Open xperiandri opened 2 years ago
MSAL doesn't currently provide a higher level abstraction like HttpClient integration (CC @jmprieur). Microsoft.Identity.Web does offer a DownstreamApi object that allows this, but we haven't ported it to MSAL.
The alternative you describe is a no go for us, we don't want to expose the refresh token concept. Calling AcquireTokenSilent
will do the refresh operation for you. So MSAL will always provide a fresh access token to your app.
@xperiandri we have plans to provide higher level APIs, including a delegating handler or an HttpMessageHandler A message handler is available in Microsoft.Identity.Web: https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/DownstreamWebApiSupport/MicrosoftIdentityUserAuthenticationMessageHandler.cs. We plan to extend this to MSAL.
Is your feature request related to a problem? Please describe. I use Azure AD B2C and I want my mobile app to authenticate to Azure Function using GraphQL client. Hence I need to put an access token to HttpClient and somehow refresh it when it expires.
Describe the solution you'd like
MsalHttpMessageHandler
class that inheritsDelegatingHandler
and automatically applies access token to request and refreshes token if requiredDescribe alternatives you've considered Somehow extract refresh token from MSAL.NET and use https://github.com/IdentityModel/IdentityModel.OidcClient/blob/main/src/OidcClient/RefreshTokenDelegatingHandler.cs