search

AzureAD / microsoft-identity-web

Helps creating protected web apps and web APIs with Microsoft identity platform and Azure AD B2C
MIT License
679 stars 210 forks source link

Add first class IHostedService support for Microsoft.NET.Sdk.Worker projects #2636

Open DavidParks8 opened 9 months ago

DavidParks8 commented 9 months ago

Summary

I would like to propose a high level Microsoft.Identity.Worker package which has zero dependencies on aspnetmvc libraries, made specifically for IHostedServices that exist in console apps rather than web apis.

Motivation and goals

I have a need to utilize ITokenAcquisition within an IHostedService of a .net core console app. Existing examples that I could find use TokenAcquirerFactory.GetDefaultInstance(), but this isn't sufficient for my usecase because it hardcodes where it gets the config from (assumes env settings and appSettings.json, rather than other sources as well) and because it won't have knowledge of any of the other dependency injected services that have already been registered within Host.CreateDefaultBuilder.ConfigureServices.

Upon further investigation, various pieces of Microsoft.Identity.Web are tightly coupled to aspnet core namespaces and types, such as IHttpContextAccessor, which are not relevant to console apps. These additional dependencies lead to bloated apps when trimming and utilizing aot compilation.

The Microsoft.Identity.Worker package should be designed for use with the Microsoft.NET.Sdk.Worker project template, taking full advantage of the serviceCollection and IConfiguration provided in the template.

For my usecase, I explicitly need support for the following method carried over to the new package as well:

        tokenAcquisition.GetAccessTokenForUserAsync(
           new[] { $"{url}/.default" },
           tokenAcquisitionOptions: new TokenAcquisitionOptions() { LongRunningWebApiSessionKey = "example" })

In scope

Out of scope

Risks / unknowns

Users may misuse this by attempting to use it in a web api project. This could be mitigated with very clear and abundant docs with working examples and explanations of the differences between packages, as well as good readmes in each nuget package for display on nuget.org.

Examples

// Copyright (c) Microsoft Corporation. All rights reserved.

var host = Host.CreateDefaultBuilder(args)
...
    .ConfigureServices((context, services) =>
    {
        services.AddMicrosoftIdentityWorker(context.Configuration);
        // the intention would be to add nearly the same api surface as Microsoft.Identity.Web minus the web api-specific stuff.
    })
    .Build();

await host.RunAsync();
jmprieur commented 9 months ago

Hi @DavidParks8

Here is a PR with a sample (and a fix to DownstreamApiExtensions) that shows how to use IdWeb / Downstream Api in a worker: https://github.com/AzureAD/microsoft-identity-web/pull/2645

Would that work for you? Also note that in term of services, given there is no authentication middleware, this does not draw dependencies on ASP.NET Core services, so NativeAoT should not be a problem