locked
How to share MSALSessionCache with 2 web applications? RRS feed

  • Question

  • I have developed 2 web applications. I have used Azure Active Directory v2.0 for user identity. These two applications are hosted as separate web apps in Azure. using Application Gateway, I am redirecting the specific request to web apps.

    If User is requesting for any of the web apps, then first it is redirected to azure tenant endpoint for authentication.

    After successful login, it will be redirected to the main web app and I have followed this below code in <g class="gr_ gr_18 gr-alert gr_gramm gr_hide gr_inline_cards gr_run_anim Grammar only-ins multiReplace replaceWithoutSep replaceWithoutSep" data-gr-id="18" id="18">OnAuthorizationCodeReceived</g> method.

    TokenCache userTokenCache = new MSALSessionCache(signedInUserID, notification.OwinContext.Environment["System.Web.HttpContextBase"] as HttpContextBase).GetMsalCacheInstance(); ConfidentialClientApplication cca = new ConfidentialClientApplication(ApplicationId, Authority, RedirectUri, new ClientCredential(ApplicationKey), userTokenCache, null);

    Now When User is navigating from one web app to the other web app. I am using below code to get token from the cache.

    TokenCache userTokenCache = new MSALSessionCache(signedInUserID, new HttpContextWrapper(HttpContext.Current)).GetMsalCacheInstance(); ConfidentialClientApplication cca = new ConfidentialClientApplication(Startup.ApplicationId, Startup.Authority, Startup.RedirectUri, new ClientCredential(Startup.ApplicationKey), userTokenCache, null);

    var user = cca.Users.FirstOrDefault();

    When I am implementing this code and try to get token in the second web app.then it will give me null in the user variable and it throws an error.

    What Should I Do?

    Note: If some user logged in one web apps, then it does not require to log in another web app. Sessions and cookies are shared between all web apps.

    Tuesday, September 11, 2018 1:30 PM

Answers

  • For acquiring tokens with authorization codes on web apps, see this link and check the complete code.

    https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Acquiring-tokens-with-authorization-codes-on-web-apps 

    MSALSessionCache is a sample implementation of a custom MSAL token cache, which saves tokens in the current HTTP session. In a real-life application, you would likely want to save tokens in a long lived store instead, so that you don’t need to retrieve new ones more often than necessary.

    For sample, check this for code reference 

    http://net-tricks.com/2017/10/29/asp-net-core-web-app-azure-ad-b2c/ 

    • Proposed as answer by samyyysam Tuesday, September 11, 2018 3:33 PM
    • Marked as answer by Karan J Shah Monday, October 8, 2018 7:03 AM
    Tuesday, September 11, 2018 3:33 PM

All replies

  • For acquiring tokens with authorization codes on web apps, see this link and check the complete code.

    https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Acquiring-tokens-with-authorization-codes-on-web-apps 

    MSALSessionCache is a sample implementation of a custom MSAL token cache, which saves tokens in the current HTTP session. In a real-life application, you would likely want to save tokens in a long lived store instead, so that you don’t need to retrieve new ones more often than necessary.

    For sample, check this for code reference 

    http://net-tricks.com/2017/10/29/asp-net-core-web-app-azure-ad-b2c/ 

    • Proposed as answer by samyyysam Tuesday, September 11, 2018 3:33 PM
    • Marked as answer by Karan J Shah Monday, October 8, 2018 7:03 AM
    Tuesday, September 11, 2018 3:33 PM
  • @Karan J Shah, Have you had a chance to see the previous? If the suggestions were helpful, click “Mark as Answer” and Up-Vote. Feel free to reach out to us if you've additional questions in this regard.
    Monday, September 24, 2018 10:17 AM