I have following code for Azure AD authentication:
services
.AddAuthorization(options =>
{
options.AddPolicy(name, builder =>
{
builder
.AddAuthenticationSchemes(AzureADDefaults.AuthenticationScheme)
.RequireAuthenticatedUser();
});
})
.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options =>
{
configuration.Bind("AzureAd", options);
});
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
...
}
AzureADDefaults.AuthenticationScheme and AzureADDefaults.OpenIdScheme are now obsolete with message "Use Microsoft.Identity.Web instead. See https://aka.ms/ms-identity-web.". However I can't find any clear documentation how to upgrade following code to use Identity.Web instead of those obsolete constants.
Does anyone have instructions how to remove this obsolete code?
This blog shows you the differences between Identity Platform and Identity.Web.
For Identity.Web, we use Microsoft.Identity.Web and Microsoft.Identity.Web.UI. Try to see this sample, and it uses AddMicrosoftIdentityWebAppAuthentication to sign in users.
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://learn.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});
// Sign-in users with the Microsoft identity platform
services.AddMicrosoftIdentityWebAppAuthentication(Configuration);
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
services.AddRazorPages();
}