Reputation: 5048
How to authenticate web api in WPF app using Azure AD
I use this code inside my WPF app:
var app = PublicClientApplicationBuilder.Create(_clientId)
.WithRedirectUri("http://localhost/")
.WithAuthority(AzureCloudInstance.AzurePublic, _tenantId).Build();
try
{
result = await app.AcquireTokenInteractive(scopes).ExecuteAsync();
}
catch (MsalUiRequiredException)
{
return Result<UserMetadata>.NotAuthorized("There was on error");
}
and it works great. Now I can call my WEB API and send "Bearer token" header to all endpoints. (Where token is access_token property I get from result)
In web api I just do:
_ = services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
and it works.
However, I don't want all endpoints to be protected by this method (I have other auth mechanism) My idea is to get "code" variable somehow on client (the on that was set on browser window, but unfortunatelly not returned in my C# code as result), sent it on server and inside specific controller try to "login" user (get access_token from that code)
Reason is that I already have my own auth mechanism that is based on users table in my database.
Upvotes: 1
Views: 423
Answers (1)
Reputation: 4870
If I understand it correctly, you want to protect only selected API endpoints by using AD. You can certainly do this by setting up you Startup.cs like below:
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer("AAD", jwtOptions =>
{
jwtOptions.Authority = $"{appConfiguration.AppSettings.AadInstance}/{appConfiguration.AppSettings.AadDomain}";
jwtOptions.Audience = appConfiguration.AppSettings.AadClientId;
jwtOptions.Events = new JwtBearerEvents
{
OnAuthenticationFailed = arg =>
{
// invoked if authentication fails
return Task.FromResult(0);
}
};
});
services.AddAuthorization(options =>
{
options.DefaultPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().AddAuthenticationSchemes("AAD").Build();
options.AddPolicy("AAD", new AuthorizationPolicyBuilder().RequireAuthenticatedUser().AddAuthenticationSchemes("AAD").Build());
});
And, add an attribute to the desired Controller/Action method to be protected like below:
[Authorize(Policy = "AAD")]
Upvotes: 1
Related Questions
- Authentication to a Azure AD (auth 2.0) WebAPI from WPF-desktop app on .NET Core
- How to do Authentication & Authorization Azure AD App, using C# WEBAPI (token based) .netcore
- How to validate a WPF application Azure Token in a Web API in Server machine
- Authenticating a user in Azure AD through a web api?
- Microsoft Azure authentication with c# web api
- Authentication for web api using azure AD
- How to use Azure AD Authentication Library to sign in to WPF app?
- Azure API APP authentication using Azure AD
- Authenticate client application with Azure Active Directory
- Windows Forms or WPF Desktop App logging in to azure AD with MFA to access web api