From 098d21ff782fc1c7906b1bfe2a943f23e5dee584 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20Fr=C3=B6lich?= Date: Thu, 28 Aug 2025 14:23:58 +0200 Subject: [PATCH] docs: removes asp.net web api section --- docs/general/authentication.md | 119 --------------------------------- 1 file changed, 119 deletions(-) diff --git a/docs/general/authentication.md b/docs/general/authentication.md index bba5636..fc20a45 100644 --- a/docs/general/authentication.md +++ b/docs/general/authentication.md @@ -306,122 +306,3 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env) }); } ``` - -### Secure your own ASP.NET WebAPI with B2C authentication - -[A combined sample for a .NET web application that calls a .NET Web API, both secured using Azure AD B2C]( -https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi) - -```csharp - public partial class Startup - { - // These values are pulled from web.config - public static string AadInstance = ConfigurationManager.AppSettings["ida:AadInstance"]; - public static string Tenant = ConfigurationManager.AppSettings["ida:Tenant"]; - public static string ClientId = ConfigurationManager.AppSettings["ida:ClientId"]; - public static string SignUpSignInPolicy = ConfigurationManager.AppSettings["ida:SignUpSignInPolicyId"]; - public static string DefaultPolicy = SignUpSignInPolicy; - - /* - * Configure the authorization OWIN middleware - */ - public void ConfigureAuth(IAppBuilder app) - { - TokenValidationParameters tvps = new TokenValidationParameters - { - // Accept only those tokens where the audience of the token is equal to the client ID of this app - ValidAudience = ClientId, - AuthenticationType = Startup.DefaultPolicy - }; - - app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions - { - // This SecurityTokenProvider fetches the Azure AD B2C metadata & signing keys from the OpenIDConnect metadata endpoint - AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(String.Format(AadInstance, Tenant, DefaultPolicy))) - }); - } - } - - - // This class is necessary because the OAuthBearer Middleware does not leverage - // the OpenID Connect metadata endpoint exposed by the STS by default. - public class OpenIdConnectCachingSecurityTokenProvider : IIssuerSecurityKeyProvider - { - public ConfigurationManager _configManager; - private string _issuer; - private IEnumerable _keys; - private readonly string _metadataEndpoint; - - private readonly ReaderWriterLockSlim _synclock = new ReaderWriterLockSlim(); - - public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint) - { - _metadataEndpoint = metadataEndpoint; - _configManager = new ConfigurationManager(metadataEndpoint, new OpenIdConnectConfigurationRetriever()); - - RetrieveMetadata(); - } - - /// - /// Gets the issuer the credentials are for. - /// - /// - /// The issuer the credentials are for. - /// - public string Issuer - { - get - { - RetrieveMetadata(); - _synclock.EnterReadLock(); - try - { - return _issuer; - } - finally - { - _synclock.ExitReadLock(); - } - } - } - - /// - /// Gets all known security keys. - /// - /// - /// All known security keys. - /// - public IEnumerable SecurityKeys - { - get - { - RetrieveMetadata(); - _synclock.EnterReadLock(); - try - { - return _keys; - } - finally - { - _synclock.ExitReadLock(); - } - } - } - - private void RetrieveMetadata() - { - _synclock.EnterWriteLock(); - try - { - OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result; - _issuer = config.Issuer; - _keys = config.SigningKeys; - } - finally - { - _synclock.ExitWriteLock(); - } - } - } - -```