diff --git a/src/EPR.Calculator.Frontend/EPR.Calculator.Frontend.csproj b/src/EPR.Calculator.Frontend/EPR.Calculator.Frontend.csproj
index 224e755..2416566 100644
--- a/src/EPR.Calculator.Frontend/EPR.Calculator.Frontend.csproj
+++ b/src/EPR.Calculator.Frontend/EPR.Calculator.Frontend.csproj
@@ -24,8 +24,12 @@
+
+
+
+
-
+
diff --git a/src/EPR.Calculator.Frontend/Program.cs b/src/EPR.Calculator.Frontend/Program.cs
index 5a34682..c636f75 100644
--- a/src/EPR.Calculator.Frontend/Program.cs
+++ b/src/EPR.Calculator.Frontend/Program.cs
@@ -1,7 +1,29 @@
-var builder = WebApplication.CreateBuilder(args);
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc.Authorization;
+using Microsoft.Identity.Web;
+using Microsoft.Identity.Web.UI;
+
+var builder = WebApplication.CreateBuilder(args);
+
+IEnumerable? initialScopes = builder.Configuration["DownstreamApi:Scopes"]?.Split(' ');
+builder.Services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration, "AzureAd")
+ .EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
+ .AddDownstreamApi("DownstreamApi", builder.Configuration.GetSection("DownstreamApi"))
+ .AddInMemoryTokenCaches();
+
+//
+
+//
+builder.Services.AddRazorPages().AddMvcOptions(options =>
+{
+ var policy = new AuthorizationPolicyBuilder()
+ .RequireAuthenticatedUser()
+ .Build();
+ options.Filters.Add(new AuthorizeFilter(policy));
+}).AddMicrosoftIdentityUI();
// Add services to the container.
-builder.Services.AddControllersWithViews();
+builder.Services.AddControllersWithViews().AddMicrosoftIdentityUI();
builder.Services.AddDistributedMemoryCache();
@@ -36,6 +58,8 @@
app.UseAuthorization();
+app.UseAuthentication();
+
app.MapControllerRoute(
name: "default",
pattern: "{controller=Dashboard}/{action=Index}");
diff --git a/src/EPR.Calculator.Frontend/Views/Dashboard/Index.cshtml b/src/EPR.Calculator.Frontend/Views/Dashboard/Index.cshtml
index ef58dae..b62d41e 100644
--- a/src/EPR.Calculator.Frontend/Views/Dashboard/Index.cshtml
+++ b/src/EPR.Calculator.Frontend/Views/Dashboard/Index.cshtml
@@ -13,8 +13,8 @@
diff --git a/src/EPR.Calculator.Frontend/Views/Shared/_Layout.cshtml b/src/EPR.Calculator.Frontend/Views/Shared/_Layout.cshtml
index 6b9db0d..b4c2465 100644
--- a/src/EPR.Calculator.Frontend/Views/Shared/_Layout.cshtml
+++ b/src/EPR.Calculator.Frontend/Views/Shared/_Layout.cshtml
@@ -65,7 +65,7 @@
@RenderBody()
-
+
diff --git a/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml b/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml
new file mode 100644
index 0000000..ff386ac
--- /dev/null
+++ b/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml
@@ -0,0 +1,19 @@
+@using System.Security.Principal
+
+
+ @if (User.Identity?.IsAuthenticated == true)
+ {
+ -
+ Hello @User.Identity?.Name!
+
+ -
+ Sign out
+
+ }
+ else
+ {
+ -
+ Sign in
+
+ }
+
diff --git a/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml.cs b/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml.cs
new file mode 100644
index 0000000..36dece1
--- /dev/null
+++ b/src/EPR.Calculator.Frontend/Views/Shared/_LoginPartial.cshtml.cs
@@ -0,0 +1,12 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace EPR.Calculator.Frontend.Views.Shared
+{
+ public class _LoginPartialModel : PageModel
+ {
+ public void OnGet()
+ {
+ }
+ }
+}
diff --git a/src/EPR.Calculator.Frontend/appsettings.Development.json b/src/EPR.Calculator.Frontend/appsettings.Development.json
index 253d9fa..45a715e 100644
--- a/src/EPR.Calculator.Frontend/appsettings.Development.json
+++ b/src/EPR.Calculator.Frontend/appsettings.Development.json
@@ -1,4 +1,24 @@
{
+ "AzureAd": {
+ "Instance": "https://login.microsoftonline.com/",
+ "TenantId": "6f504113-6b64-43f2-ade9-242e05780007",
+ "ClientId": "Enter the client ID obtained from the Microsoft Entra admin center",
+ "ClientCertificates": [
+ {
+ "SourceType": "StoreWithThumbprint",
+ "CertificateStorePath": "CurrentUser/My",
+ "CertificateThumbprint": "Enter the certificate thumbprint obtained the Microsoft Entra admin center"
+ }
+ ],
+ "CallbackPath": "/signin-oidc"
+ },
+ "DownstreamApi": {
+ "BaseUrl": "https://graph.microsoft.com/v1.0/",
+ "RelativePath": "me",
+ "Scopes": [
+ "user.read"
+ ]
+ },
"Logging": {
"LogLevel": {
"Default": "Information",