♻️ Consolidate authentication solution with_ai solution

code/final/authentication/HmsBlazor/HmsBlazor/HmsBlazor.csproj

@@ -4,7 +4,7 @@
     <TargetFramework>net8.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
-    <UserSecretsId>9cd1e038-88f9-483f-a372-3466997b1fb3</UserSecretsId>
+    <UserSecretsId>383c1968-2058-42f0-8f69-302655038b93</UserSecretsId>
   </PropertyGroup>
 
   <ItemGroup>

code/final/authentication/HmsBlazor/HmsBlazor/Program.cs

@@ -33,7 +33,6 @@
         .EnableTokenAcquisitionToCallDownstreamApi([ entraConfig.GetValue<string>("Scopes")! ])
         .AddInMemoryTokenCaches();
 
-
 builder.Services.AddAuthentication()
     .AddJwtBearer("Bearer", options =>
     {

code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/FoodMenuController.cs

@@ -7,7 +7,7 @@ namespace Project_HMS.Controllers;
 
 [Route("api/[controller]")]
 [ApiController]
-//[Authorize]
+[Authorize]
 public class FoodMenuController(DataAccess dataAccess) : ControllerBase
 { 
     [HttpGet]

code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/ReservationController.cs

@@ -6,7 +6,7 @@ namespace Project_HMS.Controllers;
 
 [ApiController]
 [Route("api/[controller]")]
-//[Authorize]
+[Authorize]
 public class ReservationController(DataAccess dataAccess) : ControllerBase
 {
     [HttpPost("confirm-reservation")]

code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/RoomController.cs

@@ -8,7 +8,7 @@ namespace Project_HMS.Controllers;
 
 [Route("api/[controller]")]
 [ApiController]
-//[Authorize]
+[Authorize]
 public class RoomController(DataAccess dataAccess) : ControllerBase
 {
     [HttpGet]

code/final/with_ai/HmsBlazor/HmsBlazor/DataAccess.cs

@@ -38,9 +38,10 @@ public DataSet Ds
             set { this.ds = value; }
         }
 
-        public DataAccess()
+        public DataAccess(IConfiguration configuration)
         {
-            this.Sqlcon = new SqlConnection(@"Data Source=localhost;Initial Catalog=Project_HMS;Persist Security Info=True;User ID=sa;Password=myPassword123!@;TrustServerCertificate=True");
+            var connectionString = configuration.GetConnectionString("DefaultConnection");
+            this.Sqlcon = new SqlConnection(connectionString);
             this.Sqlcon.Open();
         }
 

code/final/with_ai/HmsBlazor/HmsBlazor/Program.cs

@@ -1,10 +1,11 @@
-using HmsBlazor.Client.Pages;
 using HmsBlazor.Components;
-using Microsoft.AspNetCore.OpenApi;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Microsoft.Identity.Web;
 using Microsoft.Identity.Web.UI;
 using Microsoft.AspNetCore.HttpOverrides;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using SmartComponents.Inference.OpenAI;
 
 var builder = WebApplication.CreateBuilder(args);
@@ -16,7 +17,7 @@
     .AddInteractiveWebAssemblyComponents();
 
 builder.Services.AddSmartComponents()
-       .WithInferenceBackend<OpenAIInferenceBackend>(); ;
+       .WithInferenceBackend<OpenAIInferenceBackend>();
 
 builder.Services.AddScoped<Project_HMS.DataAccess>();
 
@@ -25,23 +26,42 @@
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
 
+var entraConfig = builder.Configuration.GetSection("EntraID");
+
 builder.Services
-    .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
-    .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("EntraID"));
+    .AddAuthentication(options => {
+        options.DefaultAuthenticateScheme = OpenIdConnectDefaults.AuthenticationScheme;
+        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
+    })
+    .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("EntraID"))
+        .EnableTokenAcquisitionToCallDownstreamApi([ entraConfig.GetValue<string>("Scopes")! ])
+        .AddInMemoryTokenCaches();
+
+builder.Services.AddAuthentication()
+    .AddJwtBearer("Bearer", options =>
+    {
+        options.Authority = entraConfig.GetValue<string>("Authority");
+        options.Audience = entraConfig.GetValue<string>("ClientId");
+    });
 
 builder.Services.AddControllersWithViews()
                 .AddMicrosoftIdentityUI();
 
 builder.Services.AddAuthorization(options =>
 {
+     options.DefaultPolicy = new AuthorizationPolicyBuilder()
+        .RequireAuthenticatedUser()
+        .AddAuthenticationSchemes(CookieAuthenticationDefaults.AuthenticationScheme, OpenIdConnectDefaults.AuthenticationScheme, JwtBearerDefaults.AuthenticationScheme)
+        .Build();
     options.FallbackPolicy = options.DefaultPolicy;
 });
 
 var baseAddress = builder.Configuration.GetValue<string>("BaseUrl");
 
 // enables HttpClientFactory.CreateClient()
 builder.Services.AddHttpClient("HmsApi", 
-    client => client.BaseAddress = new Uri(baseAddress));
+    client => client.BaseAddress = new Uri(baseAddress))
+     .AddMicrosoftIdentityAppAuthenticationHandler("HmsApi", entraConfig);
 
 // registers HttpClient so you can inject one in your components
 builder.Services.AddScoped(sp => sp.GetRequiredService<IHttpClientFactory>()
@@ -78,7 +98,6 @@
 
 app.UseForwardedHeaders(forwardedHeadersOptions);
 
-
 app.UseAuthentication(); // <-- add this
 app.UseAuthorization(); // <-- add this
 

code/final/with_ai/HmsBlazor/HmsBlazor/Properties/launchSettings.json

@@ -12,7 +12,7 @@
       "https": {
         "commandName": "Project",
         "dotnetRunMessages": true,
-        "launchBrowser": true,
+        "launchBrowser": false,
         "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
         "applicationUrl": "https://localhost:7219",
         "environmentVariables": {

code/final/with_ai/HmsBlazor/HmsBlazor/appsettings.json

@@ -8,8 +8,11 @@
   "AllowedHosts": "*",
   "BaseUrl": "https://localhost:7219",
   "EntraID": {
+    "TenantId": "96e49a13-05af-4172-8df0-b4b3cf98dd20",
+    "Instance": "https://login.microsoftonline.com",
     "Authority": "https://login.microsoftonline.com/96e49a13-05af-4172-8df0-b4b3cf98dd20",
     "ClientId": "f1d141cf-c7fe-442d-93ec-53a72a416d8a",
+    "Scopes": "f1d141cf-c7fe-442d-93ec-53a72a416d8a/.default",
     "CallbackPath": "/signin-oidc",
     "ValidateAuthority": true
   }