update the ASP.NET Core Web API tutorial ASP.NET Core 3.0 (#111)

* Updating the first folder to ASP.NET Core 3.0 and Microsoft.Identity.Web
- updating Program.cs and Startup.cs
* Synching Folder 1 with relevant content of Folder 2 which was better
* Updating the second folder to ASP.NET core 3.0
* Updating the third folder to ASP.NET Core 3.0
* Updating the test project to .NET Core 3.0

Author: jmprieur

.gitignore

@@ -188,3 +188,4 @@ artifacts/
 /2. Web API now calls Microsoft Graph/AppCreationScripts/createdApps.html
 /2. Web API now calls Microsoft Graph/AppCreationScripts/Steps.md
 /1. Desktop app calls Web API/AppCreationScripts/Steps.md
+/3.-Web-api-call-Microsoft-graph-for-personal-accounts/AppCreationScripts/createdApps.html

1. Desktop app calls Web API/TodoListClient/App.xaml.cs

@@ -1,4 +1,7 @@
-using System.Windows;
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Windows;
 
 namespace TodoListClient
 {

1. Desktop app calls Web API/TodoListClient/MainWindow.xaml.cs

@@ -1,36 +1,18 @@
-/*
- The MIT License (MIT)
-
-Copyright (c) 2018 Microsoft Corporation
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-*/
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 using Microsoft.Identity.Client;
 using Newtonsoft.Json;
 using System.Collections.Generic;
 using System.Configuration;
+using System.Diagnostics;
 // The following using statements were added for this sample.
 using System.Globalization;
+using System.IO;
 using System.Linq;
 using System.Net.Http;
 using System.Net.Http.Headers;
+using System.Reflection;
 using System.Text;
 using System.Threading.Tasks;
 using System.Windows;
@@ -55,18 +37,25 @@ public partial class MainWindow : Window
 
         private static readonly string Authority = string.Format(CultureInfo.InvariantCulture, AadInstance, Tenant);
 
-        //
-        // To authenticate to the To Do list service, the client needs to know the service's App ID URI.
-        // To contact the To Do list service we need it's URL as well.
-        //
+        // To authenticate to the To Do list service, the client needs to know the service's App ID URI and URL
+
         private static readonly string TodoListScope = ConfigurationManager.AppSettings["todo:TodoListScope"];
         private static readonly string TodoListBaseAddress = ConfigurationManager.AppSettings["todo:TodoListBaseAddress"];
         private static readonly string[] Scopes = { TodoListScope };
+        private static string TodoListApiAddress
+        {
+            get
+            {
+                string baseAddress = TodoListBaseAddress;
+                return baseAddress.EndsWith("/") ? TodoListBaseAddress + "api/todolist"
+                                                 : TodoListBaseAddress + "/api/todolist";
+            }
+        }
 
         private readonly HttpClient _httpClient = new HttpClient();
         private readonly IPublicClientApplication _app;
 
-        // Button strings
+        // Button content
         const string SignInString = "Sign In";
         const string ClearCacheString = "Clear Cache";
 
@@ -84,7 +73,7 @@ public MainWindow()
 
         private void GetTodoList()
         {
-            GetTodoList(SignInButton.Content.ToString() != ClearCacheString);
+            GetTodoList(SignInButton.Content.ToString() != ClearCacheString).ConfigureAwait(false);
         }
 
         private async Task GetTodoList(bool isAppStarting)
@@ -95,9 +84,8 @@ private async Task GetTodoList(bool isAppStarting)
                 SignInButton.Content = SignInString;
                 return;
             }
-            //
+
             // Get an access token to call the To Do service.
-            //
             AuthenticationResult result = null;
             try
             {
@@ -135,29 +123,42 @@ private async Task GetTodoList(bool isAppStarting)
                 return;
             }
 
-            // Once the token has been returned by ADAL, add it to the http authorization header, before making the call to access the To Do list service.
+            // Once the token has been returned by MSAL, add it to the http authorization header, before making the call to access the To Do list service.
             _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
 
             // Call the To Do list service.
-            HttpResponseMessage response = await _httpClient.GetAsync(TodoListBaseAddress + "/api/todolist");
+            HttpResponseMessage response = await _httpClient.GetAsync(TodoListApiAddress);
 
             if (response.IsSuccessStatusCode)
             {
-
                 // Read the response and data-bind to the GridView to display To Do items.
                 string s = await response.Content.ReadAsStringAsync();
                 List<TodoItem> toDoArray = JsonConvert.DeserializeObject<List<TodoItem>>(s);
 
                 Dispatcher.Invoke(() =>
                 {
-
                     TodoList.ItemsSource = toDoArray.Select(t => new { t.Title });
                 });
             }
             else
             {
-                string failureDescription = await response.Content.ReadAsStringAsync();
-                MessageBox.Show($"{response.ReasonPhrase}\n {failureDescription}", "An error occurred while getting /api/todolist", MessageBoxButton.OK);
+                await DisplayErrorMessage(response);
+            }
+        }
+
+        private static async Task DisplayErrorMessage(HttpResponseMessage httpResponse)
+        {
+            string failureDescription = await httpResponse.Content.ReadAsStringAsync();
+            if (failureDescription.StartsWith("<!DOCTYPE html>"))
+            {
+                string path = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
+                string errorFilePath = Path.Combine(path, "error.html");
+                File.WriteAllText(errorFilePath, failureDescription);
+                Process.Start(errorFilePath);
+            }
+            else
+            {
+                MessageBox.Show($"{httpResponse.ReasonPhrase}\n {failureDescription}", "An error occurred while getting /api/todolist", MessageBoxButton.OK);
             }
         }
 
@@ -176,17 +177,19 @@ private async void AddTodoItem(object sender, RoutedEventArgs e)
                 return;
             }
 
-            //
             // Get an access token to call the To Do service.
-            //
             AuthenticationResult result = null;
             try
             {
                 result = await _app.AcquireTokenSilent(Scopes, accounts.FirstOrDefault())
                     .ExecuteAsync()
                     .ConfigureAwait(false);
-                SetUserName(result.Account);
-                UserName.Content = Properties.Resources.UserNotSignedIn;
+
+                Dispatcher.Invoke(() =>
+                {
+                    SetUserName(result.Account);
+                    UserName.Content = Properties.Resources.UserNotSignedIn;
+                });
             }
             // There is no access token in the cache, so prompt the user to sign-in.
             catch (MsalUiRequiredException)
@@ -217,7 +220,7 @@ private async void AddTodoItem(object sender, RoutedEventArgs e)
             // Call the To Do service.
             //
 
-            // Once the token has been returned by ADAL, add it to the http authorization header, before making the call to access the To Do service.
+            // Once the token has been returned by MSAL, add it to the http authorization header, before making the call to access the To Do service.
             _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
 
             // Forms encode Todo item, to POST to the todo list web api.
@@ -227,7 +230,7 @@ private async void AddTodoItem(object sender, RoutedEventArgs e)
 
             // Call the To Do list service.
 
-            HttpResponseMessage response = await _httpClient.PostAsync(TodoListBaseAddress + "/api/todolist", content);
+            HttpResponseMessage response = await _httpClient.PostAsync(TodoListApiAddress, content);
 
             if (response.IsSuccessStatusCode)
             {
@@ -236,8 +239,7 @@ private async void AddTodoItem(object sender, RoutedEventArgs e)
             }
             else
             {
-                string failureDescription = await response.Content.ReadAsStringAsync();
-                MessageBox.Show($"{response.ReasonPhrase}\n {failureDescription}", "An error occurred while posting to /api/todolist", MessageBoxButton.OK);
+                    await DisplayErrorMessage(response);
             }
         }
 
@@ -262,18 +264,13 @@ private async void SignIn(object sender = null, RoutedEventArgs args = null)
                 return;
             }
 
-            //
             // Get an access token to call the To Do list service.
-            //
             try
             {
-                // Force a sign-in (PromptBehavior.Always), as the ADAL web browser might contain cookies for the current user, and using .Auto
-                // would re-sign-in the same user
-                var result = await _app.AcquireTokenInteractive(Scopes)
-                    .WithAccount(accounts.FirstOrDefault())
-                    .WithPrompt(Prompt.SelectAccount)
+                var result = await _app.AcquireTokenSilent(Scopes, accounts.FirstOrDefault())
                     .ExecuteAsync()
                     .ConfigureAwait(false);
+
                 Dispatcher.Invoke(() =>
                 {
                     SignInButton.Content = ClearCacheString;
@@ -282,25 +279,49 @@ private async void SignIn(object sender = null, RoutedEventArgs args = null)
                 }
                 );
             }
-            catch (MsalException ex)
+            catch (MsalUiRequiredException)
             {
-                if (ex.ErrorCode == "access_denied")
-                {
-                    // The user canceled sign in, take no action.
+            try
+            {
+                    // Force a sign-in (Prompt.SelectAccount), as the MSAL web browser might contain cookies for the current user
+                    // and we don't necessarily want to re-sign-in the same user
+                    var result = await _app.AcquireTokenInteractive(Scopes)
+                        .WithAccount(accounts.FirstOrDefault())
+                        .WithPrompt(Prompt.SelectAccount)
+                        .ExecuteAsync()
+                        .ConfigureAwait(false);
+
+                    Dispatcher.Invoke(() =>
+                    {
+                        SignInButton.Content = ClearCacheString;
+                        SetUserName(result.Account);
+                        GetTodoList();
+                    }
+                    );
                 }
-                else
+                catch (MsalException ex)
                 {
-                    // An unexpected error occurred.
-                    string message = ex.Message;
-                    if (ex.InnerException != null)
+                    if (ex.ErrorCode == "access_denied")
                     {
-                        message += "Error Code: " + ex.ErrorCode + "Inner Exception : " + ex.InnerException.Message;
+                        // The user canceled sign in, take no action.
                     }
+                    else
+                    {
+                        // An unexpected error occurred.
+                        string message = ex.Message;
+                        if (ex.InnerException != null)
+                        {
+                            message += "Error Code: " + ex.ErrorCode + "Inner Exception : " + ex.InnerException.Message;
+                        }
 
                     MessageBox.Show(message);
                 }
 
-                UserName.Content = Properties.Resources.UserNotSignedIn;
+                    Dispatcher.Invoke(() =>
+                    {
+                        UserName.Content = Properties.Resources.UserNotSignedIn;
+                    });
+                }
             }
         }
 

1. Desktop app calls Web API/TodoListClient/TodoItem.cs

@@ -1,26 +1,5 @@
-/*
- The MIT License (MIT)
-
-Copyright (c) 2018 Microsoft Corporation
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-*/
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 namespace TodoListClient
 {

1. Desktop app calls Web API/TodoListClient/TokenCacheHelper.cs

@@ -1,29 +1,5 @@
-//------------------------------------------------------------------------------
-//
-// Copyright (c) Microsoft Corporation.
-// All rights reserved.
-//
-// This code is licensed under the MIT License.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files(the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions :
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-//
-//------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
 
 using System.IO;
 using System.Security.Cryptography;
@@ -32,8 +8,7 @@
 namespace TodoListClient
 {
     static class TokenCacheHelper
-    {
- 
+    { 
         /// <summary>
         /// Path to the token cache
         /// </summary>