damienbod · damienbod · Jun 12, 2022 · Jun 12, 2022 · Jun 12, 2022 · Jun 12, 2022
diff --git a/AspNetCoreRazor/Program.cs b/AspNetCoreRazor/Program.cs
@@ -14,7 +14,7 @@
 var configuration = builder.Configuration;
 var env = builder.Environment;
 
-builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
     .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));
 
 services.AddAuthorization(options =>

diff --git a/AspNetCoreRazorMultiClients/AspNetCoreRazorMultiClients.csproj b/AspNetCoreRazorMultiClients/AspNetCoreRazorMultiClients.csproj
@@ -3,6 +3,8 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <UserSecretsId>aspnet-AspNetCoreRazorMultiClients-7E2EEDC5-9D3D-4F7E-AE3C-7F4637E7323C</UserSecretsId>
+	<Nullable>enable</Nullable>
+	<ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
 
   <ItemGroup>

diff --git a/AspNetCoreRazorMultiClients/CustomAccountController.cs b/AspNetCoreRazorMultiClients/CustomAccountController.cs
@@ -56,7 +56,7 @@ public IActionResult SignInT2([FromQuery] string redirectUri)
     public async Task<IActionResult> CustomSignOut()
     {
         var aud = HttpContext.User.FindFirst("aud");
-        if (aud.Value == _configuration["AzureAdT1:ClientId"])
+        if (aud?.Value == _configuration["AzureAdT1:ClientId"])
         {
 
             await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

diff --git a/AspNetCoreRazorMultiClients/Pages/Error.cshtml.cs b/AspNetCoreRazorMultiClients/Pages/Error.cshtml.cs
@@ -1,20 +1,27 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using Microsoft.Extensions.Logging;
 using System.Diagnostics;
 
-namespace AspNetCoreRazorMultiClients.Pages;
-
-[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
-[IgnoreAntiforgeryToken]
-public class ErrorModel : PageModel
+namespace AspNetCoreRazorMultiClients.Pages
 {
-    public string RequestId { get; set; }
+    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+    [IgnoreAntiforgeryToken]
+    public class ErrorModel : PageModel
+    {
+        public string? RequestId { get; set; }
 
-    public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
+        public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
 
-    public void OnGet()
-    {
-        RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
+        private readonly ILogger<ErrorModel> _logger;
+
+        public ErrorModel(ILogger<ErrorModel> logger)
+        {
+            _logger = logger;
+        }
+
+        public void OnGet()
+        {
+            RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
+        }
     }
 }
diff --git a/AspNetCoreRazorMultiClients/Pages/Index.cshtml.cs b/AspNetCoreRazorMultiClients/Pages/Index.cshtml.cs
@@ -1,10 +1,20 @@
-using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
 
-namespace AspNetCoreRazorMultiClients.Pages;
-
-public class IndexModel : PageModel
+namespace AspNetCoreRazorMultiClients.Pages
 {
-    public void OnGet()
+    public class IndexModel : PageModel
     {
+        private readonly ILogger<IndexModel> _logger;
+
+        public IndexModel(ILogger<IndexModel> logger)
+        {
+            _logger = logger;
+        }
+
+        public void OnGet()
+        {
+
+        }
     }
-}
+}
diff --git a/AspNetCoreRazorMultiClients/Pages/Privacy.cshtml.cs b/AspNetCoreRazorMultiClients/Pages/Privacy.cshtml.cs
@@ -1,10 +1,19 @@
-using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
 
-namespace AspNetCoreRazorMultiClients.Pages;
-
-public class PrivacyModel : PageModel
+namespace AspNetCoreRazorMultiClients.Pages
 {
-    public void OnGet()
+    public class PrivacyModel : PageModel
     {
+        private readonly ILogger<PrivacyModel> _logger;
+
+        public PrivacyModel(ILogger<PrivacyModel> logger)
+        {
+            _logger = logger;
+        }
+
+        public void OnGet()
+        {
+        }
     }
-}
+}
diff --git a/AspNetCoreRazorMultiClients/Pages/Shared/_Layout.cshtml b/AspNetCoreRazorMultiClients/Pages/Shared/_Layout.cshtml
@@ -3,16 +3,17 @@
 <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>@ViewData["Title"] - ASP.NET Core Multi-Clients</title>
+    <title>@ViewData["Title"] - AspNetCoreRazorMultiClients</title>
     <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.min.css" />
-    <link rel="stylesheet" href="~/css/site.css" />
+    <link rel="stylesheet" href="~/css/site.css" asp-append-version="true" />
+    <link rel="stylesheet" href="~/AspNetCoreRazorMultiClients.styles.css" asp-append-version="true" />
 </head>
 <body>
     <header>
         <nav class="navbar navbar-expand-sm navbar-toggleable-sm navbar-light bg-white border-bottom box-shadow mb-3">
             <div class="container">
-                <a class="navbar-brand" asp-area="" asp-page="/Index">AAD multi-tenants-client</a>
-                <button class="navbar-toggler" type="button" data-toggle="collapse" data-target=".navbar-collapse" aria-controls="navbarSupportedContent"
+                <a class="navbar-brand" asp-area="" asp-page="/Index">AspNetCoreRazorMultiClients</a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target=".navbar-collapse" aria-controls="navbarSupportedContent"
                         aria-expanded="false" aria-label="Toggle navigation">
                     <span class="navbar-toggler-icon"></span>
                 </button>
@@ -21,6 +22,9 @@
                         <li class="nav-item">
                             <a class="nav-link text-dark" asp-area="" asp-page="/Index">Home</a>
                         </li>
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
+                        </li>
                     </ul>
                     <partial name="_LoginPartial" />
                 </div>
@@ -35,7 +39,7 @@
 
     <footer class="border-top footer text-muted">
         <div class="container">
-            &copy; 2022 - ASP.NET Core Multi-Clients - <a asp-area="" asp-page="/Privacy">Privacy</a>
+            &copy; 2022 - AspNetCoreRazorMultiClients - <a asp-area="" asp-page="/Privacy">Privacy</a>
         </div>
     </footer>
 
@@ -46,4 +50,4 @@
 
     @await RenderSectionAsync("Scripts", required: false)
 </body>
-</html>
+</html>
diff --git a/AspNetCoreRazorMultiClients/Pages/Shared/_Layout.cshtml.css b/AspNetCoreRazorMultiClients/Pages/Shared/_Layout.cshtml.css
@@ -0,0 +1,48 @@
+/* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification
+for details on configuring this project to bundle and minify static web assets. */
+
+a.navbar-brand {
+  white-space: normal;
+  text-align: center;
+  word-break: break-all;
+}
+
+a {
+  color: #0077cc;
+}
+
+.btn-primary {
+  color: #fff;
+  background-color: #1b6ec2;
+  border-color: #1861ac;
+}
+
+.nav-pills .nav-link.active, .nav-pills .show > .nav-link {
+  color: #fff;
+  background-color: #1b6ec2;
+  border-color: #1861ac;
+}
+
+.border-top {
+  border-top: 1px solid #e5e5e5;
+}
+.border-bottom {
+  border-bottom: 1px solid #e5e5e5;
+}
+
+.box-shadow {
+  box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05);
+}
+
+button.accept-policy {
+  font-size: 1rem;
+  line-height: inherit;
+}
+
+.footer {
+  position: absolute;
+  bottom: 0;
+  width: 100%;
+  white-space: nowrap;
+  line-height: 60px;
+}
diff --git a/AspNetCoreRazorMultiClients/Pages/Shared/_LoginPartial.cshtml b/AspNetCoreRazorMultiClients/Pages/Shared/_LoginPartial.cshtml
@@ -1,9 +1,10 @@
+@using System.Security.Principal
 
 <ul class="navbar-nav">
-@if (User.Identity.IsAuthenticated)
+@if (User.Identity?.IsAuthenticated == true)
 {
         <li class="nav-item">
-            <span class="navbar-text text-dark">Hello @User.Identity.Name!</span>
+            <span class="nav-link text-dark">Hello @User.Identity.Name!</span>
         </li>
         <li class="nav-item">
             <a class="nav-link text-dark" asp-controller="CustomAccount" asp-action="CustomSignOut">Sign out</a>
@@ -12,18 +13,16 @@
 else
 {
         <li>
-            <div class="main-menu">
-                <div class="dropdown">
-                    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownLangButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                        sign-in
-                    </button>
-                    <div class="dropdown-menu" aria-labelledby="dropdownLangButton">
-                        <a class="dropdown-item" asp-controller="CustomAccount" asp-action="SignInT1" >t1</a>
-
-                        <a class="dropdown-item"  asp-controller="CustomAccount" asp-action="SignInT2">t2</a>
-                    </div>
-                </div>
+            <div class="dropdown">
+              <button type="button" class="btn btn-primary dropdown-toggle" data-bs-toggle="dropdown">
+                choose tenant
+              </button>
+              <ul class="dropdown-menu">
+                <li><a class="dropdown-item" asp-controller="CustomAccount" asp-action="SignInT1" >t1</a></li>
+                <li><a class="dropdown-item"  asp-controller="CustomAccount" asp-action="SignInT2">t2</a></li>
+              </ul>
             </div>
         </li>
 }
 </ul>
+
diff --git a/AspNetCoreRazorMultiClients/Program.cs b/AspNetCoreRazorMultiClients/Program.cs
@@ -1,21 +1,88 @@
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.Hosting;
+using AspNetCoreRazorMultiClients;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.Identity.Web;
+using Microsoft.Identity.Web.UI;
+using Microsoft.AspNetCore.Authentication;
 
-namespace AspNetCoreRazorMultiClients;
+var builder = WebApplication.CreateBuilder(args);
 
-public class Program
+builder.WebHost.ConfigureKestrel(serverOptions =>
 {
-    public static void Main(string[] args)
+    serverOptions.AddServerHeader = false;
+});
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+var env = builder.Environment;
+
+// store the aad login
+services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+    .AddCookie();
+
+services.AddAuthentication()
+    .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAdT1"), "t1", "cookiet1");
+
+services.Configure<OpenIdConnectOptions>("t1", options =>
+{
+    var existingOnTokenValidatedHandler = options.Events.OnTokenValidated;
+    options.Events.OnTokenValidated = async context =>
+    {
+        await existingOnTokenValidatedHandler(context);
+
+        if (context.Principal != null)
+        {
+            await context.HttpContext.SignInAsync(
+                CookieAuthenticationDefaults.AuthenticationScheme, context.Principal);
+        }
+    };
+});
+
+services.AddAuthentication()
+    .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAdT2"), "t2", "cookiet2");
+
+services.Configure<OpenIdConnectOptions>("t2", options =>
+{
+    var existingOnTokenValidatedHandler = options.Events.OnTokenValidated;
+    options.Events.OnTokenValidated = async context =>
     {
-        CreateHostBuilder(args).Build().Run();
-    }
+        await existingOnTokenValidatedHandler(context);
 
-    public static IHostBuilder CreateHostBuilder(string[] args) =>
-    Host.CreateDefaultBuilder(args)
-        .ConfigureWebHostDefaults(webBuilder =>
+        if(context.Principal != null)
         {
-            webBuilder
-                .ConfigureKestrel(options => options.AddServerHeader = false)
-                .UseStartup<Startup>();
-        });
+            await context.HttpContext.SignInAsync(
+                CookieAuthenticationDefaults.AuthenticationScheme, context.Principal);
+        }
+    };
+});
+
+// no policy, you can choose which client 
+services.AddAuthorization();
+
+services.AddRazorPages()
+    .AddMvcOptions(options => { })
+    .AddMicrosoftIdentityUI();
+
+var app = builder.Build();
+
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler("/Error");
+    app.UseHsts();
 }
+
+app.UseSecurityHeaders(SecurityHeadersDefinitions
+    .GetHeaderPolicyCollection(env.IsDevelopment()));
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+
+app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
+app.MapRazorPages();
+app.MapControllers();
+
+app.Run();