-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] HttpContext.GetTokenAsync("access_token") returns always null when using EnableTokenAcquisitionToCallDownstreamApi() #929
Comments
This is my current workaround for this problem: public void ConfigureServices(IServiceCollection services)
{
// Adds Microsoft Identity platform (AAD v2.0) support to protect this API
var authBuilder = services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(configuration);
// get JwtBearerOptions before calling EnableTokenAcquisitionToCallDownstreamApi()
using var sp = services.BuildServiceProvider();
var jwtOptionsSnapshot = sp.GetRequiredService<IOptionsSnapshot<JwtBearerOptions>>();
var jwtOptions = jwtOptionsSnapshot.Get(JwtBearerDefaults.AuthenticationScheme);
authBuilder.EnableTokenAcquisitionToCallDownstreamApi()
.AddMicrosoftGraph()
.AddInMemoryTokenCaches();
// apply config from MicrosoftIdentityWebApiAuthenticationBuilder.cs without "context.Success();"
services.AddOptions<JwtBearerOptions>(JwtBearerDefaults.AuthenticationScheme)
.Configure<IServiceProvider>((options, serviceProvider) =>
{
var onTokenValidatedHandler = jwtOptions.Events.OnTokenValidated;
options.Events.OnTokenValidated = async context =>
{
await onTokenValidatedHandler(context).ConfigureAwait(false);
context.HttpContext.Items.Add("JwtSecurityTokenUsedToCallWebAPI", context.SecurityToken as JwtSecurityToken);
};
});
// ...
} |
It works fine for me when I use |
@jordykrul Thank you for the suggestion. But I am using a library that is using |
public void ConfigureServices(IServiceCollection services)
{
// Adds Microsoft Identity platform (AAD v2.0) support to protect this API
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(configuration);
.EnableTokenAcquisitionToCallDownstreamApi()
.AddMicrosoftGraph()
.AddInMemoryTokenCaches();
}
services.Configure<JwtBearerOptions>(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.Events.OnTokenValidated = async context =>
{
context.HttpContext.StoreTokenUsedToCallWebAPI(context.SecurityToken as JwtSecurityToken);
}
}); to override the Microsoft.Identity.Web implementation (assuming you did not have any OnTokenValidated event handler. |
@jennyf19 |
@Tratcher can we get your thoughts on this? We include |
Remove it. |
Included in 1.16 release |
Which version of Microsoft Identity Web are you using?
Microsoft.Identity.Web 1.5.1
Where is the issue?
Is this a new or an existing app?
This is a new app
Repro
Expected behavior
When JwtBearerOptions.SaveToken is true,
context.GetTokenAsync("access_token")
returns the access token used in the request.Actual behavior
context.GetTokenAsync("access_token")
returns always null whenEnableTokenAcquisitionToCallDownstreamApi()
is used.When I remove
EnableTokenAcquisitionToCallDownstreamApi()
, I get the access token as expected.Possible solution
I debugged the code, and the problem is in
MicrosoftIdentityWebApiAuthenticationBuilder.cs
:I don't know why
context.Success();
it's needed, but when I remove it, everything works as expected.The text was updated successfully, but these errors were encountered: