{"id":6895,"date":"2020-01-08T20:21:27","date_gmt":"2020-01-08T20:21:27","guid":{"rendered":"http:\/\/blogs.aaddevsup.xyz\/?p=6895"},"modified":"2020-01-08T20:21:29","modified_gmt":"2020-01-08T20:21:29","slug":"graph-client-authentication-provider","status":"publish","type":"post","link":"https:\/\/blogs.aaddevsup.xyz\/2020\/01\/graph-client-authentication-provider\/","title":{"rendered":"Graph Client Authentication Provider"},"content":{"rendered":"\n<p>The Graph Client Authentication Providers allows for each authentication to the graph endpoint implementing a variety of OAUTH2 flows.&nbsp; I will demonstrate the use of this library in c# code based on this <a href=\"https:\/\/github.com\/microsoftgraph\/msgraph-sdk-dotnet-auth\">GitHub<\/a>. Previously, you had to build your own Authentication Provider ( see my creation of the client credentials provider in a vb.net application <a href=\"https:\/\/blogs.aaddevsup.xyz\/2019\/12\/using-the-graphclient-sdk-in-a-vb-net-console-application\/\">here<\/a> ) .&nbsp; This library will allow you to use the following flows:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Confidential Client Providers<ul><li>Authorization code<\/li><\/ul><ul><li>Client Credentials<\/li><\/ul><ul><li>On behalf of<\/li><\/ul><\/li><li>Public Client Providers<ul><li>Device Code<\/li><\/ul><ul><li>Integrated windows authentication<\/li><\/ul><ul><li>Interactive Authentication ( This blog demonstrates\nthis flow )<\/li><\/ul><\/li><\/ul>\n\n\n\n<p>The GitHub readme does show all those basic flow implementations.<\/p>\n\n\n\n<p class=\"important-note\"><strong>Note<\/strong>: The library is in preview release only and is subject to change without notice.<\/p>\n\n\n\n<p>I used the same app registration I created demonstrating how\nto use MSAL <a href=\"https:\/\/blogs.aaddevsup.xyz\/2019\/12\/vb-net-use-msal-net-in-a-console-application-to-authenticate-to-azure\/\">here<\/a>.<\/p>\n\n\n\n<p>Start a new c# console application and install the following\nNuget Packages.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Nuget Packages<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Microsoft.Graph \u2013 Also installs:<ul><li>Microsoft.Graph.Core<\/li><\/ul><ul><li>Newtonsoft.Json<\/li><\/ul><ul><li>System.Buffers<\/li><\/ul><ul><li>System.Diagnostics.DiagnosticSource<\/li><\/ul><ul><li>System.Memory<\/li><\/ul><ul><li>System.Numerics.Vectors<\/li><\/ul><ul><li>System.Runtime.CompilerServices.Unsafe<\/li><\/ul><ul><li>System.ValueTuple<\/li><\/ul><\/li><li>Microsoft.Graph.Auth ( Preview Version \u2013 you\nmust check the \u201cInclude Prerelease\u201d box to find ) \u2013 Also installs:<ul><li>System.Security.Principal<\/li><\/ul><ul><li>Microsoft.identity.Client<\/li><\/ul><\/li><\/ul>\n\n\n\n<p>I only have one code file \u2013 Program.cs ( the default code file for a console app ).&nbsp; Here is the code:<\/p>\n\n\n<pre title=\"Program.cs\" class=\"lang:c# decode:true theme:classic \">using Microsoft.Graph;\nusing Microsoft.Graph.Auth;\nusing Microsoft.Identity.Client;\nusing System;\nusing System.Threading.Tasks;\n\nnamespace GraphClient\n{\n    class Program\n    {\n        static String client_id = \"{client_id}\";\n        static String tenant_id = \"{tenant_id}\";\n        static String[] scopes = { \"https:\/\/graph.microsoft.com\/.default\" };\n\n        static IPublicClientApplication _pca = null;\n        private static IPublicClientApplication Pca\n        {\n            get\n            {\n                if(_pca == null )\n                {\n                    _pca = PublicClientApplicationBuilder\n                        .Create( client_id )\n                        .WithTenantId( tenant_id )\n                        .Build();\n                }\n\n                return _pca;\n            }\n        }\n\n        static InteractiveAuthenticationProvider _authProvider = null;\n        private static InteractiveAuthenticationProvider AuthProvider\n        {\n            get\n            {\n                if(_authProvider == null )\n                {\n                    _authProvider = new InteractiveAuthenticationProvider( Pca, scopes );\n                }\n                return _authProvider;\n            }\n        }\n\n        static GraphServiceClient _graphClient = null;\n        private static GraphServiceClient GraphClient\n        {\n            get\n            {\n                if(_graphClient == null )\n                {\n                    _graphClient = new GraphServiceClient( AuthProvider );\n                }\n                return _graphClient;\n            }\n        }\n\n        static void Main(string[] args)\n        {\n            Get_Me().Wait();\n\n            Console.WriteLine( $\"\\nPress any key to close...\" );\n            Console.ReadKey();\n        }\n\n        static async Task Get_Me()\n        {\n            User user = null;\n\n            user = await GraphClient.Me.Request().GetAsync();\n\n            Console.WriteLine( $\"Display Name = {user.DisplayName}\\nEmail = {user.Mail}\" );\n        }\n    }\n}\n<\/pre>\n<p>&nbsp;<\/p>\n\n\n<p>To implement one of the other flows, you may be modifying the Client type ( line 15 in the code file above )  based on whether or not it is a confidential client or a public client ( see list at the beginning of this post ) and the property for it just below, and line 39 ( code file above) where we are setting the auth provider as well as the underlying member for that.  So, for example, a confidential client using the client credentials flow would look like this in the same code file:<\/p>\n\n\n<pre class=\"lang:c# decode:true theme:classic \">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static String client_id = \"{client_id}\";\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static String tenant_id = \"{tenant_id}\";\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static String client_secret = \"{client_secret}\";\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static String[] scopes = { \"https:\/\/graph.microsoft.com\/.default\" };\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static IConfidentialClientApplication _pca = null;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; private static IConfidentialClientApplication Pca\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; get\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if(_pca == null )\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; _pca = ConfidentialClientApplicationBuilder\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; .Create( client_id )\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; .WithTenantId( tenant_id )\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; .WithClientSecret( client_secret )\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; .Build();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return _pca;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; static ClientCredentialProvider _authProvider = null;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; private static ClientCredentialProvider AuthProvider\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; get\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if(_authProvider == null )\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; _authProvider = new ClientCredentialProvider( Pca );\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return _authProvider;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<\/pre>\n<p>&nbsp;<\/p>","protected":false},"excerpt":{"rendered":"<p>The Graph Client Authentication Providers allows for each authentication to the graph endpoint implementing a variety of OAUTH2 flows.&nbsp; I will demonstrate the use of this library in c# code based on this GitHub. Previously, you had to build your own Authentication Provider ( see my creation of the client credentials provider in a vb.net application here ) .&nbsp; This library will allow you to use the following flows: Confidential&hellip;<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,11],"tags":[193,192],"class_list":["post-6895","post","type-post","status-publish","format-standard","hentry","category-authentication-flows","category-ms-graph-client","tag-graphclient","tag-iauthenticationprovider"],"_links":{"self":[{"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/posts\/6895"}],"collection":[{"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/comments?post=6895"}],"version-history":[{"count":25,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/posts\/6895\/revisions"}],"predecessor-version":[{"id":6920,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/posts\/6895\/revisions\/6920"}],"wp:attachment":[{"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/media?parent=6895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/categories?post=6895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.aaddevsup.xyz\/wp-json\/wp\/v2\/tags?post=6895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}