search

microsoftgraph / msgraph-sdk-dotnet-auth

Archived - use the TokenCredential classes provided by Azure.Identity. https://docs.microsoft.com/en-us/dotnet/api/overview/azure/identity-readme
https://graph.microsoft.com
MIT License
78 stars 19 forks source link

Stuck in authenticationChallengeRequired #101

Closed hannespreishuber closed 3 years ago

hannespreishuber commented 3 years ago

done at least 10 hours of ASP.NET MVC there is no complete sample for AuthorizationCodeProvider

so my code 

 scopes.Add("https://graph.microsoft.com/.default");
 scopes.Add("User.Read.All");

 var cca = ConfidentialClientApplicationBuilder
     .Create(System.Configuration.ConfigurationManager.AppSettings["ClientId"])
     .WithClientSecret(System.Configuration.ConfigurationManager.AppSettings["ClientSecret"])
    .WithRedirectUri(System.Configuration.ConfigurationManager.AppSettings["redirectUri"])

    .Build();
 var authenticationProvider = new AuthorizationCodeProvider(cca,scopes);

 GraphServiceClient graphClient = new GraphServiceClient(authenticationProvider);

 var user = await graphClient.Me
     .Request()
     .GetAsync();

get error message

Code: authenticationChallengeRequired Message: Authentication challenge is required. Beschreibung: Unbehandelte Ausnahme beim Ausführen der aktuellen Webanforderung. Überprüfen Sie die Stapelüberwachung, um weitere Informationen über diesen Fehler anzuzeigen und festzustellen, wo der Fehler im Code verursacht wurde.

Ausnahmedetails: Microsoft.Graph.Auth.AuthenticationException: Code: authenticationChallengeRequired Message: Authentication challenge is required.

AB#8392

andrueastman commented 3 years ago

@hannespreishuber The AuthorizationCodeProvider is intended to be used with the Auth Code Flow.Therefore, web app will need to get an Auth Code to use in order to get an access token. You are most likely getting this error since you have not yet acquired an access token the right way.

If you check out the documentation here, you will see that you need to modify your StartUp.cs so as to add an EventHandler when an AuthCode is received. The event handler can then call this method from the AuthProvider so that you can now acquire an access token and make it available for the app.

You can also find samples using the Auth Code flow here to call Microsft graph.

hannespreishuber commented 3 years ago

to much links ... did already 

  private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification context)
        {
            // Upon successful sign-in, get the access token and cache it by using MSAL.

            IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
            .Create(System.Configuration.ConfigurationManager.AppSettings["ClientId"])
                .WithClientSecret(System.Configuration.ConfigurationManager.AppSettings["ClientSecret"])
                   .WithTenantId(System.Configuration.ConfigurationManager.AppSettings["Tenant"])
                .WithRedirectUri(System.Configuration.ConfigurationManager.AppSettings["redirectUri"])
                 .WithAuthority(System.Configuration.ConfigurationManager.AppSettings["Authority"])
            .Build();
            AuthenticationResult result = await confidentialClientApplication.AcquireTokenByAuthorizationCode(new[] { "User.Read.All" }, context.Code).ExecuteAsync();

but no idea where to add the token

also within controller 

  var tokenResult = cca.AcquireTokenForClient(new List<string> { "https://graph.microsoft.com/.default" });
  var token = await tokenResult.ExecuteAsync();

feels like a big puzzle with 10000 pieces. Just want 10 lines of code...

hannespreishuber commented 3 years ago

just to complete the whole picture, what I tried already manual paste a token to the sdk request header- always the same result... 


 var ho = new HeaderOption("Authorization", "Bearer "+ token.AccessToken);

            var holist = new List<HeaderOption>();
            holist.Add(ho);
          var user = await graphClient.Me
                .Request(holist)
                .GetAsync();
            return View();```
maisarissi commented 3 years ago

Hi @hannespreishuber

Thank you for reaching out and opening this issue. This client library will not leave the preview state. Microsoft.Graph v4 now integrates with Azure.Identity which supports a wide variety of authentication flows out of the box. We suggest that you migrate to v4 + Azure.Identity. Read more about it in this issue.

This issue won't be fixed, and the repository will be archived.