CODEWITHSUNDEEP
azure-active-directoryblazorblazor-webassembly
dvkwong
dvkwong

Reputation: 543

How to authenticate Blazor WebAssembly to Blazor Server api with Azure AD authentication

I have created 2 projects a Blazor WebAssembly and Blazor Server API using .NET 5. I am able to login successfully to both applications independently using Azure AD with single sign on. Both apps are currently deployed on prem.

Now I want to secure the Server API but am having trouble configuring the Blazor Webassembly to authenticate with the server api using httpClient. I am getting confused with what to set the scope to in web assembly as most examples use Graph or Identity Server. Anyone have a working example or can lead me in the right direction? Thanks

public class ServerAuthorizationMessageHandler : AuthorizationMessageHandler
{
    public ServerAuthorizationMessageHandler(IAccessTokenProvider provider, IConfiguration configuration,
        NavigationManager navigationManager)
        : base(provider, navigationManager)
    {
        var serverUrl = configuration["AppSettings:ServerUrl"];

        ConfigureHandler(
           authorizedUrls: new[] { serverUrl },
           scopes: new[] { "api://lkjlkj/ReadAccess" }
        );
    }
}

Program.cs

builder.Services.AddHttpClient("Server", client => client.BaseAddress = new Uri(serverUrl))
          .AddHttpMessageHandler<ServerAuthorizationMessageHandler>();

        builder.Services.AddMsalAuthentication(options =>
        {
            builder.Configuration.Bind("AzureAd", options.ProviderOptions.Authentication);
            options.ProviderOptions.DefaultAccessTokenScopes.Add("???????");

Upvotes: 0

Views: 230

Answers (1)

dvkwong
dvkwong

Reputation: 543

Doh! Visual Studio 2019 has a Blazor template built in with this exact scenario!!

Select Blazor Web Assembly and select the option to host in ASP .NET core

Upvotes: 1

Related Questions