From 5338a4a7fba09435ba745a48ce8334196bbe6e0e Mon Sep 17 00:00:00 2001
From: Roland Guijt <roland.guijt@gmail.com>
Date: Mon, 22 Jul 2024 17:28:39 +0200
Subject: [PATCH 1/3] Use DI for HttpClient Use AccessTokenManagement to
 utilize refresh token Add missing link in layout page

---
 .../3_AspNetCoreAndApis/src/Api/Api.csproj            |  2 +-
 .../3_AspNetCoreAndApis/src/Client/Client.csproj      |  2 +-
 .../src/IdentityServer/IdentityServer.csproj          |  6 +++---
 .../src/WebClient/Pages/CallApi.cshtml.cs             | 11 ++++++-----
 .../src/WebClient/Pages/Shared/_Layout.cshtml         |  3 +++
 .../3_AspNetCoreAndApis/src/WebClient/Program.cs      |  3 +++
 .../src/WebClient/WebClient.csproj                    |  3 ++-
 7 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Api/Api.csproj b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Api/Api.csproj
index 8248e4b1..ed81416d 100755
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Api/Api.csproj
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Api/Api.csproj
@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.7" />
   </ItemGroup>
 
 </Project>
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Client/Client.csproj b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Client/Client.csproj
index 35715fd0..426f6c4c 100755
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Client/Client.csproj
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/Client/Client.csproj
@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="IdentityModel" Version="6.2.0" />
+    <PackageReference Include="IdentityModel" Version="7.0.0" />
   </ItemGroup>
 
 </Project>
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/IdentityServer.csproj b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/IdentityServer.csproj
index 96187a72..1d208d2b 100755
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/IdentityServer.csproj
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/IdentityServer.csproj
@@ -7,9 +7,9 @@
 	</PropertyGroup>
 
 	<ItemGroup>
-		<PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.1" />
+		<PackageReference Include="Duende.IdentityServer" Version="7.0.5" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.7" />
 
-		<PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
+		<PackageReference Include="Serilog.AspNetCore" Version="8.0.1" />
 	</ItemGroup>
 </Project>
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
index 52f86634..1ee59fc9 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
@@ -1,20 +1,21 @@
-using System.Net.Http.Headers;
 using System.Text.Json;
+using IdentityModel.Client;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 
 namespace MyApp.Namespace
 {
 
-    public class CallApiModel : PageModel
+    public class CallApiModel(IHttpClientFactory httpClientFactory) : PageModel
     {
         public string Json = string.Empty;
 
         public async Task OnGet()
         {
-            var accessToken = await HttpContext.GetTokenAsync("access_token");
-            var client = new HttpClient();
-            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
+            var accessToken = await HttpContext.GetUserAccessTokenAsync();
+            var client = httpClientFactory.CreateClient();
+            client.SetBearerToken(accessToken.AccessToken!);
+
             var content = await client.GetStringAsync("https://localhost:6001/identity");
 
             var parsed = JsonDocument.Parse(content);
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/Shared/_Layout.cshtml b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/Shared/_Layout.cshtml
index 16a31784..b918bc8c 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/Shared/_Layout.cshtml
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/Shared/_Layout.cshtml
@@ -25,6 +25,9 @@
                         <li class="nav-item">
                             <a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
                         </li>
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-page="/CallApi">Call API</a>
+                        </li>
                         <li class="nav-item">
                             <a class="nav-link text-dark" asp-area="" asp-page="/Signout">Signout</a>
                         </li>
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
index 30534df6..925c5fd8 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
@@ -32,6 +32,9 @@
         options.SaveTokens = true;
     });
 
+builder.Services.AddHttpClient();
+builder.Services.AddOpenIdConnectAccessTokenManagement();
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
index abb363dd..2a95b799 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
@@ -7,7 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.1" />
+    <PackageReference Include="Duende.AccessTokenManagement.OpenIdConnect" Version="2.1.2" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.7" />
   </ItemGroup>
 
 </Project>

From 73db2655f8797239d79c0ff484645b70b9022ea8 Mon Sep 17 00:00:00 2001
From: Roland Guijt <roland.guijt@gmail.com>
Date: Mon, 22 Jul 2024 18:12:50 +0200
Subject: [PATCH 2/3] Remove offline_access

---
 .../3_AspNetCoreAndApis/src/IdentityServer/Config.cs   |  2 --
 .../src/WebClient/Pages/CallApi.cshtml.cs              | 10 +++++-----
 .../3_AspNetCoreAndApis/src/WebClient/Program.cs       |  4 ----
 .../3_AspNetCoreAndApis/src/WebClient/WebClient.csproj |  1 -
 4 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/Config.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/Config.cs
index 9835bbe6..e7b72d21 100755
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/Config.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/IdentityServer/Config.cs
@@ -65,8 +65,6 @@ public static class Config
                 // where to redirect to after logout
                 PostLogoutRedirectUris = { "https://localhost:5002/signout-callback-oidc" },
 
-                AllowOfflineAccess = true,
-
                 AllowedScopes =
                 {
                     IdentityServerConstants.StandardScopes.OpenId,
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
index 1ee59fc9..a62d0dd9 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
@@ -1,20 +1,20 @@
+using System.Net.Http.Headers;
 using System.Text.Json;
-using IdentityModel.Client;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 
 namespace MyApp.Namespace
 {
 
-    public class CallApiModel(IHttpClientFactory httpClientFactory) : PageModel
+    public class CallApiModel() : PageModel
     {
         public string Json = string.Empty;
 
         public async Task OnGet()
         {
-            var accessToken = await HttpContext.GetUserAccessTokenAsync();
-            var client = httpClientFactory.CreateClient();
-            client.SetBearerToken(accessToken.AccessToken!);
+            var accessToken = await HttpContext.GetTokenAsync("access_token");
+            var client = new HttpClient();
+            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
 
             var content = await client.GetStringAsync("https://localhost:6001/identity");
 
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
index 925c5fd8..ff302ed8 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Program.cs
@@ -22,7 +22,6 @@
         options.Scope.Add("openid");
         options.Scope.Add("profile");
         options.Scope.Add("api1");
-        options.Scope.Add("offline_access");
         options.Scope.Add("verification");
         options.ClaimActions.MapJsonKey("email_verified", "email_verified");
         options.GetClaimsFromUserInfoEndpoint = true;
@@ -32,9 +31,6 @@
         options.SaveTokens = true;
     });
 
-builder.Services.AddHttpClient();
-builder.Services.AddOpenIdConnectAccessTokenManagement();
-
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
index 2a95b799..dd4aae94 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/WebClient.csproj
@@ -7,7 +7,6 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.AccessTokenManagement.OpenIdConnect" Version="2.1.2" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.7" />
   </ItemGroup>
 

From b5854354b2444b6c0b65fd9b0dd9b61aad9e3f5a Mon Sep 17 00:00:00 2001
From: Roland Guijt <roland.guijt@gmail.com>
Date: Mon, 22 Jul 2024 18:15:37 +0200
Subject: [PATCH 3/3] Remove parenthesis

---
 .../3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
index a62d0dd9..28e4b28e 100644
--- a/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
+++ b/IdentityServer/v7/Quickstarts/3_AspNetCoreAndApis/src/WebClient/Pages/CallApi.cshtml.cs
@@ -6,7 +6,7 @@
 namespace MyApp.Namespace
 {
 
-    public class CallApiModel() : PageModel
+    public class CallApiModel : PageModel
     {
         public string Json = string.Empty;