diff --git a/server/Cae/WebApiMsalUiRequiredException.cs b/server/Cae/WebApiMsalUiRequiredException.cs index 1e24075..dbc3a13 100644 --- a/server/Cae/WebApiMsalUiRequiredException.cs +++ b/server/Cae/WebApiMsalUiRequiredException.cs @@ -1,5 +1,5 @@ -using System.Net.Http.Headers; -using System.Net; +using System.Net; +using System.Net.Http.Headers; namespace BffMicrosoftEntraExternalID.Server; diff --git a/server/Models/UserInfo.cs b/server/Models/UserInfo.cs index 25806e9..71a0caa 100644 --- a/server/Models/UserInfo.cs +++ b/server/Models/UserInfo.cs @@ -1,6 +1,4 @@ -using System.Collections.Generic; - -namespace BffMicrosoftEntraExternalID.Server.Models; +namespace BffMicrosoftEntraExternalID.Server.Models; public class UserInfo { diff --git a/server/Program.cs b/server/Program.cs index 75049b2..9431f25 100644 --- a/server/Program.cs +++ b/server/Program.cs @@ -51,8 +51,8 @@ // If you use persistent cache, you do not require this. // You can also return the 403 with the required scopes, this needs special handling for ajax calls // The check is only for single scopes -services.Configure(CookieAuthenticationDefaults.AuthenticationScheme, - options => options.Events = new RejectSessionCookieWhenAccountNotInCacheEvents(initialScopes)); +services.Configure(CookieAuthenticationDefaults.AuthenticationScheme, + options => options.Events = new RejectSessionCookieWhenAccountNotInCacheEvents(initialScopes)); services.AddControllersWithViews(options => options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute())); diff --git a/server/RejectSessionCookieWhenAccountNotInCacheEvents.cs b/server/RejectSessionCookieWhenAccountNotInCacheEvents.cs index 8432259..b6e8a08 100644 --- a/server/RejectSessionCookieWhenAccountNotInCacheEvents.cs +++ b/server/RejectSessionCookieWhenAccountNotInCacheEvents.cs @@ -20,7 +20,7 @@ public async override Task ValidatePrincipal(CookieValidatePrincipalContext cont var tokenAcquisition = context.HttpContext.RequestServices .GetRequiredService(); - string token = await tokenAcquisition.GetAccessTokenForUserAsync(scopes: _downstreamScopes, + string token = await tokenAcquisition.GetAccessTokenForUserAsync(scopes: _downstreamScopes, user: context.Principal); } catch (MicrosoftIdentityWebChallengeUserException ex) when (AccountDoesNotExitInTokenCache(ex)) @@ -31,7 +31,7 @@ public async override Task ValidatePrincipal(CookieValidatePrincipalContext cont private static bool AccountDoesNotExitInTokenCache(MicrosoftIdentityWebChallengeUserException ex) { - return ex.InnerException is MsalUiRequiredException + return ex.InnerException is MsalUiRequiredException && (ex.InnerException as MsalUiRequiredException)!.ErrorCode == "user_null"; } } diff --git a/server/SecurityHeadersDefinitions.cs b/server/SecurityHeadersDefinitions.cs index f5e8cad..e22f29b 100644 --- a/server/SecurityHeadersDefinitions.cs +++ b/server/SecurityHeadersDefinitions.cs @@ -4,7 +4,7 @@ public static class SecurityHeadersDefinitions { public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev, string? idpHost) { - if(idpHost == null) + if (idpHost == null) { throw new ArgumentNullException(nameof(idpHost)); }