Interface ICustomWebUi
- Namespace
- Microsoft.Identity.Client.Extensibility
- Assembly
- Microsoft.Identity.Client.dll
Interface that an MSAL.NET extender can implement to provide their own web UI in public client applications to sign-in user and have them consented part of the Authorization code flow. MSAL.NET provides an embedded web view for Windows and Mac, but there are other scenarios not yet supported. This extensibility point enables them to provide such UI in a secure way
public interface ICustomWebUiMethods
AcquireAuthorizationCodeAsync(Uri, Uri, CancellationToken)
Method called by MSAL.NET to delegate the authentication code web with the Secure Token Service (STS)
Task<Uri> AcquireAuthorizationCodeAsync(Uri authorizationUri, Uri redirectUri, CancellationToken cancellationToken)Parameters
authorizationUriUriURI computed by MSAL.NET that will let the UI extension navigate to the STS authorization endpoint in order to sign-in the user and have them consent
redirectUriUriThe redirect URI that was configured. The auth code will be appended to this redirect URI and the browser will redirect to it.
cancellationTokenCancellationTokenThe cancellation token to which you should respond to. See Task cancellation for details.
Returns
- Task<Uri>
The URI returned back from the STS authorization endpoint. This URI contains a code=CODE parameters that MSAL.NET will extract and redeem.
Remarks
The authorizationUri is crafted to
leverage PKCE in order to protect the token from a man in the middle attack.
Only MSAL.NET can redeem the code.