Microsoft-identity-web: Add CookieAuthenticationOptions parameter to AddMicrosoftWebAppAuthentication-method?

Created on 11 Aug 2020  路  3Comments  路  Source: AzureAD/microsoft-identity-web

Hi,

This is a usability question.

I used this documentation to add Azure AD OpenId Connect authentication to my web application.

In this step to step, we are told to use AddMicrosoftWebAppAuthentication. Here is its implementation:
https://github.com/AzureAD/microsoft-identity-web/blob/debdde3a332d29c106db71938ac0707e2a2e96a7/src/Microsoft.Identity.Web/WebAppExtensions/WebAppServiceCollectionExtensions.cs#L35-L51

We can see at line 46 that null CookieAuthenticationOptions is passed to AddMicrosoftWebApp.

Is there any reason for not letting AddMicrosoftWebAppAuthentication's caller provide CookieAuthenticationOptions?
I have a use-case were I needed to specify CookieAuthenticationOptions and I would gladly sent you a PR adding it as a parameter to AddMicrosoftWebAppAuthentication if you think it makes sense.
Since this is a "new feature", should the PR target master or another branch?

Regards,

Most helpful comment

Hello @durandt.
To configure cookie options, we advise to use a different overload of that method that has action and instead of config parameters:
https://github.com/AzureAD/microsoft-identity-web/blob/18fe4cef0f65ac76c42da87b097c009c9eebba1e/src/Microsoft.Identity.Web/WebAppExtensions/WebAppAuthenticationBuilderExtensions.cs#L62-L68

It can be used like so:

services
    .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftWebApp(
        msOptions => { 
            Configuration.Bind("AzureAd", msOptions);
        }, 
        cookieOptions => {
            // custom code
        });

An alternative method is using Configure method in ConfigureServices:

services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, cookieOptions => {
    // custom code
});

We are planning for our next release, 0.3.0-preview, to have API changes and improvements. More details in branch.

All 3 comments

Hello @durandt.
To configure cookie options, we advise to use a different overload of that method that has action and instead of config parameters:
https://github.com/AzureAD/microsoft-identity-web/blob/18fe4cef0f65ac76c42da87b097c009c9eebba1e/src/Microsoft.Identity.Web/WebAppExtensions/WebAppAuthenticationBuilderExtensions.cs#L62-L68

It can be used like so:

services
    .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftWebApp(
        msOptions => { 
            Configuration.Bind("AzureAd", msOptions);
        }, 
        cookieOptions => {
            // custom code
        });

An alternative method is using Configure method in ConfigureServices:

services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, cookieOptions => {
    // custom code
});

We are planning for our next release, 0.3.0-preview, to have API changes and improvements. More details in branch.

Thanks for the detailed answer @pmaytak

I did just that (first one) yesterday and it works great :)
This is my first .Net Core project so I think it takes some getting used to digging into the code extensions and create my own.

The second solution looks neat to me.

馃憤 Glad that helped.

I find the ASP.NET Core docs very helpful and dotnet aspnetcore and runtime repos useful for looking more closely at the code itself.

Was this page helpful?
0 / 5 - 0 ratings