Bot.Builder.Community.Middleware.AzureAdAuthentication
AzureAdAuthMiddleware.cs
using Microsoft.Bot.Builder;
using Microsoft.Extensions.Configuration;
using Newtonsoft.Json;
using System;
using System.Net;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
namespace Bot.Builder.Community.Middleware.AzureAdAuthentication
{
public clast AzureAdAuthMiddleware : IMiddleware
{
public AzureAdAuthMiddleware(IAuthTokenStorage tokenStorage, IConfiguration configuration)
{
TokenStorage = tokenStorage;
AzureAdTenant = configuration.GetValue("AzureAdTenant");
AppClientId = configuration.GetValue("AppClientId");
AppRedirectUri = configuration.GetValue("AppRedirectUri");
AppClientSecret = configuration.GetValue("AppClientSecret");
PermissionsRequested = configuration.GetValue("PermissionsRequested");
}
public IAuthTokenStorage TokenStorage { get; }
public string AzureAdTenant { get; }
public string AppClientId { get; }
public string AppRedirectUri { get; }
public string AppClientSecret { get; }
public string PermissionsRequested { get; }
public const string AUTH_TOKEN_KEY = "authToken";
public async Task OnTurnAsync(ITurnContext context, NextDelegate next, CancellationToken cancellationToken = default(CancellationToken))
{
var authToken = TokenStorage.LoadConfiguration(context.Activity.Conversation.Id);
if (authToken == null)
{
if (context.Activity.UserHasJustSentMessage() || context.Activity.UserHasJustJoinedConversation())
{
var conversationReference = context.Activity.GetConversationReference();
var serializedCookie = WebUtility.UrlEncode(JsonConvert.SerializeObject(conversationReference));
var signInUrl = AzureAdExtensions.GetUserConsentLoginUrl(AzureAdTenant, AppClientId, AppRedirectUri, PermissionsRequested, serializedCookie);
var activity = context.Activity.CreateReply();
activity.AddSignInCard(signInUrl);
await context.SendActivityAsync(activity);
}
}
else if (authToken.ExpiresIn < DateTime.Now.AddMinutes(-10))
{
if (context.Activity.UserHasJustSentMessage() || context.Activity.UserHasJustJoinedConversation())
{
var client = new HttpClient();
var accessToken = await AzureAdExtensions.GetAccessTokenUsingRefreshToken(client, AzureAdTenant, authToken.RefreshToken, AppClientId, AppRedirectUri, AppClientSecret, PermissionsRequested);
// have to save it
authToken = new ConversationAuthToken(context.Activity.Conversation.Id)
{
AccessToken = accessToken.accessToken,
RefreshToken = accessToken.refreshToken,
ExpiresIn = accessToken.refreshTokenExpiresIn
};
TokenStorage.SaveConfiguration(authToken);
// make the authtoken available to downstream pipeline components
context.TurnState.Add(AUTH_TOKEN_KEY, authToken);
await next(cancellationToken);
}
}
else
{
// make the authtoken available to downstream pipeline components
context.TurnState.Add(AUTH_TOKEN_KEY, authToken);
await next(cancellationToken);
}
}
}
}
