diff --git a/code/final/authentication/HmsBlazor/HmsBlazor/HmsBlazor.csproj b/code/final/authentication/HmsBlazor/HmsBlazor/HmsBlazor.csproj
index b9e581d..560a9de 100644
--- a/code/final/authentication/HmsBlazor/HmsBlazor/HmsBlazor.csproj
+++ b/code/final/authentication/HmsBlazor/HmsBlazor/HmsBlazor.csproj
@@ -4,7 +4,7 @@
net8.0
enable
enable
- 9cd1e038-88f9-483f-a372-3466997b1fb3
+ 383c1968-2058-42f0-8f69-302655038b93
diff --git a/code/final/authentication/HmsBlazor/HmsBlazor/Program.cs b/code/final/authentication/HmsBlazor/HmsBlazor/Program.cs
index ca13107..06a15be 100644
--- a/code/final/authentication/HmsBlazor/HmsBlazor/Program.cs
+++ b/code/final/authentication/HmsBlazor/HmsBlazor/Program.cs
@@ -33,7 +33,6 @@
.EnableTokenAcquisitionToCallDownstreamApi([ entraConfig.GetValue("Scopes")! ])
.AddInMemoryTokenCaches();
-
builder.Services.AddAuthentication()
.AddJwtBearer("Bearer", options =>
{
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/FoodMenuController.cs b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/FoodMenuController.cs
index 2c87acd..2a9831d 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/FoodMenuController.cs
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/FoodMenuController.cs
@@ -7,7 +7,7 @@ namespace Project_HMS.Controllers;
[Route("api/[controller]")]
[ApiController]
-//[Authorize]
+[Authorize]
public class FoodMenuController(DataAccess dataAccess) : ControllerBase
{
[HttpGet]
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/ReservationController.cs b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/ReservationController.cs
index 75f5144..7384810 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/ReservationController.cs
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/ReservationController.cs
@@ -6,7 +6,7 @@ namespace Project_HMS.Controllers;
[ApiController]
[Route("api/[controller]")]
-//[Authorize]
+[Authorize]
public class ReservationController(DataAccess dataAccess) : ControllerBase
{
[HttpPost("confirm-reservation")]
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/RoomController.cs b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/RoomController.cs
index fb0f39b..34bf913 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/RoomController.cs
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/Controllers/RoomController.cs
@@ -8,7 +8,7 @@ namespace Project_HMS.Controllers;
[Route("api/[controller]")]
[ApiController]
-//[Authorize]
+[Authorize]
public class RoomController(DataAccess dataAccess) : ControllerBase
{
[HttpGet]
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/DataAccess.cs b/code/final/with_ai/HmsBlazor/HmsBlazor/DataAccess.cs
index f915c41..4e5d1d1 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/DataAccess.cs
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/DataAccess.cs
@@ -38,9 +38,10 @@ public DataSet Ds
set { this.ds = value; }
}
- public DataAccess()
+ public DataAccess(IConfiguration configuration)
{
- this.Sqlcon = new SqlConnection(@"Data Source=localhost;Initial Catalog=Project_HMS;Persist Security Info=True;User ID=sa;Password=myPassword123!@;TrustServerCertificate=True");
+ var connectionString = configuration.GetConnectionString("DefaultConnection");
+ this.Sqlcon = new SqlConnection(connectionString);
this.Sqlcon.Open();
}
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/Program.cs b/code/final/with_ai/HmsBlazor/HmsBlazor/Program.cs
index f1109c9..4e0bad6 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/Program.cs
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/Program.cs
@@ -1,10 +1,11 @@
-using HmsBlazor.Client.Pages;
using HmsBlazor.Components;
-using Microsoft.AspNetCore.OpenApi;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
using Microsoft.AspNetCore.HttpOverrides;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authentication.Cookies;
using SmartComponents.Inference.OpenAI;
var builder = WebApplication.CreateBuilder(args);
@@ -16,7 +17,7 @@
.AddInteractiveWebAssemblyComponents();
builder.Services.AddSmartComponents()
- .WithInferenceBackend(); ;
+ .WithInferenceBackend();
builder.Services.AddScoped();
@@ -25,15 +26,33 @@
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
+var entraConfig = builder.Configuration.GetSection("EntraID");
+
builder.Services
- .AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
- .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("EntraID"));
+ .AddAuthentication(options => {
+ options.DefaultAuthenticateScheme = OpenIdConnectDefaults.AuthenticationScheme;
+ options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
+ })
+ .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("EntraID"))
+ .EnableTokenAcquisitionToCallDownstreamApi([ entraConfig.GetValue("Scopes")! ])
+ .AddInMemoryTokenCaches();
+
+builder.Services.AddAuthentication()
+ .AddJwtBearer("Bearer", options =>
+ {
+ options.Authority = entraConfig.GetValue("Authority");
+ options.Audience = entraConfig.GetValue("ClientId");
+ });
builder.Services.AddControllersWithViews()
.AddMicrosoftIdentityUI();
builder.Services.AddAuthorization(options =>
{
+ options.DefaultPolicy = new AuthorizationPolicyBuilder()
+ .RequireAuthenticatedUser()
+ .AddAuthenticationSchemes(CookieAuthenticationDefaults.AuthenticationScheme, OpenIdConnectDefaults.AuthenticationScheme, JwtBearerDefaults.AuthenticationScheme)
+ .Build();
options.FallbackPolicy = options.DefaultPolicy;
});
@@ -41,7 +60,8 @@
// enables HttpClientFactory.CreateClient()
builder.Services.AddHttpClient("HmsApi",
- client => client.BaseAddress = new Uri(baseAddress));
+ client => client.BaseAddress = new Uri(baseAddress))
+ .AddMicrosoftIdentityAppAuthenticationHandler("HmsApi", entraConfig);
// registers HttpClient so you can inject one in your components
builder.Services.AddScoped(sp => sp.GetRequiredService()
@@ -78,7 +98,6 @@
app.UseForwardedHeaders(forwardedHeadersOptions);
-
app.UseAuthentication(); // <-- add this
app.UseAuthorization(); // <-- add this
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/Properties/launchSettings.json b/code/final/with_ai/HmsBlazor/HmsBlazor/Properties/launchSettings.json
index 36828f2..0209b15 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/Properties/launchSettings.json
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/Properties/launchSettings.json
@@ -12,7 +12,7 @@
"https": {
"commandName": "Project",
"dotnetRunMessages": true,
- "launchBrowser": true,
+ "launchBrowser": false,
"inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
"applicationUrl": "https://localhost:7219",
"environmentVariables": {
diff --git a/code/final/with_ai/HmsBlazor/HmsBlazor/appsettings.json b/code/final/with_ai/HmsBlazor/HmsBlazor/appsettings.json
index 2f968b2..7adc7b8 100644
--- a/code/final/with_ai/HmsBlazor/HmsBlazor/appsettings.json
+++ b/code/final/with_ai/HmsBlazor/HmsBlazor/appsettings.json
@@ -8,8 +8,11 @@
"AllowedHosts": "*",
"BaseUrl": "https://localhost:7219",
"EntraID": {
+ "TenantId": "96e49a13-05af-4172-8df0-b4b3cf98dd20",
+ "Instance": "https://login.microsoftonline.com",
"Authority": "https://login.microsoftonline.com/96e49a13-05af-4172-8df0-b4b3cf98dd20",
"ClientId": "f1d141cf-c7fe-442d-93ec-53a72a416d8a",
+ "Scopes": "f1d141cf-c7fe-442d-93ec-53a72a416d8a/.default",
"CallbackPath": "/signin-oidc",
"ValidateAuthority": true
}