Skip to content

Commit c4f402e

Browse files
author
Tiago Brenck
committed
Reverting wrong commit
1 parent 3448381 commit c4f402e

File tree

2 files changed

+47
-0
lines changed

2 files changed

+47
-0
lines changed

3.-Web-api-call-Microsoft-graph-for-personal-accounts/README.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -266,6 +266,52 @@ There is one change in the WebApp.Config, and one thing to check
266266
<add key="todo:TodoListScope" value="01234567-89ab-cdef-0123-456789abcdef/access_as_user"/>
267267
```
268268

269+
### Have the client let the user consent for the scopes required for the service
270+
271+
The Web API (TodoList service) does not have the possibility of having an interaction with the user (by definition of a Web API), and therefore cannot let the user consent for the scopes it requests. Given that the Web API and the client have the same client ID, it's possible for the client to request a token for the Web API and let the user pre-consent to the scopes requested by the Web API (in this case "user.read")
272+
273+
This is done in `MainWindow.xaml.cs` in the `SignIn` method, by replacing adding to the `AcquireTokenInteractive` call, a modifier `.WithExtraScopesToConsent(new[] { "user.read" })`. See [WithExtraScopeToConsent](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-desktop-acquire-token#withextrascopetoconsent) for more details.
274+
275+
```CSharp
276+
public class MainWindow
277+
{
278+
private async void SignIn(object sender = null, RoutedEventArgs args = null)
279+
{
280+
...
281+
// Force a sign-in (PromptBehavior.Always), as the ADAL web browser might contain cookies for the current user, and using .Auto
282+
// would re-sign-in the same user
283+
var result = await _app.AcquireTokenInteractive(Scopes)
284+
.WithAccount(accounts.FirstOrDefault())
285+
.WithPrompt(Prompt.SelectAccount)
286+
.ExecuteAsync()
287+
.ConfigureAwait(false);
288+
...
289+
}
290+
}
291+
```
292+
293+
by
294+
295+
```CSharp
296+
public class MainWindow
297+
{
298+
private async void SignIn(object sender = null, RoutedEventArgs args = null)
299+
{
300+
...
301+
// Force a sign-in (PromptBehavior.Always), as the ADAL web browser might contain cookies for the current user, and using .Auto
302+
// would re-sign-in the same user
303+
var result = await _app.AcquireTokenInteractive(Scopes)
304+
.WithAccount(accounts.FirstOrDefault())
305+
.WithPrompt(Prompt.SelectAccount)
306+
.WithExtraScopesToConsent(new[] { "user.read" })
307+
.ExecuteAsync()
308+
.ConfigureAwait(false);
309+
...
310+
}
311+
}
312+
```
313+
314+
269315
## How to deploy this sample to Azure
270316

271317
See section [How to deploy this sample to Azure](../1.%20Desktop%20app%20calls%20Web%20API/README.md#How-to-deploy-this-sample-to-Azure) in the first part of this tutorial, as the deployment is exactly the same.

3.-Web-api-call-Microsoft-graph-for-personal-accounts/TodoListClient/MainWindow.xaml.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -355,6 +355,7 @@ private async void SignIn(object sender = null, RoutedEventArgs args = null)
355355
var result = await _app.AcquireTokenInteractive(Scopes)
356356
.WithAccount(accounts.FirstOrDefault())
357357
.WithPrompt(Prompt.SelectAccount)
358+
.WithExtraScopesToConsent(new[] { "user.read" })
358359
.ExecuteAsync()
359360
.ConfigureAwait(false);
360361

0 commit comments

Comments
 (0)