Reputation: 1
Broken AntiforgeryToken with Microsoft MSAL
I'm working with ASP.Net MVC and I have a problem using MSAL while authenticating a User. This is because, as we use AntiforgeryToken, when the user sign in in the page of Microsoft, the token breaks and we get an error related to the token.
My question is, is there a way to keep the token even after being redirected from Microsoft login page? Or can I recreate it?
I've search on other questions and google and found nothing.
Thank you.
Upvotes: 0
Views: 139
Answers (1)
Reputation: 805
Yes you can save the token in your application like this:
[AuthorizeForScopes(Scopes = new[] { "user.read" })]
public async Task<IActionResult> Profile()
{
// Acquire the access token.
string[] scopes = new string[]{"user.read"};
string accessToken = await tokenAcquisition.GetAccessTokenForUserAsync(scopes);
context.Token = accessToken;
}
Alternatively, you can explicitly acquire tokens by using the acquire-token methods as described in the core MSAL library. The MSAL wrapper provides the HTTP interceptor, which will automatically acquire access tokens silently and attach them to the HTTP requests to APIs.
Upvotes: 1
Related Questions
- AntiForgeryToken Error in ASP.NET MVC 5 app
- mvc 6 generates antiforgerytoken only once
- MVC AntiForgeryToken exception - Handle globally
- anti-forgery token error
- Dealing with missing/invalid AntiForgeryTokens in ASP.NET MVC
- How to pass through the AntiForgeryToken in MVC
- How to invalidate AntiForgeryToken Asp.Net MVC 3
- AntiForgeryToken deprecated in ASP.Net MVC 4 RC
- MVC3 AntiForgeryToken Issue
- ASP.NET MVC AntiForgeryToken throwing its exception on GET?