Muokkaa

Jaa


Desktop app that calls web APIs: Code configuration

Now that you've created your application, you'll learn how to configure the code with the application's coordinates.

Microsoft libraries supporting desktop apps

The following Microsoft libraries support desktop apps:

Language / framework Project on
GitHub
Package Getting
started
Sign in users Access web APIs Generally available (GA) or
Public preview1
Electron MSAL Node.js msal-node Library can request ID tokens for user sign-in. Library can request access tokens for protected web APIs. Public preview
Java MSAL4J msal4j Library can request ID tokens for user sign-in. Library can request access tokens for protected web APIs. GA
macOS (Swift/Obj-C) MSAL for iOS and macOS MSAL Tutorial Library can request ID tokens for user sign-in. Library can request access tokens for protected web APIs. GA
UWP MSAL.NET Microsoft.Identity.Client Tutorial Library can request ID tokens for user sign-in. Library can request access tokens for protected web APIs. GA
WPF MSAL.NET Microsoft.Identity.Client Tutorial Library can request ID tokens for user sign-in. Library can request access tokens for protected web APIs. GA

1 Universal License Terms for Online Services apply to libraries in Public preview.

Public client application

From a code point of view, desktop applications are public client applications. The configuration will be a bit different based on whether you use interactive authentication or not.

You'll need to build and manipulate MSAL.NET IPublicClientApplication.

IPublicClientApplication

Exclusively by code

The following code instantiates a public client application and signs in users in the Microsoft Azure public cloud with a work or school account or a personal Microsoft account.

IPublicClientApplication app = PublicClientApplicationBuilder.Create(clientId)
    .Build();

If you intend to use interactive authentication or device code flow, as seen previously, use the .WithRedirectUri modifier.

IPublicClientApplication app;
app = PublicClientApplicationBuilder.Create(clientId)
        .WithDefaultRedirectUri()
        .Build();

Use configuration files

The following code instantiates a public client application from a configuration object, which could be filled in programmatically or read from a configuration file.

PublicClientApplicationOptions options = GetOptions(); // your own method
IPublicClientApplication app = PublicClientApplicationBuilder.CreateWithApplicationOptions(options)
        .WithDefaultRedirectUri()
        .Build();

More elaborated configuration

You can elaborate the application building by adding a number of modifiers. For instance, if you want your application to be a multitenant application in a national cloud, such as US Government shown here, you could write:

IPublicClientApplication app;
app = PublicClientApplicationBuilder.Create(clientId)
        .WithDefaultRedirectUri()
        .WithAadAuthority(AzureCloudInstance.AzureUsGovernment,
                         AadAuthorityAudience.AzureAdMultipleOrgs)
        .Build();

MSAL.NET also contains a modifier for Active Directory Federation Services 2019:

IPublicClientApplication app;
app = PublicClientApplicationBuilder.Create(clientId)
        .WithAdfsAuthority("https://consoso.com/adfs")
        .Build();

Finally, if you want to acquire tokens for an Azure Active Directory (Azure AD) B2C tenant, specify your tenant as shown in the following code snippet:

IPublicClientApplication app;
app = PublicClientApplicationBuilder.Create(clientId)
        .WithB2CAuthority("https://fabrikamb2c.b2clogin.com/tfp/{tenant}/{PolicySignInSignUp}")
        .Build();

Learn more

To learn more about how to configure an MSAL.NET desktop application:

Complete example with configuration options

Imagine a .NET console application that has the following appsettings.json configuration file:

{
  "Authentication": {
    "AzureCloudInstance": "AzurePublic",
    "AadAuthorityAudience": "AzureAdMultipleOrgs",
    "ClientId": "00001111-aaaa-2222-bbbb-3333cccc4444"
  },

  "WebAPI": {
    "MicrosoftGraphBaseEndpoint": "https://graph.microsoft.com"
  }
}

You have little code to read in this file by using the .NET-provided configuration framework:

public class SampleConfiguration
{
 /// <summary>
 /// Authentication options
 /// </summary>
 public PublicClientApplicationOptions PublicClientApplicationOptions { get; set; }

 /// <summary>
 /// Base URL for Microsoft Graph (it varies depending on whether the application runs
 /// in Microsoft Azure public clouds or national or sovereign clouds)
 /// </summary>
 public string MicrosoftGraphBaseEndpoint { get; set; }

 /// <summary>
 /// Reads the configuration from a JSON file
 /// </summary>
 /// <param name="path">Path to the configuration json file</param>
 /// <returns>SampleConfiguration as read from the json file</returns>
 public static SampleConfiguration ReadFromJsonFile(string path)
 {
  // .NET configuration
  IConfigurationRoot Configuration;
  var builder = new ConfigurationBuilder()
                    .SetBasePath(Directory.GetCurrentDirectory())
                    .AddJsonFile(path);
  Configuration = builder.Build();

  // Read the auth and graph endpoint configuration
  SampleConfiguration config = new SampleConfiguration()
  {
   PublicClientApplicationOptions = new PublicClientApplicationOptions()
  };
  Configuration.Bind("Authentication", config.PublicClientApplicationOptions);
  config.MicrosoftGraphBaseEndpoint =
  Configuration.GetValue<string>("WebAPI:MicrosoftGraphBaseEndpoint");
  return config;
 }
}

Now, to create your application, write the following code:

SampleConfiguration config = SampleConfiguration.ReadFromJsonFile("appsettings.json");
var app = PublicClientApplicationBuilder.CreateWithApplicationOptions(config.PublicClientApplicationOptions)
           .WithDefaultRedirectUri()
           .Build();

Before the call to the .Build() method, you can override your configuration with calls to .WithXXX methods, as seen previously.

Next steps

Move on to the next article in this scenario, Acquire a token for the desktop app.