AzureAD · jennyf19 · Jul 24, 2022 · Mar 16, 2022 · Mar 17, 2022 · Mar 17, 2022
diff --git a/Microsoft.Identity.Web.sln b/Microsoft.Identity.Web.sln
@@ -134,10 +134,26 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Toke
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Certificate", "src\Microsoft.Identity.Web.Certificate\Microsoft.Identity.Web.Certificate.csproj", "{1E0B96CD-FDBF-482C-996A-775F691D984E}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Certificateless", "src\Microsoft.Identity.Web.Certificateless\Microsoft.Identity.Web.Certificateless.csproj", "{01AA87C9-75BB-42DE-A71E-2932229224B2}"
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Daemon", "Daemon", "{5D970909-98CF-415C-A598-D60B4B4AD8A9}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Daemon-app", "tests\daemon-app\Daemon-app\Daemon-app.csproj", "{8C557C25-25C9-45B6-B2D3-77093893EBC5}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "net462", "net462", "{A4BF732A-BED6-408E-805A-118CE2A692B6}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Asp.NET MVC", "Asp.NET MVC", "{7C04159B-BC84-4B8E-B2D8-692AEBA86433}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OwinWebApi", "tests\aspnet-mvc\OwinWebApi\OwinWebApi.csproj", "{E3611BED-B43A-40BD-A0A3-98AD65B5DAA4}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.TokenAcquisition.Abstractions", "src\Microsoft.Identity.Web.TokenAcquisition.Abstractions\Microsoft.Identity.Web.TokenAcquisition.Abstractions.csproj", "{98F57CC8-01A0-49F3-B859-DDC4F8F5CD2F}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.Certificateless", "src\Microsoft.Identity.Web.Certificateless\Microsoft.Identity.Web.Certificateless.csproj", "{01AA87C9-75BB-42DE-A71E-2932229224B2}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.OWIN", "src\Microsoft.Identity.Web.OWIN\Microsoft.Identity.Web.OWIN.csproj", "{2467D9A0-045B-4B45-8CCB-1AA229093F9F}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web.TokenAcquisition", "src\Microsoft.Identity.Web.TokenAcquisition\Microsoft.Identity.Web.TokenAcquisition.csproj", "{74737C0A-25E6-4E2C-B3AA-F7EECB7A07C7}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OwinWebApp", "tests\aspnet-mvc\OwinWebApp\OwinWebApp.csproj", "{B288DE73-6B29-4B4D-AF02-6683D4C8D163}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -283,14 +299,31 @@ Global
 		{1E0B96CD-FDBF-482C-996A-775F691D984E}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{1E0B96CD-FDBF-482C-996A-775F691D984E}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{1E0B96CD-FDBF-482C-996A-775F691D984E}.Release|Any CPU.Build.0 = Release|Any CPU
-		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{8C557C25-25C9-45B6-B2D3-77093893EBC5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{8C557C25-25C9-45B6-B2D3-77093893EBC5}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{8C557C25-25C9-45B6-B2D3-77093893EBC5}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{8C557C25-25C9-45B6-B2D3-77093893EBC5}.Release|Any CPU.Build.0 = Release|Any CPU
+		{E3611BED-B43A-40BD-A0A3-98AD65B5DAA4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{E3611BED-B43A-40BD-A0A3-98AD65B5DAA4}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{98F57CC8-01A0-49F3-B859-DDC4F8F5CD2F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{98F57CC8-01A0-49F3-B859-DDC4F8F5CD2F}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{98F57CC8-01A0-49F3-B859-DDC4F8F5CD2F}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{98F57CC8-01A0-49F3-B859-DDC4F8F5CD2F}.Release|Any CPU.Build.0 = Release|Any CPU
+		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{01AA87C9-75BB-42DE-A71E-2932229224B2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{2467D9A0-045B-4B45-8CCB-1AA229093F9F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{2467D9A0-045B-4B45-8CCB-1AA229093F9F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{2467D9A0-045B-4B45-8CCB-1AA229093F9F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{2467D9A0-045B-4B45-8CCB-1AA229093F9F}.Release|Any CPU.Build.0 = Release|Any CPU
+		{74737C0A-25E6-4E2C-B3AA-F7EECB7A07C7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{74737C0A-25E6-4E2C-B3AA-F7EECB7A07C7}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{74737C0A-25E6-4E2C-B3AA-F7EECB7A07C7}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{74737C0A-25E6-4E2C-B3AA-F7EECB7A07C7}.Release|Any CPU.Build.0 = Release|Any CPU
+		{B288DE73-6B29-4B4D-AF02-6683D4C8D163}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B288DE73-6B29-4B4D-AF02-6683D4C8D163}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B288DE73-6B29-4B4D-AF02-6683D4C8D163}.Release|Any CPU.ActiveCfg = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -345,6 +378,12 @@ Global
 		{D3A42D78-8A23-44EB-9A1F-63CF58B56AAC} = {9A51E6E0-A2B0-4D4D-9209-E73B8AD2B9C6}
 		{15B7F1B3-A438-4A42-BFFA-E3382543C037} = {D3A42D78-8A23-44EB-9A1F-63CF58B56AAC}
 		{5B9AD363-6A27-4AF2-939E-B20E7C941ADF} = {20CDB9B2-D237-413A-8E76-A973597748B0}
+		{5D970909-98CF-415C-A598-D60B4B4AD8A9} = {9A51E6E0-A2B0-4D4D-9209-E73B8AD2B9C6}
+		{8C557C25-25C9-45B6-B2D3-77093893EBC5} = {A4BF732A-BED6-408E-805A-118CE2A692B6}
+		{A4BF732A-BED6-408E-805A-118CE2A692B6} = {5D970909-98CF-415C-A598-D60B4B4AD8A9}
+		{7C04159B-BC84-4B8E-B2D8-692AEBA86433} = {9A51E6E0-A2B0-4D4D-9209-E73B8AD2B9C6}
+		{E3611BED-B43A-40BD-A0A3-98AD65B5DAA4} = {7C04159B-BC84-4B8E-B2D8-692AEBA86433}
+		{B288DE73-6B29-4B4D-AF02-6683D4C8D163} = {7C04159B-BC84-4B8E-B2D8-692AEBA86433}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {F4FA8C4C-3251-41CC-939B-7892F5798549}

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
@@ -69,7 +69,7 @@
   </PropertyGroup>
 
   <PropertyGroup Label="Common dependency versions">
-    <IdentityModelVersion>6.20.0</IdentityModelVersion>
+    <IdentityModelVersion>6.21.0</IdentityModelVersion>
     <MicrosoftIdentityClientVersion>4.42.0</MicrosoftIdentityClientVersion>
     <FxCopAnalyzersVersion>3.3.0</FxCopAnalyzersVersion>
     <SystemTextEncodingsWebVersion>4.7.2</SystemTextEncodingsWebVersion>
@@ -78,6 +78,8 @@
     <AzureSecurityKeyVaultCertificatesVersion>4.1.0</AzureSecurityKeyVaultCertificatesVersion>
     <MicrosoftGraphVersion>4.11.0</MicrosoftGraphVersion>
     <MicrosoftGraphBetaVersion>4.22.0-preview</MicrosoftGraphBetaVersion>
+    <MicrosoftExtensionsConfigurationBinderVersion>5.0.0</MicrosoftExtensionsConfigurationBinderVersion>
+    <MicrosoftExtensionsHttpVersion>3.1.3</MicrosoftExtensionsHttpVersion>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(TargetFramework)' == 'net472' Or '$(TargetFramework)' == 'net462' Or '$(TargetFramework)' == 'net5.0'">

diff --git a/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.xml b/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.xml
diff --git a/src/Microsoft.Identity.Web.MicrosoftGraph/BaseRequestExtensions.cs b/src/Microsoft.Identity.Web.MicrosoftGraph/BaseRequestExtensions.cs
@@ -53,6 +53,21 @@ public static T WithAuthenticationScheme<T>(this T baseRequest, string authentic
             return SetParameter(baseRequest, options => options.AuthenticationScheme = authenticationScheme);
         }
 
+        /// <summary>
+        /// Overrides authentication options for a given request.
+        /// </summary>
+        /// <typeparam name="T">Request</typeparam>
+        /// <param name="baseRequest">Request.</param>
+        /// <param name="overrideAuthenticationOptions">Delegate to override
+        /// the authentication options</param>
+        /// <returns>Base request</returns>
+        public static T WithAuthenticationOptions<T>(this T baseRequest, 
+            Action<DownstreamRestApiOptions> overrideAuthenticationOptions) where T : IBaseRequest
+        {
+            // TODO: implement
+            throw new NotImplementedException();
+        }
+
         private static T SetParameter<T>(T baseRequest, Action<TokenAcquisitionAuthenticationProviderOption> action) where T : IBaseRequest
         {
             string authHandlerOptionKey = typeof(AuthenticationHandlerOption).FullName!;

diff --git a/src/Microsoft.Identity.Web.MicrosoftGraph/GraphServiceCollectionExtensions.cs b/src/Microsoft.Identity.Web.MicrosoftGraph/GraphServiceCollectionExtensions.cs
@@ -0,0 +1,69 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System;
+using System.Linq;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+using Microsoft.Graph;
+
+namespace Microsoft.Identity.Web
+{
+    /// <summary>
+    /// Extensions methods on a MicrosoftIdentityAppCallingWebApiAuthenticationBuilder builder
+    /// to add support to call Microsoft Graph.
+    /// </summary>
+    public static class GraphServiceCollectionExtensions
+    {
+        /// <summary>
+        /// Add support to call Microsoft Graph. From a named option and a configuration section.
+        /// </summary>
+        /// <param name="services">Builder.</param>
+        /// <returns>The service collection to chain.</returns>
+        public static IServiceCollection AddMicrosoftGraph(this IServiceCollection services)
+        {
+            services.AddTokenAcquisition();
+            services.AddHttpClient();
+            return services.AddMicrosoftGraph(options => { });
+        }
+
+        /// <summary>
+        /// Add support to call Microsoft Graph. From a base Graph URL and a default scope.
+        /// </summary>
+        /// <param name="services">Builder.</param>
+        /// <param name="configureMicrosoftGraphOptions">Delegate to configure the graph service options</param>
+        /// <returns>The service collection to chain.</returns>
+        public static IServiceCollection AddMicrosoftGraph(this IServiceCollection services, Action<MicrosoftGraphOptions> configureMicrosoftGraphOptions)
+        {
+            // https://docs.microsoft.com/en-us/dotnet/standard/microservices-architecture/implement-resilient-applications/use-httpclientfactory-to-implement-resilient-http-requests
+            services.AddOptions<MicrosoftGraphOptions>().Configure(configureMicrosoftGraphOptions);
+
+            services.AddScoped<GraphServiceClient, GraphServiceClient>(serviceProvider =>
+            {
+                var tokenAquisitionService = serviceProvider.GetRequiredService<ITokenAcquisition>();
+                var options = serviceProvider.GetRequiredService<IOptions<MicrosoftGraphOptions>>();
+
+                var microsoftGraphOptions = options.Value;
+                if (microsoftGraphOptions.Scopes == null)
+                {
+                    throw new ArgumentException(IDWebErrorMessage.CalledApiScopesAreNull);
+                }
+
+                string graphBaseUrl = microsoftGraphOptions.BaseUrl;
+                string[] initialScopes = microsoftGraphOptions.Scopes.Split(' ');
+
+                GraphServiceClient client = string.IsNullOrWhiteSpace(graphBaseUrl) ?
+                            new GraphServiceClient(new TokenAcquisitionAuthenticationProvider(
+                                tokenAquisitionService,
+                                new TokenAcquisitionAuthenticationProviderOption() { Scopes = initialScopes.ToArray() })) :
+                            new GraphServiceClient(graphBaseUrl,
+                                new TokenAcquisitionAuthenticationProvider(
+                                    tokenAquisitionService,
+                                    new TokenAcquisitionAuthenticationProviderOption() { Scopes = initialScopes.ToArray() }));
+                return client;
+            });
+            return services;
+        }
+    }
+
+}
diff --git a/src/Microsoft.Identity.Web.MicrosoftGraph/Microsoft.Identity.Web.MicrosoftGraph.csproj b/src/Microsoft.Identity.Web.MicrosoftGraph/Microsoft.Identity.Web.MicrosoftGraph.csproj
@@ -11,16 +11,16 @@
     <ProjectGuid>{E4BC2331-6822-45C3-9702-D76DD0556532}</ProjectGuid>
   </PropertyGroup>
 
-  <PropertyGroup>
-    <TargetFrameworks>netcoreapp3.1; net5.0</TargetFrameworks>
-  </PropertyGroup>
-
   <ItemGroup>
     <PackageReference Include="Microsoft.Graph" Version="$(MicrosoftGraphVersion)" />
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\Microsoft.Identity.Web\Microsoft.Identity.Web.csproj" />
+    <ProjectReference Include="..\Microsoft.Identity.Web.TokenAcquisition\Microsoft.Identity.Web.TokenAcquisition.csproj" />
   </ItemGroup>
 
+  <PropertyGroup>
+    <TargetFrameworks>netcoreapp3.1; net5.0; net462; net472</TargetFrameworks>
+  </PropertyGroup>
+
 </Project>