Joonas Westlin
Joonas Westlin
Does this also mean if an app is using Azure AD Graph API with an app registration in the underlying Azure AD tenant, they should also switch to using the...
Hmm, could you link to a sample of its usage? That certainly sounds like something that could be done.
Thanks, I'll try to look at doing this in the weekend.
Couldn't implement this quite yet, the change is incompatible with the current unit tests. Getting a NotImplementedException when calling OnStarting to register the delegate.
Ooh, mocking the response feature interface with Moq might work :)
Good idea :) The structure should be this one at the moment: https://w3c.github.io/webappsec-csp/#deprecated-serialize-violation. Based on the name and some comments in the spec, it seems they are actively trying to...
Hmm, thanks for reporting this. I've usually not wanted to implement too many of these kinds of behaviours into the library as these can change. If this is implemented, I'd...
Right, good points 👍
This could be added. It's currently an experimental directive though and not supported across all major browsers. There is a risk that it'll be changed/removed in the future.
What I've used in my apps is: ``` auth.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; auth.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; auth.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme; ``` SignInScheme is the scheme used to persist the user, so in this...