Update the app to show best practices (#107)

* Update appsettings.json

* Update Program.cs

* Update Index.cshtml.cs

* Update web-app-aspnet/appsettings.json

Co-authored-by: Stephen Halter <[email protected]>

* Address Stephen's feedback

* Update IdWeb

---------

Co-authored-by: Stephen Halter <[email protected]>

Author: jmprieur

web-app-aspnet/Pages/Index.cshtml.cs

@@ -5,7 +5,7 @@
 
 namespace sign_in_webapp.Pages;
 
-[AuthorizeForScopes(ScopeKeySection = "DownstreamApi:Scopes")]
+[AuthorizeForScopes(ScopeKeySection = "DownstreamApis:MicrosoftGraph:Scopes")]
 public class IndexModel : PageModel
 {
     private readonly ILogger<IndexModel> _logger;
@@ -21,7 +21,7 @@ public IndexModel(ILogger<IndexModel> logger,
 
     public async Task OnGet()
     {
-        using var response = await _downstreamWebApi.CallApiForUserAsync("DownstreamApi").ConfigureAwait(false);
+        using var response = await _downstreamWebApi.CallApiForUserAsync("MicrosoftGraph").ConfigureAwait(false);
         if (response.StatusCode == System.Net.HttpStatusCode.OK)
         {
             var apiResult = await response.Content.ReadFromJsonAsync<JsonDocument>().ConfigureAwait(false);

web-app-aspnet/Program.cs

@@ -7,12 +7,13 @@
 
 // <ms_docref_add_msal>
 WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
-IEnumerable<string>? initialScopes = builder.Configuration.GetSection("DownstreamApi:Scopes").Get<IEnumerable<string>>();
+IEnumerable<string>? initialScopes = builder.Configuration.GetSection("DownstreamApis:MicrosoftGraph:Scopes").Get<IEnumerable<string>>();
 
 builder.Services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration, "AzureAd")
     .EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
-        .AddDownstreamApi("DownstreamApi", builder.Configuration.GetSection("DownstreamApi"))
         .AddInMemoryTokenCaches();
+builder.Services.AddDownstreamApis(builder.Configuration.GetSection("DownstreamApis"));
+
 // </ms_docref_add_msal>
 
 // <ms_docref_add_default_controller_for_sign-in-out>

web-app-aspnet/WebApp.csproj

@@ -6,8 +6,8 @@
     <RootNamespace>sign_in_webapp</RootNamespace>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="3.5.0" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="3.5.0" />
-    <PackageReference Include="Microsoft.Identity.Web.DownstreamApi" Version="3.5.0" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="3.8.0" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="3.8.0" />
+    <PackageReference Include="Microsoft.Identity.Web.DownstreamApi" Version="3.8.0" />
   </ItemGroup>
 </Project>

web-app-aspnet/appsettings.json

@@ -3,7 +3,7 @@
   "Instance": "https://login.microsoftonline.com/",
   "TenantId": "Enter the tenant ID obtained from the Microsoft Entra admin center",
   "ClientId": "Enter the client ID obtained from the Microsoft Entra admin center",
-  "ClientCertificates": [
+  "ClientCredentials": [
     {
       "SourceType": "StoreWithThumbprint",
       "CertificateStorePath": "CurrentUser/My",
@@ -12,12 +12,14 @@
   ],
   "CallbackPath": "/signin-oidc"
 },
-  "DownstreamApi": {
-    "BaseUrl": "https://graph.microsoft.com/v1.0/",
-    "RelativePath": "me",
-    "Scopes": [ 
-      "user.read" 
-    ]
+  "DownstreamApis": {
+    "MicrosoftGraph" :{
+      "BaseUrl": "https://graph.microsoft.com/v1.0/",
+      "RelativePath": "me",
+      "Scopes": [ 
+        "user.read" 
+      ]
+   }
   },
   "Logging": {
     "LogLevel": {