I started with the basic ASP.NET Core 2.0 with Azure Authentication. Everything works in a web browser. It starts up, browser goes to MS, signs in and returns to the app. So far so good.
What I want to do is then use PowerShell with Invoke-RestMethod to connect to the same application. I appear to be missing something. Best guess is i need to enable something in the startup.cs file related to tokens or another authentication method?? Alternatively I've just made a hash of my authentication header.
$loginURL = "https://login.microsoftonline.com/"$clientId = "Client ID"$clientSecret = "Secret ID"$resource="https://tenantname.onmicrosoft.com/WebApplication1"$body=@{grant_type="client_credentials";client_id=$clientId;client_secret=$clientSecret;resource=$resource}$tenant = "tenantname.onmicrosoft.com"$token = Invoke-RestMethod -Method Post -Uri $loginURL/$tenant/oauth2/token?api-version=1.0 -Body $BodyI get my token back, all seems fine at this point.
$authHeader = @{
'Content-Type' = 'application\json'
'Authorization' = 'bearer ' + $($token.access_token)
'Expires' = $token.expires_on
}
Invoke-RestMethod -Method Get -Uri https://localhost:44342/api/id -Headers $authHeader -VerboseAnd this is where it returns a 55K HTML text string from MS instead of a 200 OK.
I repeated the post to the application in Postman and it came back with a preview of, "we can't sign you in, browser blocks javascript." As I understand it, I shouldn't be at MS in the first place. The application should have taken the token and executed the request.
Do I need to add an authentication method to the startup.cs? I've tried different header values to no avail. Hopefully its just me being a newbie with Core 2.0 in general. I have been searching for different articles online to cover this dual purpose access, Browser and API when Azure provides the authentication service but I just haven't found anything that matches or appears to match.
Help appreciated! Thank you.
Startup.cs
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
services.AddMvc();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}