Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AddMicrosoftGraphAppOnly should add singleton service instead of scoped service #3242

Open
RamType0 opened this issue Feb 12, 2025 · 2 comments
Open

AddMicrosoftGraphAppOnly should add singleton service instead of scoped service #3242

RamType0 opened this issue Feb 12, 2025 · 2 comments
Labels
answered question Further information is requested

Comments

@RamType0
Copy link

Microsoft.Identity.Web Library

Microsoft.Identity.Web

Microsoft.Identity.Web version

3.6.2

Web app

Not Applicable

Web API

Not Applicable

Token cache serialization

Not Applicable

Description

Unlike AddMicrosoftGraph, AddMicrosoftGraphAppOnly uses app permission instead of user permission.
So, GraphServiceClient should be added as singleton service in this context.

Reproduction steps

  1. Add GraphServiceClient via AddMicrosoftGraphAppOnly.
  2. Get GraphServiceClient from service provider.

Error message

No response

Id Web logs

No response

Relevant code snippets

builder.Services.AddAuthentication().AddMicrosoftIdentityWebApi(builder.Configuration).AddMicrosoftGraphAppOnly();

var app = builder.Build();

var graphServiceClient =  app.Services.GetRequiredService<GraphServiceClient>();

Regression

No response

Expected behavior

GraphServiceClient could be retrieved as singleton service.
@jmprieur
Copy link
Collaborator

If you choose to have token acquisition as a singleton, then Graph will also be a singleton

builder.Services.AddAuthentication().
                           AddMicrosoftIdentityWebApi(builder.Configuration);

builder.Services.AddTokenAcquisition(true); // singleton
buildr.Services.AddMicrosoftGraphAppOnly();

var app = builder.Build();

var graphServiceClient =  app.Services.GetRequiredService<GraphServiceClient>();

@jmprieur jmprieur added question Further information is requested answered and removed untriaged needs attention labels Feb 19, 2025
@RamType0
Copy link
Author

RamType0 commented Feb 21, 2025
edited
Loading

If you choose to have token acquisition as a singleton, then Graph will also be a singleton

I meant this method

microsoft-identity-web/src/Microsoft.Identity.Web.MicrosoftGraph/MicrosoftGraphExtensions.cs

Lines 99 to 120 in ae4211e

/// <summary>
/// Add support to call Microsoft Graph.
/// </summary>
/// <param name="builder">Builder.</param>
/// <param name="graphServiceClientFactory">Function to create a GraphServiceClient.</param>
/// <returns>The builder to chain.</returns>
public static MicrosoftIdentityAppCallsWebApiAuthenticationBuilder AddMicrosoftGraphAppOnly(
this MicrosoftIdentityAppCallsWebApiAuthenticationBuilder builder,
Func<IAuthenticationProvider, GraphServiceClient> graphServiceClientFactory)
{
_ = Throws.IfNull(builder);
builder.Services.AddScoped<GraphServiceClient, GraphServiceClient>(serviceProvider =>
{
IAuthorizationHeaderProvider authorizationHeaderProvider = serviceProvider.GetRequiredService<IAuthorizationHeaderProvider>();
return graphServiceClientFactory(new TokenAcquisitionAuthenticationProvider(
authorizationHeaderProvider,
new TokenAcquisitionAuthenticationProviderOption() { AppOnly = true }));
});
return builder;
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
answered question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmprieur @RamType0