1

I have problem with getting a token from my httpContext in Asp.Net Core 2.0 project. I have implicit ADAL authorization on front part where I'm getting the token and sending it in a header when accessing my API. Authentication is going well, but when I want to get token for a request to the Microsoft Graph api I'm getting null.

My Startup authentication part:

services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        }).AddJwtBearer(options =>
        {
            AuthenticationOptions authSettings = Configuration.GetSection("Authentication").Get<AuthenticationOptions>();
            options.TokenValidationParameters = new TokenValidationParameters()
            {
                ValidateIssuer = false,
                ValidAudiences = new List<string> { authSettings.ClientId, authSettings.AppIdUri }
            };
            options.Authority = "https://login.microsoftonline.com/common";
            options.Audience = "**";
            options.TokenValidationParameters.ValidateLifetime = true;
            options.TokenValidationParameters.ClockSkew = TimeSpan.Zero;

            options.SaveToken = true;
        });

        services.AddAuthorization();

        services.AddMvc();

The method where I need to get a token:

public async Task AuthenticateRequestAsync(HttpRequestMessage request)
    {
        var httpContext = _httpContextAccessor.HttpContext;

        //Get the access token used to call this API
        string token = await httpContext.GetTokenAsync("access_token");

        //We are passing an *assertion* to Azure AD about the current user
        //Here we specify that assertion's type, that is a JWT Bearer token
        string assertionType = "urn:ietf:params:oauth:grant-type:jwt-bearer";

        //User name is needed here only for ADAL, it is not passed to AAD
        //ADAL uses it to find a token in the cache if available
        var user = httpContext.User;
        string userName = user.FindFirstValue(ClaimTypes.Upn) ?? user.FindFirstValue(ClaimTypes.Email);

        var userAssertion = new UserAssertion(token, assertionType, userName);

        //Construct the token cache
        var cache = new DistributedTokenCache(user, _distributedCache, _loggerFactory, _dataProtectionProvider);

        var authContext = new AuthenticationContext(_authSettings.Authority, cache);
        var clientCredential = new ClientCredential(_authSettings.ClientId, _authSettings.ClientSecret);
        //Acquire access token
        var result = await authContext.AcquireTokenAsync("https://graph.microsoft.com", clientCredential, userAssertion);
        //Set the authentication header
        request.Headers.Authorization = new AuthenticationHeaderValue(result.AccessTokenType, result.AccessToken);
    }

In the part of await httpContext.GetTokenAsync("access_token"); it's returning null.

Improve this question

1 Answer 1

Reset to default
1

im sry for disturbing, solution was quite easy. And ty for your attention.

httpContext.Request.Headers.TryGetValue("Authorization", out var token);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.