EG-A-S · thehusted · Aug 10, 2019 · GrzegorzStapala · Aug 12, 2019
diff --git a/src/Controllers/HomeController.cs b/src/Controllers/HomeController.cs
@@ -1,4 +1,5 @@
-using System.Net.Http;
+using System.Linq;
+using System.Net.Http;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
@@ -49,14 +50,16 @@ public async Task<IActionResult> DiscoveryEndpoints()
             }
             return View();
         }
-
+        
         [Authorize]
         public async Task<IActionResult> TokenInformation()
         {
-            //Get the token and split it into its three parts and decoded them if needed...
-            var token = await HttpContext.Authentication.GetTokenAsync("access_token");
-            ViewBag.Token = token;
-            var parts = token.Split('.');
+            var auth = await HttpContext.AuthenticateAsync();
+            var tokens = auth.Properties.GetTokens();
+            var accessToken = tokens.FirstOrDefault(t => t.Name == "access_token");
+
+            ViewBag.Token = accessToken.Value;
+            var parts = accessToken.Value.Split('.');
             ViewBag.Header = parts[0].ToPrettyJsonFromBase64();
             ViewBag.Payload = parts[1].ToPrettyJsonFromBase64();
             ViewBag.Signature = parts[2];
@@ -67,10 +70,12 @@ public async Task<IActionResult> TokenInformation()
         [Authorize]
         public async Task<IActionResult> ApiExample()
         {
-            var accessToken = await HttpContext.Authentication.GetTokenAsync("access_token");
+            var auth = await HttpContext.AuthenticateAsync();
+            var tokens = auth.Properties.GetTokens();
+            var accessToken = tokens.FirstOrDefault(t => t.Name == "access_token");
 
             //Get a list of fiscals from your account in Xena...
-            _client.SetBearerToken(accessToken);
+            _client.SetBearerToken(accessToken.Value);
             var content = await _client.GetStringAsync("https://my.xena.biz/Api/User/FiscalSetup?forceNoPaging=true");
             ViewBag.Json = JObject.Parse(content).ToString();
             return View();

diff --git a/src/ExampleProject.csproj b/src/ExampleProject.csproj
@@ -1,13 +1,7 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp2.0</TargetFramework>
-    <PreserveCompilationContext>true</PreserveCompilationContext>
-    <AssemblyName>ExampleProject</AssemblyName>
-    <OutputType>Exe</OutputType>
-    <PackageId>ExampleProject</PackageId>
-    <RuntimeFrameworkVersion>1.1.1</RuntimeFrameworkVersion>
-    <PackageTargetFallback>$(PackageTargetFallback);dotnet5.6;portable-net45+win8</PackageTargetFallback>
+    <TargetFramework>netcoreapp2.1</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>
@@ -17,24 +11,12 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="BundlerMinifier.Core" Version="2.4.337" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
-    <PackageReference Include="Microsoft.AspNetCore.Routing" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Logging" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.2" />
-    <PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="1.1.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="1.1.2" />
-    <PackageReference Include="IdentityModel" Version="2.10.0" />
+    <PackageReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="Microsoft.AspNetCore.Razor.Design" Version="2.1.2" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.1.1" PrivateAssets="All" />
+    <PackageReference Include="BundlerMinifier.Core" Version="2.9.406" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="2.1.1" />
+    <PackageReference Include="IdentityModel" Version="3.10.10" />
   </ItemGroup>
 
   <ItemGroup>

diff --git a/src/Startup.cs b/src/Startup.cs
@@ -1,4 +1,8 @@
-using System.IdentityModel.Tokens.Jwt;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.HttpOverrides;
@@ -26,15 +30,43 @@ public Startup(IHostingEnvironment env)
         public void ConfigureServices(IServiceCollection services)
         {
             //Load the settings so we can use DI later on...
-            services.Configure<XenaProviderSettings>(Configuration.GetSection("XenaProvider"));
+            //services.Configure<XenaProviderSettings>(Configuration.GetSection("XenaProvider"));
+            var xenaSettings = Configuration.GetSection("XenaProvider").Get<XenaProviderSettings>();
+
+            services.AddAuthentication(options =>
+                {
+                    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+                    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
+                })
+                .AddCookie(options =>
+                {
+                })
+                .AddOpenIdConnect(options =>
+                {
+                    options.SignInScheme = "Cookies";
+
+                    options.Authority = xenaSettings.Authority;
+                    options.RequireHttpsMetadata = false;
+
+                    options.ClientId = xenaSettings.ClientID;
+                    options.ClientSecret = xenaSettings.ClientSecret;
+                    options.ResponseType = "code id_token";
+
+                    options.SaveTokens = true;
+                    options.GetClaimsFromUserInfoEndpoint = true;
+
+                    options.Scope.Add("testapi");
+
+                    options.ClaimActions.MapJsonKey("website", "website");
+                });
+
+            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
 
             services.AddMvc();
         }
 
-        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<XenaProviderSettings> xenaSettingsAccessor)
+        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
         {
-            var xenaSettings = xenaSettingsAccessor.Value;
-
             //When this demo is running inside Docker it is actually NAT'ed through, we need to support this by forwarding the headers...
             var forwardedHeadersOptions = new ForwardedHeadersOptions()
             {
@@ -48,44 +80,22 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
 
             loggerFactory.AddConsole(Configuration.GetSection("Logging"));
             loggerFactory.AddDebug();
-            
+
             if (env.IsDevelopment())
             {
                 app.UseDeveloperExceptionPage();
-                app.UseBrowserLink();
+                //app.UseBrowserLink();
             }
             else
             {
                 app.UseExceptionHandler("/Home/Error");
             }
 
-            app.UseCookieAuthentication(new CookieAuthenticationOptions
-            {
-                AuthenticationScheme = "Cookies"
-            });
-            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
-            app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
-            {
-                AuthenticationScheme = "oidc",
-                SignInScheme = "Cookies",
-
-
-                Authority = xenaSettings.Authority,
-                RequireHttpsMetadata = false,
-
-                ClientId = xenaSettings.ClientID,
-                ClientSecret = xenaSettings.ClientSecret,
-
-                ResponseType = "code id_token",
-                Scope = { "testapi" },
-
-                GetClaimsFromUserInfoEndpoint = true,
-
-                SaveTokens = true //We need this for HttpContext.Authentication.GetTokenAsync("access_token") later on (Home controller)
-            });
-
             app.UseStaticFiles();
 
+            app.UseAuthentication();
+
+
             app.UseMvc(routes =>
             {
                 routes.MapRoute(