Azure B2C with Web API

Question

The examples I've seen for using Azure B2C with Web API show app.UseOAuthBearerAuthentication (as shown below), however my ASP .NET 5 Web API project uses IApplicationBuilder (not IAppBuilder) and UseOAuthBearerAuthentication does not exist. I've tried app.UseOpenIdConnectAuthentication, however I believe this uses cookies and I couldn't get it working using a Xamarin app as a client. I've tried app.UseWindowsAzureActiveDirectoryBearerAuthentication but I believe this is for standard Azure AD (not B2C) is that true? Any ideas how to get Azure B2C working with the very latest ASP .NET Web API?

Thanks!!!

    public void ConfigureAuth(IAppBuilder app)
    {   
        TokenValidationParameters tvps = new TokenValidationParameters
        {
            // This is where you specify that your API only accepts tokens from its own clients
            ValidAudience = clientId,
        };

        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
        {   
            // This SecurityTokenProvider fetches the Azure AD B2C metadata & signing keys from the OpenIDConnect metadata endpoint
            AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(String.Format(aadInstance, tenant, "v2.0", discoverySuffix, commonPolicy)))
        });
    }

Answer 1

This works for me. I hope it helps someone else who is looking to use Azure B2C with the latest .NET Web API framework:

public void ConfigureAuth(IApplicationBuilder app, IOptions<PolicySettings> policySettings)
{
    app.UseJwtBearerAuthentication(new JwtBearerOptions
    {
        AuthenticationScheme = JwtBearerDefaults.AuthenticationScheme,
        AutomaticAuthenticate = true,
        AutomaticChallenge = true,
        MetadataAddress = "https://login.microsoftonline.com/[my-tenant].onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_my-signup-signin-policy",
        Audience = "[My-Azure-App-Guid]",
        Events = new JwtBearerEvents
        {
            OnTokenValidated= ctx =>
            {
                var nameClaim = ctx.AuthenticationTicket.Principal.FindFirst("name");
                if (nameClaim != null)
                {
                    var claimsIdentity = (System.Security.Claims.ClaimsIdentity)ctx.AuthenticationTicket.Principal.Identity;
                    claimsIdentity.AddClaim(new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name, nameClaim.Value));
                }
                return Task.FromResult(0);
            },
            OnAuthenticationFailed = ctx =>
            {
                ctx.SkipToNextMiddleware();
                return Task.FromResult(0);
            }
        }
    });
}