Pulling Auth into Startup.Auth.cs

Author: dstrockis

TodoListService/App_Start/Startup.Auth.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNet.Builder;
+using System;
+
+namespace TodoListService
+{
+    public partial class Startup
+    {
+        public void ConfigureAuth(IApplicationBuilder app)
+        {
+            // Configure the app to use OAuth Bearer Authentication
+            app.UseOAuthBearerAuthentication(options =>
+            {
+                options.Audience = Configuration.Get("AzureAd:Audience");
+                options.Authority = String.Format(Configuration.Get("AzureAd:AadInstance"), Configuration.Get("AzureAd:Tenant"));
+            });
+        }
+    }
+}

TodoListService/Startup.cs

@@ -13,7 +13,7 @@
 
 namespace TodoListService
 {
-    public class Startup
+    public partial class Startup
     {
         public Startup(IHostingEnvironment env)
         {
@@ -34,12 +34,7 @@ public void ConfigureServices(IServiceCollection services)
         // Configure is called after ConfigureServices is called.
         public void Configure(IApplicationBuilder app, IHostingEnvironment env)
         {
-            // Configure the app to use OAuth Bearer Authentication
-            app.UseOAuthBearerAuthentication(options =>
-            {
-                options.Audience = Configuration.Get("AzureAd:Audience");
-                options.Authority = String.Format(Configuration.Get("AzureAd:AadInstance"), Configuration.Get("AzureAd:Tenant"));
-            });
+            ConfigureAuth(app);
 
             app.UseStaticFiles();
             // Add MVC to the request pipeline.

TodoListWebApp/App_Start/Startup.Auth.cs

@@ -0,0 +1,59 @@
+using Microsoft.AspNet.Builder;
+using Microsoft.AspNet.Security;
+using Microsoft.AspNet.Security.Cookies;
+using Microsoft.AspNet.Security.Notifications;
+using Microsoft.AspNet.Security.OpenIdConnect;
+using Microsoft.Framework.DependencyInjection;
+using Microsoft.IdentityModel.Clients.ActiveDirectory;
+using System;
+using System.Threading.Tasks;
+using TodoListWebApp.Utils;
+
+namespace TodoListWebApp
+{
+    public partial class Startup
+    {
+        public static string Authority = String.Empty;
+        public static string ClientId = String.Empty;
+        public static string AppKey = String.Empty;
+        public static string TodoListResourceId = String.Empty;
+        public static string TodoListBaseAddress = String.Empty;
+
+        public void ConfigureAuth(IApplicationBuilder app)
+        {
+            // Populate AzureAd Configuration Values
+            Authority = String.Format(Configuration.Get("AzureAd:AadInstance"), Configuration.Get("AzureAd:Tenant"));
+            ClientId = Configuration.Get("AzureAd:ClientId");
+            AppKey = Configuration.Get("AzureAd:AppKey");
+            TodoListResourceId = Configuration.Get("AzureAd:TodoListResourceId");
+            TodoListBaseAddress = Configuration.Get("AzureAd:TodoListBaseAddress");
+
+            // Configure the Session Middleware, Used for Storing Tokens
+            app.UseSession();
+
+            // Configure OpenId Connect Authentication Middleware
+            app.UseCookieAuthentication(options => { });
+            app.UseOpenIdConnectAuthentication(options =>
+            {
+                options.ClientId = Configuration.Get("AzureAd:ClientId");
+                options.Authority = Authority;
+                options.PostLogoutRedirectUri = Configuration.Get("AzureAd:PostLogoutRedirectUri");
+                options.Notifications = new OpenIdConnectAuthenticationNotifications
+                {
+                    AuthorizationCodeReceived = OnAuthorizationCodeReceived
+                };
+            });
+        }
+
+        public async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification notification)
+        {
+            // Acquire a Token for the TodoList Web API, and Cache it For Later Use
+            string userObjectId = notification.AuthenticationTicket.Principal.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
+            ClientCredential clientCred = new ClientCredential(ClientId, AppKey);
+            AuthenticationContext authContext = new AuthenticationContext(Authority, new NaiveSessionCache(userObjectId, notification.HttpContext.Session));
+            AuthenticationResult authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(
+                notification.Code, new Uri(notification.RedirectUri), clientCred, Startup.TodoListResourceId);
+
+        }
+    }
+}

TodoListWebApp/Startup.cs

@@ -21,26 +21,14 @@
 
 namespace TodoListWebApp
 {
-    public class Startup
+    public partial class Startup
     {
-        public static string Authority = String.Empty;
-        public static string ClientId = String.Empty;
-        public static string AppKey = String.Empty;
-        public static string TodoListResourceId = String.Empty;
-        public static string TodoListBaseAddress = String.Empty;
-
         public Startup(IHostingEnvironment env)
         {
             // Setup configuration sources.
             Configuration = new Configuration()
                 .AddJsonFile("config.json")
                 .AddEnvironmentVariables();
-
-            Authority = String.Format(Configuration.Get("AzureAd:AadInstance"), Configuration.Get("AzureAd:Tenant"));
-            ClientId = Configuration.Get("AzureAd:ClientId");
-            AppKey = Configuration.Get("AzureAd:AppKey");
-            TodoListResourceId = Configuration.Get("AzureAd:TodoListResourceId");
-            TodoListBaseAddress = Configuration.Get("AzureAd:TodoListBaseAddress");
         }
 
         public IConfiguration Configuration { get; set; }
@@ -50,14 +38,16 @@ public void ConfigureServices(IServiceCollection services)
         {
             // Add MVC services to the services container.
             services.AddMvc();
+
+            // Add Session Middleware
             services.AddCachingServices();
             services.AddSessionServices();
 
+            // Add Cookie Middleware
             services.Configure<ExternalAuthenticationOptions>(options =>
             {
                 options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
             });
-
         }
 
         // Configure is called after ConfigureServices is called.
@@ -67,7 +57,6 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
             // Add the console logger.
             loggerfactory.AddConsole();
 
-
             // Add the following to the request pipeline only in development environment.
             if (string.Equals(env.EnvironmentName, "Development", StringComparison.OrdinalIgnoreCase))
             {
@@ -81,26 +70,8 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                 app.UseErrorHandler("/Home/Error");
             }
 
-            // Add static files to the request pipeline.
-            app.UseStaticFiles();
-
-            // Configure the app with session middleware, which we will use to store tokens.
-            app.UseSession();
-
-            // Configure the OWIN Pipeline to use OpenID Connect Authentication
-            app.UseCookieAuthentication(options => { });
-
-            app.UseOpenIdConnectAuthentication(options =>
-            {
-                options.ClientId = Configuration.Get("AzureAd:ClientId");
-                options.Authority = Authority;
-                options.PostLogoutRedirectUri = Configuration.Get("AzureAd:PostLogoutRedirectUri");
-                options.RedirectUri = Configuration.Get("AzureAd:PostLogoutRedirectUri");
-                options.Notifications = new OpenIdConnectAuthenticationNotifications
-                {
-                    AuthorizationCodeReceived = OnAuthorizationCodeReceived
-                };
-            });
+            // Configure the OpenIdConnect Auth Pipeline and required services.
+            ConfigureAuth(app);
 
             // Add MVC to the request pipeline.
             app.UseMvc(routes =>
@@ -114,15 +85,5 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                 // routes.MapWebApiRoute("DefaultApi", "api/{controller}/{id?}");
             });
         }
-
-        public async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification notification)
-        {
-            string userObjectId = notification.AuthenticationTicket.Principal.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
-            ClientCredential clientCred = new ClientCredential(ClientId, AppKey);
-            AuthenticationContext authContext = new AuthenticationContext(Authority, new NaiveSessionCache(userObjectId, notification.HttpContext.Session));
-            AuthenticationResult authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(
-                notification.Code, new Uri(notification.RedirectUri), clientCred, Startup.TodoListResourceId);
-
-        }
     }
 }