Hi,
This is a usability question.
I used this documentation to add Azure AD OpenId Connect authentication to my web application.
In this step to step, we are told to use AddMicrosoftWebAppAuthentication. Here is its implementation:
https://github.com/AzureAD/microsoft-identity-web/blob/debdde3a332d29c106db71938ac0707e2a2e96a7/src/Microsoft.Identity.Web/WebAppExtensions/WebAppServiceCollectionExtensions.cs#L35-L51
We can see at line 46 that null CookieAuthenticationOptions is passed to AddMicrosoftWebApp.
Is there any reason for not letting AddMicrosoftWebAppAuthentication's caller provide CookieAuthenticationOptions?
I have a use-case were I needed to specify CookieAuthenticationOptions and I would gladly sent you a PR adding it as a parameter to AddMicrosoftWebAppAuthentication if you think it makes sense.
Since this is a "new feature", should the PR target master or another branch?
Regards,
Hello @durandt.
To configure cookie options, we advise to use a different overload of that method that has action and instead of config parameters:
https://github.com/AzureAD/microsoft-identity-web/blob/18fe4cef0f65ac76c42da87b097c009c9eebba1e/src/Microsoft.Identity.Web/WebAppExtensions/WebAppAuthenticationBuilderExtensions.cs#L62-L68
It can be used like so:
services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftWebApp(
msOptions => {
Configuration.Bind("AzureAd", msOptions);
},
cookieOptions => {
// custom code
});
An alternative method is using Configure method in ConfigureServices:
services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, cookieOptions => {
// custom code
});
We are planning for our next release, 0.3.0-preview, to have API changes and improvements. More details in branch.
Thanks for the detailed answer @pmaytak
I did just that (first one) yesterday and it works great :)
This is my first .Net Core project so I think it takes some getting used to digging into the code extensions and create my own.
The second solution looks neat to me.
馃憤 Glad that helped.
I find the ASP.NET Core docs very helpful and dotnet aspnetcore and runtime repos useful for looking more closely at the code itself.
Most helpful comment
Hello @durandt.
To configure cookie options, we advise to use a different overload of that method that has action and instead of config parameters:
https://github.com/AzureAD/microsoft-identity-web/blob/18fe4cef0f65ac76c42da87b097c009c9eebba1e/src/Microsoft.Identity.Web/WebAppExtensions/WebAppAuthenticationBuilderExtensions.cs#L62-L68
It can be used like so:
An alternative method is using
Configuremethod inConfigureServices:We are planning for our next release, 0.3.0-preview, to have API changes and improvements. More details in branch.