microsoft-identity-web: AddMicrosoftGraph() does not support new graph SDK 5.0.0
Microsoft.Identity.Web Library
Microsoft.Identity.Web 2.5.0 Protected web app/APIs call downstream web APIs
Description
After upgrading my entire solution to graph SDK 5.0.0 my blazor server app is not working anymore. Microsoft.Identity.Web has a dependency on graph 4.5 and won’t work with new version.
Reproduction steps
upgrade to graph sdk 5.0.0 nuget.
Relevant code snippets
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(options => builder.Configuration.Bind("AzureAd", options))
.EnableTokenAcquisitionToCallDownstreamApi(options => builder.Configuration.Bind("AzureAd", options), initialScopes)
.AddMicrosoftGraph(graphBaseUrl: "https://graph.microsoft.com", defaultScopes: "User.Read")
Expected behavior
Microsoft.Identity.Web should work with latest graph sdk when release to production
Update. This is solved in Microsoft.Identity.Web 2.12.2. You will need to replace the reference to Microsoft.Identity.Web.Microosft.Graph by Microsoft.Identity.Web.GraphServiceClient. For details on the migration guide see Microsoft.Identity.Web.GraphServiceClient
About this issue
- Original URL
- State: closed
- Created a year ago
- Reactions: 3
- Comments: 27
I would argue for developers experience it can get tedious deciding which nuget package to install for which purposes. I just want to authenticate my application and call some graph apis that I’ve been granted permissions for.
I found the starter templates helpful for this purpose. I didn’t have to think, I was just able to add authentication and plug in my ClientID and Secret and get to implementing business logic.
From my experience -
I am at least aware of this issue so I could feasibly pivot and install a different Identity package, but for other devs who want to stay on top of new releases, they’ll run into the same hoops I did just to find out they need to use a whole new package - which is documented 🤷
I believe it’s a better experience to have teams that don’t want to upgrade the graph sdk to also not upgrade their identity package. However, I can see the painpoint of coordinating major releases with the sdk team and it’s not an ideal coupling.
Released in 2.12.2
No, it is the new one. Here https://github.com/AzureAD/microsoft-identity-web/blob/jmprieur/Graph5/src/Microsoft.Identity.Web.GraphServiceClient/Readme.md
Truth be said I do not think this should have been a stable release. It breaks way too much things including basic templates which makes it really hard for developers used to stuff working out of the box.
@mtbayley: I think that this is what we are going to do (to let customers decide when they want to migrate to 5 as some feedback told us attempted to move to 5 broker a lot of their code and is not straightforward)
There is no question that i would be willing to break the code when upgrading. I mean that’s what we are doing when upgrading to Graph 5.x anyway… But tight integration may not be a good idea in the future as in theory this could slow adoption of the graph sdk. I think alot of developers like the “out of box” experience to spin up a project quickly based on Azure AD and Graph… to be completely honest the Microsoft.Identity.Web is something i am using to easily start a project based on Azure AD login. It’s the default behavior for the visual studio template, so in my mind i would have thought it followed the graph sdk. I would be willing to test stuff out for you if neccesary of course. I really like the new syntax for the graph sdk over the old one. It makes more sense from a developer point of view in my mind. Granted we got used to the request syntax, but the new syntax is more logic i think…
@shareonline Temporary solution: https://gist.github.com/ashelopukho/5b00944c7744ebb4f9baa348e86f7e0e
@andymarksonline I figured it out. I’ve dived into source code and it seems there are several GraphServiceCollectionExtensions which provide AddMicrosoftGraph with same signatures. One in Microsoft.Identity.Web.MicrosoftGraph, one in Microsoft.Identity.Web.GraphServiceClient.
It seems the former is the old one and uses old Core Options that are not present in current version. Including Microsoft.Identity.Web.GraphServiceClient instead of Microsoft.Identity.Web.MicrosoftGraph solved the issue.
So confusing 😃
Yes, sorry got the version (2.12) and the date (6/16) mixed together. 🤦thanks for calling it out.
Can’t wait for this! Good job everyone involved, it makes our .NET lives much easier 😏
Do you mean 6/16/23?
When can we expect the next release including this fix?
Can anyone at all explain to me how I can get graph working? I’m like brand new to this and I’m trying to make graph calls with a “Users.Read.All” scope from my application, but I cannot get it to work and there’s very little information as to how to do so.
I am using ASP.NET Core 7.0 Web API.
So far I have this setup, with @ashelopukho 's work around with the following:
This throws the following error:
However, I am able to call the graph endpoint with my associated client id, client secret, tenant id, grant_type, at:
https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
And I can successfully retrieve a token and query the microsoft graph endpoint with it.
Does anyone know how to just set this up right now? The documentation is vast and unclear with multiple ways to do the same thing and none of them work. Even worse, if i wanted to use old packages, i don’t know which ones to use and Microsoft.Identity.Web, Microsoft.Graph and Microsoft.Graph.Core all depend on each other in some way that I don’t understand.
Same here.
In fact it throws
TypeLoadException: Could not load type 'Microsoft.Graph.IAuthenticationProviderOption' from assembly 'Microsoft.Graph.Core, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. Microsoft.Identity.Web.GraphServiceCollectionExtensions+<>c.<AddMicrosoftGraph>b__1_0(IServiceProvider serviceProvider)
Needed to downgrade to
Microsoft.Graph 4.54.0
in order to make it run again. Didn’t want to introduce a temporary solution in my Blazor App, like @ashelopukho kindly offered.