From @pocki and copied from https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/issues/233
x)- [ ] bug report -> please search issues before submitting
- [ ] feature request
- [x] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)
Please add an 'x' for the scenario(s) where you found an issue
Repro steps
Is it somehow possible to receive an AccessToken on behalf of User if only (at least) ClaimsPrincipal (like in #159) is available but no full (Current)HttpContext?
Why: I have a long running task moved to a IHostedService. In this service I need an AccessToken at beginning and at the end (for the same scope). The AccessToken for the beginning is no problem, I can request it before the start and/or use the TokenCache. But in the end (>1 hour after begin) of the HostedService the token needs to be refreshed, but I can not call the TokenAcquisition because HttpContext is not available (out of Scope/Disposed) in IHostedService.
Actually I use TokenAcquisition.GetAccessTokenOnBehalfOfUserAsync to get and to "refresh"/get a new token
Expected behavior
Use of TokenAcquisition.GetAccessTokenOnBehalfOfUserAsync where HttpContext is not available (Disposed or out of Scope)
Actual behavior
With modifications of #159 I can pass the HttpContext.User as a Parameter to the HostedService: System.NullReferenceException "Object reference not set to an instance of an object."
var request = CurrentHttpContext.Request; //CurrentHttpContext is null/is already disposed
at Microsoft.Identity.Web.TokenAcquisition.BuildConfidentialClientApplication() in C:xxx\Microsoft.Identity.Web\TokenAcquisition.cs:line 345
at Microsoft.Identity.Web.TokenAcquisition.GetOrBuildConfidentialClientApplication() in C:xxx\Microsoft.Identity.Web\TokenAcquisition.cs:line 333
Line numbers may not match with this Repo
Possible Solution
Is it possible to set needed values for TokenAquisition manually?
Is there another method instead of TokenAcquisition.GetAccessTokenOnBehalfOfUserAsync to refresh a token?
ASP.NET Core 3.0
Microsoft.Identity.Web from this Repo, manually updated to ASP.NET Core 3.0 with
<PackageReference Include="Microsoft.AspNetCore.Authentication.AzureAD.UI" Version="3.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.AzureADB2C.UI" Version="3.0.0" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.0.1" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="3.0.1" />
<PackageReference Include="Microsoft.Identity.Client" Version="4.7.1" />
Is there any other possiblity? Have I missed something? Anyone another suggestion how to solve this?
@pocki
This is included in Microsoft Identity Web 0.2.1-preview release.
@pocki: this is documented in this is documented in https://github.com/AzureAD/microsoft-identity-web/wiki/Managing-incremental-consent-and-conditional-access