Herein can be found all the resources being used to make THR2004 and THR3302 happen.
setup.ps1: resets the demo entirely and does some machine setup stuff (such as opening relevant apps and browser tabs) provision.ps1: deploys all resources teardown.ps1: deletes all resources, including any AAD applications which are tracked by App Service Authentication / Authorization
- Start with the deployed Linux app, and show it working.
- Add AAD authentication using the Express mode.
- Show the automatic redirect.
- Show the /.auth/login endpoint (and describe bearer usage).
- Show /.auth/me and discuss the x-ms-client-* and x-ms-token-* headers.
- Discuss on-behalf-of scenarios.
- Call the site as an API in PostMan, with and without the token.
- Steal a token from the Azure portal and show it failing.
- Show diagnostic logs to determine why it's failing.
- Start with the deployed function app.
- Add MSI to the function app.
- Navigate to Key Vault and explain access policies.
- Add an access policy for the function app with permission to get secrets. Emphasize the save issue.
- Navigate back to the app and show the REST-based function. Explain how MSI works
- Show the function working.
- Navigate to the SDK-based function. Explain the benefits of the AppAuthentication library.
- Show the function working.
- Do the Functions "Hello, world!" with HttpTrigger.
- Give a brief discussion of bindings (optionally doing the BlobTrigger demo).
- Show the creation of the ProfilePhoto template (with discussion as you go) (undetermined if installation of extension should be included).
- Show what the login registration actually did.
- Show getting your profile photo.
- Show Graph Explorer as a way of trying out different APIS you can leverage this with.
- ??? (different binding, deciding which one - OneDrive?)
- Demonstrate the ?prompt=consent approach to updating permissions.
- Discuss webhooks and how they work.
- Create the Graph webhook scenario for Outlook messages and send one to yourself.