDecryptionCertificates/ApiDecryptionCertificates.csproj b/DecryptionCertificates/ApiDecryptionCertificates/ApiDecryptionCertificates.csproj index 45a523c..4dbb987 100644 --- a/DecryptionCertificates/ApiDecryptionCertificates/ApiDecryptionCertificates.csproj +++ b/DecryptionCertificates/ApiDecryptionCertificates/ApiDecryptionCertificates.csproj @@ -1,19 +1,19 @@  - net7.0 + net8.0 aspnet-ApiDecryptionCertificates-2ba0bbf9-49f5-452e-8333-1e33a467b74e enable enable - - - - - - + + + + + + diff --git a/DecryptionCertificates/PortalDecryptionCertificates/Pages/Shared/_LoginPartial.cshtml b/DecryptionCertificates/PortalDecryptionCertificates/Pages/Shared/_LoginPartial.cshtml index 7775930..facfe6a 100644 --- a/DecryptionCertificates/PortalDecryptionCertificates/Pages/Shared/_LoginPartial.cshtml +++ b/DecryptionCertificates/PortalDecryptionCertificates/Pages/Shared/_LoginPartial.cshtml @@ -1,6 +1,6 @@
    -@if (User.Identity.IsAuthenticated) +@if (User.Identity!.IsAuthenticated) {
  • Hello @User.Identity.Name! diff --git a/DecryptionCertificates/PortalDecryptionCertificates/PortalDecryptionCertificates.csproj b/DecryptionCertificates/PortalDecryptionCertificates/PortalDecryptionCertificates.csproj index 12a2f78..58c5fa6 100644 --- a/DecryptionCertificates/PortalDecryptionCertificates/PortalDecryptionCertificates.csproj +++ b/DecryptionCertificates/PortalDecryptionCertificates/PortalDecryptionCertificates.csproj @@ -1,23 +1,23 @@  - net7.0 + net8.0 aspnet-PortalDecryptionCertificates-C5CB1E61-55D5-4D0D-A192-68F28533B4EA enable enable - - + + - - - - - - - + + + + + + + diff --git a/DeviceFlowWeb/DeviceFlowWeb.csproj b/DeviceFlowWeb/DeviceFlowWeb.csproj index b89026a..8d20c22 100644 --- a/DeviceFlowWeb/DeviceFlowWeb.csproj +++ b/DeviceFlowWeb/DeviceFlowWeb.csproj @@ -1,7 +1,7 @@  - net7.0 + net8.0 7953929f-5999-4847-b4b8-2f6cf964f467 enable enable @@ -9,17 +9,17 @@ - - + + - - - - - + + + + + - + diff --git a/DeviceFlowWeb/Pages/Shared/_Layout.cshtml b/DeviceFlowWeb/Pages/Shared/_Layout.cshtml index 313c21a..95a6071 100644 --- a/DeviceFlowWeb/Pages/Shared/_Layout.cshtml +++ b/DeviceFlowWeb/Pages/Shared/_Layout.cshtml @@ -5,7 +5,7 @@ - @ViewData["Title"] - Azure AD Device Flow Web + @ViewData["Title"] - Microsoft Entra ID Device Flow Web @@ -54,7 +54,7 @@
    - © 2023 - Azure AD Device Flow Web + © 2023 - Microsoft Entra ID Device Flow Web
    diff --git a/DeviceFlowWeb/readme.md b/DeviceFlowWeb/readme.md index 4dc8ff2..69f5094 100644 --- a/DeviceFlowWeb/readme.md +++ b/DeviceFlowWeb/readme.md @@ -1,8 +1,8 @@ -# ASP.NET Core auth using Device Code flow and Azure AD +# ASP.NET Core auth using Device Code flow and Microsoft Entra ID https://damienbod.com/2021/01/28/implement-oauth-device-code-flow-with-azure-ad-and-asp-net-core/ -Device Code Flow with Azure AD and app registrations ( RFC 8628 ) +Device Code Flow with Microsoft Entra ID and app registrations ( RFC 8628 ) OAuth 2.0 Device Authorization Grant diff --git a/DownstreamApis/UserApiOne/Program.cs b/DownstreamApis/UserApiOne/Program.cs index 5a22ff3..7b63bbb 100644 --- a/DownstreamApis/UserApiOne/Program.cs +++ b/DownstreamApis/UserApiOne/Program.cs @@ -6,8 +6,6 @@ using System.IdentityModel.Tokens.Jwt; using UserApiOne; -JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); - var builder = WebApplication.CreateBuilder(args); builder.Services.AddTransient(); diff --git a/DownstreamApis/UserApiOne/UserApiOne.csproj b/DownstreamApis/UserApiOne/UserApiOne.csproj index 0a6bc84..7071290 100644 --- a/DownstreamApis/UserApiOne/UserApiOne.csproj +++ b/DownstreamApis/UserApiOne/UserApiOne.csproj @@ -1,14 +1,14 @@  - net7.0 + net8.0 aspnet-UserApiOne-2ba0bbf9-49f5-452e-8333-1e33a467b74e enable enable - + diff --git a/DownstreamApis/UserApiTwo/Program.cs b/DownstreamApis/UserApiTwo/Program.cs index ad98e00..a0cd3e0 100644 --- a/DownstreamApis/UserApiTwo/Program.cs +++ b/DownstreamApis/UserApiTwo/Program.cs @@ -2,8 +2,8 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc.Authorization; using Microsoft.Identity.Web; +using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.OpenApi.Models; -using System.IdentityModel.Tokens.Jwt; var builder = WebApplication.CreateBuilder(args); @@ -61,7 +61,7 @@ var app = builder.Build(); -JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); +JsonWebTokenHandler.DefaultInboundClaimTypeMap.Clear(); if (!app.Environment.IsDevelopment()) { diff --git a/DownstreamApis/UserApiTwo/UserApiTwo.csproj b/DownstreamApis/UserApiTwo/UserApiTwo.csproj index 920dc01..ebf986f 100644 --- a/DownstreamApis/UserApiTwo/UserApiTwo.csproj +++ b/DownstreamApis/UserApiTwo/UserApiTwo.csproj @@ -1,13 +1,13 @@  - net7.0 + net8.0 enable enable - + diff --git a/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml b/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml index 12ec539..66f597b 100644 --- a/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml +++ b/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml @@ -6,7 +6,7 @@ }

    Call API

    -
    gets the data from the Azure AD protected Web API
    +
    gets the data from the Microsoft Entra ID protected Web API
    @Model.DataFromApi
    diff --git a/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj b/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj index 59a9e35..331f71a 100644 --- a/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj +++ b/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj @@ -1,16 +1,16 @@  - net7.0 + net8.0 aspnet-WebAppUserApis-C5CB1E61-55D5-4D0D-A192-68F28533B4EA enable enable - - - + + + diff --git a/README.md b/README.md index 33f68b4..a825859 100644 --- a/README.md +++ b/README.md @@ -4,85 +4,57 @@ # Blogs -- [Implement Azure AD Client credentials flow using Client Certificates for service APIs](https://damienbod.com/2020/10/01/implement-azure-ad-client-credentials-flow-using-client-certificates-for-service-apis/) +- [Implement Microsoft Entra ID Client credentials flow using Client Certificates for service APIs](https://damienbod.com/2020/10/01/implement-azure-ad-client-credentials-flow-using-client-certificates-for-service-apis/) - [Using Key Vault certificates with Microsoft.Identity.Web and ASP.NET Core applications](https://damienbod.com/2020/10/09/using-key-vault-certificates-with-microsoft-identity-web-and-asp-net-core-applications/) - [Using encrypted access tokens in Azure with Microsoft.Identity.Web and Azure App registrations](https://damienbod.com/2020/10/22/using-encrypted-access-tokens-in-azure-with-microsoft-identity-web-and-azure-app-registrations/) -- [Implement a Web APP and an ASP.NET Core Secure API using Azure AD which delegates to a second API](https://damienbod.com/2020/11/09/implement-a-web-app-and-an-asp-net-core-secure-api-using-azure-ad-which-delegates-to-second-api/) -- [Using multiple APIs in Angular and ASP.NET Core with Azure AD authentication](https://damienbod.com/2020/12/08/using-multiple-apis-in-angular-and-asp-net-core-with-azure-ad-authentication/) -- [Using multiple APIs in Blazor with Azure AD authentication](https://damienbod.com/2020/12/14/using-multiple-apis-in-blazor-with-azure-ad-authentication/) -- [Azure AD Access Token Lifetime Policy Management in ASP.NET Core](https://damienbod.com/2021/01/05/azure-ad-access-token-lifetime-policy-management-in-asp-net-core/) -- [Implement OAUTH Device Code Flow with Azure AD and ASP.NET Core](https://damienbod.com/2021/01/28/implement-oauth-device-code-flow-with-azure-ad-and-asp-net-core/) -- [Implement app roles authorization with Azure AD and ASP.NET Core](https://damienbod.com/2021/02/01/implement-app-roles-authorization-with-azure-ad-and-asp-net-core/) +- [Implement a Web APP and an ASP.NET Core Secure API using Microsoft Entra ID which delegates to a second API](https://damienbod.com/2020/11/09/implement-a-web-app-and-an-asp-net-core-secure-api-using-azure-ad-which-delegates-to-second-api/) +- [Using multiple APIs in Angular and ASP.NET Core with Microsoft Entra ID authentication](https://damienbod.com/2020/12/08/using-multiple-apis-in-angular-and-asp-net-core-with-azure-ad-authentication/) +- [Using multiple APIs in Blazor with Microsoft Entra ID authentication](https://damienbod.com/2020/12/14/using-multiple-apis-in-blazor-with-azure-ad-authentication/) +- [Microsoft Entra ID Access Token Lifetime Policy Management in ASP.NET Core](https://damienbod.com/2021/01/05/azure-ad-access-token-lifetime-policy-management-in-asp-net-core/) +- [Implement OAUTH Device Code Flow with Microsoft Entra ID and ASP.NET Core](https://damienbod.com/2021/01/28/implement-oauth-device-code-flow-with-azure-ad-and-asp-net-core/) +- [Implement app roles authorization with Microsoft Entra ID and ASP.NET Core](https://damienbod.com/2021/02/01/implement-app-roles-authorization-with-azure-ad-and-asp-net-core/) - [Securing Blazor Web assembly using cookies](https://damienbod.com/2021/03/08/securing-blazor-web-assembly-using-cookies/) -- [Implementing authorization in Blazor ASP.NET Core applications using Azure AD security groups](https://damienbod.com/2022/02/21/implementing-authorization-in-blazor-asp-net-core-applications-using-azure-ad-security-groups/) -- [Implementing OAuth2 APP to APP security using Azure AD from a Web APP](https://damienbod.com/2022/03/28/implementing-oauth2-app-to-app-security-using-azure-ad-from-a-web-app/) +- [Implementing authorization in Blazor ASP.NET Core applications using Microsoft Entra ID security groups](https://damienbod.com/2022/02/21/implementing-authorization-in-blazor-asp-net-core-applications-using-azure-ad-security-groups/) +- [Implementing OAuth2 APP to APP security using Microsoft Entra ID from a Web APP](https://damienbod.com/2022/03/28/implementing-oauth2-app-to-app-security-using-azure-ad-from-a-web-app/) ## History -2023-08-14 Updated downstream APIs solution - -2023-08-14 Updated packages - -2023-05-05 Updated packages - -2023-03-12 Updated .NET 7, updated nuget packages, implicit usings - -2022-10-09 Updated nuget packages - -2022-08-01 Updated nuget packages - -2022-04-03 Updated nuget packages, added nullable to projects, added CC flow demo - -2022-02-19 Updated nuget packages - -2022-01-07 Updated nuget packages - -2021-11-04 Updated to .NET 6 - -2021-08-13 Updated Blazor BFF app and fixed login button - -2021-07-03 Microsoft.Identity.Web to 1.14, Angular OIDC V12 - -2021-06-20 Microsoft.Identity.Web to 1.13.1 - -2021-06-06 Microsoft.Identity.Web to 1.12 - -2021-05-13 Microsoft.Identity.Web to 1.9.2, updated packages - -2021-04-15 Microsoft.Identity.Web to 1.9.1 - -2021-03-11 Microsoft.Identity.Web to 1.8.0 - -2021-03-05 Microsoft.Identity.Web to 1.7.0 - -2021-02-13 Added MSAL exception handling, Microsoft.Identity.Web to 1.6.0 - -2021-02-01 Added app roles authorization example - -2021-01-28 Added device code flow, Microsoft.Identity.Web to 1.5.1 - -2021-01-19 Updated nuget, npm packages, moved to latest secrets access for certs in Key Vault - -2021-01-05 Added token management, updated Microsoft.Identity.Web to 1.4.1 - -2020-12-14 Using multiple APIs in Blazor with Azure AD authentication - -2020-12-12 Updated Microsoft.Identity.Web to 1.4.0 - -2020-12-08 Added Using multiple APIs in Angular and ASP.NET Core with Azure AD authentication - -2020-12-04 Updated to .NET 5 - -2020-11-15 Updated Microsoft.Identity.Web to 1.3.0 - -2020-10-25 Updated Microsoft.Identity.Web to 1.2.0 - +- 2023-08-14 Updated .NET 8 +- 2023-08-14 Updated downstream APIs solution +- 2023-08-14 Updated packages +- 2023-05-05 Updated packages +- 2023-03-12 Updated .NET 7, updated nuget packages, implicit usings +- 2022-10-09 Updated nuget packages +- 2022-08-01 Updated nuget packages +- 2022-04-03 Updated nuget packages, added nullable to projects, added CC flow demo +- 2022-02-19 Updated nuget packages +- 2022-01-07 Updated nuget packages +- 2021-11-04 Updated to .NET 6 +- 2021-08-13 Updated Blazor BFF app and fixed login button +- 2021-07-03 Microsoft.Identity.Web to 1.14, Angular OIDC V12 +- 2021-06-20 Microsoft.Identity.Web to 1.13.1 +- 2021-06-06 Microsoft.Identity.Web to 1.12 +- 2021-05-13 Microsoft.Identity.Web to 1.9.2, updated packages +- 2021-04-15 Microsoft.Identity.Web to 1.9.1 +- 2021-03-11 Microsoft.Identity.Web to 1.8.0 +- 2021-03-05 Microsoft.Identity.Web to 1.7.0 +- 2021-02-13 Added MSAL exception handling, Microsoft.Identity.Web to 1.6.0 +- 2021-02-01 Added app roles authorization example +- 2021-01-28 Added device code flow, Microsoft.Identity.Web to 1.5.1 +- 2021-01-19 Updated nuget, npm packages, moved to latest secrets access for certs in Key Vault +- 2021-01-05 Added token management, updated Microsoft.Identity.Web to 1.4.1 +- 2020-12-14 Using multiple APIs in Blazor with Microsoft Entra ID authentication +- 2020-12-12 Updated Microsoft.Identity.Web to 1.4.0 +- 2020-12-08 Added Using multiple APIs in Angular and ASP.NET Core with Microsoft Entra ID authentication +- 2020-12-04 Updated to .NET 5 +- 2020-11-15 Updated Microsoft.Identity.Web to 1.3.0 +- 2020-10-25 Updated Microsoft.Identity.Web to 1.2.0 ## Links Private key JWT Client authentication https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#second-case-access-token-request-with-a-certificate -## Links Azure Client credentials flow +## Links Microsoft Entra ID Client credentials flow https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Client-credential-flows diff --git a/TokenManagement/TokenManagement.csproj b/TokenManagement/TokenManagement.csproj index c689156..c01aa10 100644 --- a/TokenManagement/TokenManagement.csproj +++ b/TokenManagement/TokenManagement.csproj @@ -1,17 +1,17 @@  - net7.0 + net8.0 4b0196c4-1d74-41da-800a-2e0905495943 enable enable - - - - + + + +