From 3f2d855e293f2d20ae90f1fcac3ce84c9dc9d778 Mon Sep 17 00:00:00 2001
From: Himanshi Agrawal <v-himagrawal@microsoft.com>
Date: Tue, 12 Nov 2024 11:53:43 +0530
Subject: [PATCH 1/7] Us10328 implement

---
 .../Microsoft.GS.DPS.Host/Program.cs          | 20 ++++++
 App/frontend-app/src/components/App.jsx       | 67 ++++++++++++++++++
 .../src/providers/TokenProvider.jsx           | 55 +++++++++++++++
 .../src/providers/UserContext.jsx             | 68 +++++++++++++++++++
 App/frontend-app/src/utils/authConfig.js      | 31 +++++++++
 5 files changed, 241 insertions(+)
 create mode 100644 App/frontend-app/src/components/App.jsx
 create mode 100644 App/frontend-app/src/providers/TokenProvider.jsx
 create mode 100644 App/frontend-app/src/providers/UserContext.jsx
 create mode 100644 App/frontend-app/src/utils/authConfig.js

diff --git a/App/backend-api/Microsoft.GS.DPS.Host/Program.cs b/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
index 15734404..6de7b80b 100644
--- a/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
+++ b/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
@@ -10,6 +10,24 @@
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
+builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+
+    .AddMicrosoftIdentityWebApi(options =>
+
+    {
+
+        configuration.Bind("AzureAd", options);
+
+        options.EventsType = typeof(CustomJwtBearerEvents);
+ 
+    }, options =>
+
+    {
+
+        configuration.Bind("AzureAd", options);
+
+    });
+ 
 // Learn more about configuring OpenAPI at https://aka.ms/aspnet/openapi
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
@@ -68,6 +86,8 @@
 //}
 
 app.UseCors("AllowAll");
+app.UseAuthentication();
+app.UseAuthorization();
 app.UseHttpsRedirection();
 app.Run();
 
diff --git a/App/frontend-app/src/components/App.jsx b/App/frontend-app/src/components/App.jsx
new file mode 100644
index 00000000..772071ff
--- /dev/null
+++ b/App/frontend-app/src/components/App.jsx
@@ -0,0 +1,67 @@
+import "../assests/css/App.css";
+// eslint-disable-next-line no-unused-vars
+import React, { useEffect } from "react";
+import AppRoutes from "./AppRoutes";
+import {
+  AuthenticatedTemplate,
+  UnauthenticatedTemplate,
+  useMsal,
+  useIsAuthenticated,
+} from "@azure/msal-react";
+import { FluentProvider, webLightTheme } from "@fluentui/react-components";
+import { UserProvider } from "../providers/UserContext";
+import { loginRequest } from "../authConfig";
+import { TokenProvider } from "../providers/TokenProvider";
+import classNames from "classnames";
+import { useTranslation } from "react-i18next";
+
+const App = () => {
+  const { instance } = useMsal();
+  const isAuthenticated = useIsAuthenticated();
+  const { i18n } = useTranslation();
+  useEffect(() => {
+    const handleRedirect = async () => {
+      try {
+        await instance.initialize();
+        const response = await instance.handleRedirectPromise();
+        if (response !== null) {
+          const account = response.account;
+          instance.setActiveAccount(account);
+        } else {
+          const currentAccount = instance.getActiveAccount();
+          if (!currentAccount) {
+            await instance.loginRedirect(loginRequest);
+          }
+        }
+      } catch (e) {
+        console.error(e);
+      }
+    };
+    handleRedirect();
+  }, [instance]);
+
+  return (
+    <div>
+      <AuthenticatedTemplate>
+        {isAuthenticated && (
+          <TokenProvider>
+            <UserProvider>
+              <FluentProvider
+                theme={webLightTheme}
+                className={classNames("fluentProvider", i18n.dir())}
+              >
+                <AppRoutes test-id="routes" />
+              </FluentProvider>
+            </UserProvider>
+          </TokenProvider>
+        )}
+      </AuthenticatedTemplate>
+
+      <UnauthenticatedTemplate>
+        <span> Signing you in...</span>
+      </UnauthenticatedTemplate>
+    </div>
+  );
+};
+
+export default App;
diff --git a/App/frontend-app/src/providers/TokenProvider.jsx b/App/frontend-app/src/providers/TokenProvider.jsx
new file mode 100644
index 00000000..8fe25f03
--- /dev/null
+++ b/App/frontend-app/src/providers/TokenProvider.jsx
@@ -0,0 +1,55 @@
+// contexts/TokenContext.js
+// eslint-disable-next-line no-unused-vars
+import React, { createContext, useState, useEffect } from 'react';
+import { useMsal } from '@azure/msal-react';
+import { graphTokenRequest, tokenRequest } from '../authConfig';
+
+const TokenContext = createContext();
+
+// eslint-disable-next-line react/prop-types
+const TokenProvider = ({ children }) => {
+    const { instance, accounts } = useMsal();
+    const [accessToken, setAccessToken] = useState(localStorage.getItem('accessToken'));
+    const [graphToken, setGraphToken] = useState(localStorage.getItem('graphToken'));
+
+    const acquireToken = async () => {
+        const account = instance.getActiveAccount();
+        if (account) {
+            try {
+                const tokenResponse = await instance.acquireTokenSilent({ ...tokenRequest, account });
+                localStorage.setItem('accessToken', tokenResponse.accessToken);
+                setAccessToken(tokenResponse.accessToken);
+
+                const graphTokenResponse = await instance.acquireTokenSilent({
+                    ...graphTokenRequest,
+                    account
+                });
+                localStorage.setItem('graphToken', graphTokenResponse.accessToken);
+                setGraphToken(graphTokenResponse.accessToken);
+            } catch (error) {
+                console.error('Token acquisition failed:', error);
+                // Handle error (e.g., redirect to login page)
+            }
+        }
+    };
+
+    useEffect(() => {
+        const refreshToken = async () => {
+            await acquireToken();
+        };
+
+        if (accounts.length > 0) {
+            acquireToken();
+            const interval = setInterval(refreshToken, 15 * 60 * 1000);
+            return () => clearInterval(interval);
+        }
+    }, [accounts, instance]);
+
+    return (
+        <TokenContext.Provider value={{ accessToken, graphToken }}>
+            {children}
+        </TokenContext.Provider>
+    );
+};
+
+export { TokenContext, TokenProvider };
diff --git a/App/frontend-app/src/providers/UserContext.jsx b/App/frontend-app/src/providers/UserContext.jsx
new file mode 100644
index 00000000..3413315d
--- /dev/null
+++ b/App/frontend-app/src/providers/UserContext.jsx
@@ -0,0 +1,68 @@
+// eslint-disable-next-line no-unused-vars
+import React, { createContext, useState, useEffect, useContext } from 'react';
+import { getUserInfo } from '../utils/msGraph';
+import { apiEndPoint } from "../authConfig";
+import { TokenContext } from './TokenProvider';
+
+const UserContext = createContext();
+
+// eslint-disable-next-line react/prop-types
+const UserProvider = ({ children }) => {
+    const [user, setUser] = useState(null);
+    const [loading, setLoading] = useState(true);
+    const { accessToken, graphToken } = useContext(TokenContext);
+
+    useEffect(() => {
+        const fetchUserAndSync = async () => {
+            if (!accessToken || !graphToken) {
+                setLoading(false);
+                return;
+            }
+
+            try {
+                const userInfo = await getUserInfo();
+
+                const headers = new Headers();
+                const bearer = `Bearer ${accessToken}`;
+                headers.append("Authorization", bearer);
+                headers.append("Content-Type", 'application/json');
+
+                const user = {
+                    DisplayName: userInfo.displayName,
+                    Name: userInfo.givenName ? userInfo.givenName : userInfo.displayName,
+                    Region: userInfo.officeLocation ? userInfo.officeLocation : "",
+                    PrincipalName: userInfo.userPrincipalName,
+                    JobRole: userInfo.jobTitle ? userInfo.jobTitle : ""
+                };
+
+                const response = await fetch(`${apiEndPoint}/User/SyncUser`, {
+                    method: 'POST',
+                    headers: headers,
+                    body: JSON.stringify(user)
+                });
+
+                if (!response.ok) {
+                    throw new Error('Failed to sync user with backend');
+                }
+
+                const syncedUser = await response.json();
+                const userContext = { ...syncedUser };
+                setUser(userContext);
+            } catch (error) {
+                console.error('Failed to fetch and sync user info:', error);
+            } finally {
+                setLoading(false);
+            }
+        };
+
+        fetchUserAndSync();
+    }, [accessToken, graphToken]);
+
+    return (
+        <UserContext.Provider value={{ user, setUser, loading }}>
+            {children}
+        </UserContext.Provider>
+    );
+};
+
+export { UserContext, UserProvider };
diff --git a/App/frontend-app/src/utils/authConfig.js b/App/frontend-app/src/utils/authConfig.js
new file mode 100644
index 00000000..42672293
--- /dev/null
+++ b/App/frontend-app/src/utils/authConfig.js
@@ -0,0 +1,31 @@
+import { PublicClientApplication } from '@azure/msal-browser';
+
+export const msalConfig = {
+    auth: {
+        clientId: import.meta.env.VITE_MSAL_AUTH_CLIENTID,// "eb24479c-61d0-4bff-8bf0-c86f1c481ea5",//"926d0e34-f19a-4ff7-8187-e2403d10c0e6",
+        authority: import.meta.env.VITE_MSAL_AUTH_AUTHORITY,// "https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47",
+        redirectUri: import.meta.env.VITE_MSAL_AUTH_REDIRECTURI// "https://localhost:5173",
+    },
+    cache: {
+        cacheLocation: "localStorage",
+        storeAuthStateInCookie: true,
+    },
+};
+
+export const loginRequest = {
+    scopes: ["openid", "profile", import.meta.env.VITE_MSAL_LOGIN_SCOPE, "User.Read"]
+};
+
+export const tokenRequest = {
+    scopes: [import.meta.env.VITE_MSAL_LOGIN_SCOPE],
+};
+
+export const msalInstance = new PublicClientApplication(msalConfig);
+
+export const graphTokenRequest = {
+    scopes: ["User.Read"]
+};
+export const graphConfig = {
+    graphMeEndpoint: "https://graph.microsoft.com/v1.0/me",
+};
+export const apiEndPoint = import.meta.env.VITE_API_URL;// "https://localhost:7230";

From e11788386a8152b82ffc0da13ec7f692a5bef060 Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Thu, 14 Nov 2024 18:31:28 +0530
Subject: [PATCH 2/7] US#10328 authentication implemented

---
 App/frontend-app/src/App.tsx                  | 43 ++++++----
 .../src/components/headerBar/headerBar.tsx    | 83 ++++++++++++-------
 App/frontend-app/src/main.tsx                 | 20 ++---
 App/frontend-app/src/msaConfig.ts             | 33 ++++++++
 .../src/providers/AuthWrapper.tsx             | 35 ++++++++
 .../src/providers/TokenProvider.jsx           | 55 ------------
 .../src/providers/UserContext.jsx             | 68 ---------------
 .../src/providers/msalInstance.ts             |  5 ++
 App/frontend-app/src/utils/authConfig.js      | 31 -------
 9 files changed, 164 insertions(+), 209 deletions(-)
 create mode 100644 App/frontend-app/src/msaConfig.ts
 create mode 100644 App/frontend-app/src/providers/AuthWrapper.tsx
 delete mode 100644 App/frontend-app/src/providers/TokenProvider.jsx
 delete mode 100644 App/frontend-app/src/providers/UserContext.jsx
 create mode 100644 App/frontend-app/src/providers/msalInstance.ts
 delete mode 100644 App/frontend-app/src/utils/authConfig.js

diff --git a/App/frontend-app/src/App.tsx b/App/frontend-app/src/App.tsx
index 10d8065c..a6fc3c0a 100644
--- a/App/frontend-app/src/App.tsx
+++ b/App/frontend-app/src/App.tsx
@@ -11,6 +11,11 @@ import { SnackbarProvider } from "notistack";
 import { SnackbarSuccess } from "./components/snackbar/snackbarSuccess";
 import { SnackbarError } from "./components/snackbar/snackbarError";
 
+
+import { MsalProvider } from '@azure/msal-react';
+import { msalInstance } from './providers/msalInstance';
+import AuthWrapper from './providers/AuthWrapper';
+
 /* Application insights initialization */
 //const reactPlugin: ReactPlugin = Telemetry.initAppInsights(window.ENV.APP_INSIGHTS_CS, true);
 
@@ -24,23 +29,27 @@ webLightTheme.colorNeutralForeground1 = (fullConfig.theme!.colors as any).black;
 
 function App() {
     return (
-        <Suspense>
-            {/* Removed MsalProvider and MsalAuthenticationTemplate */}
-            {/* <AppInsightsContext.Provider value={reactPlugin}> */}
-                <FluentProvider theme={webLightTheme}>
-                    <BrowserRouter>
-                        <SnackbarProvider
-                            anchorOrigin={{ vertical: "top", horizontal: "center" }}
-                            Components={{ success: SnackbarSuccess, error: SnackbarError }}
-                        >
-                            <Layout>
-                                <AppRoutes />
-                            </Layout>
-                        </SnackbarProvider>
-                    </BrowserRouter>
-                </FluentProvider>
-            {/* </AppInsightsContext.Provider> */}
-        </Suspense>
+        <MsalProvider instance={msalInstance}>
+            <AuthWrapper>
+                <Suspense>
+                    {/* Removed MsalProvider and MsalAuthenticationTemplate */}
+                    {/* <AppInsightsContext.Provider value={reactPlugin}> */}
+                    <FluentProvider theme={webLightTheme}>
+                        <BrowserRouter>
+                            <SnackbarProvider
+                                anchorOrigin={{ vertical: "top", horizontal: "center" }}
+                                Components={{ success: SnackbarSuccess, error: SnackbarError }}
+                            >
+                                <Layout>
+                                    <AppRoutes />
+                                </Layout>
+                            </SnackbarProvider>
+                        </BrowserRouter>
+                    </FluentProvider>
+                    {/* </AppInsightsContext.Provider> */}
+                </Suspense>
+            </AuthWrapper>
+        </MsalProvider>
     );
 }
 
diff --git a/App/frontend-app/src/components/headerBar/headerBar.tsx b/App/frontend-app/src/components/headerBar/headerBar.tsx
index fe6e9099..7430bec3 100644
--- a/App/frontend-app/src/components/headerBar/headerBar.tsx
+++ b/App/frontend-app/src/components/headerBar/headerBar.tsx
@@ -1,8 +1,10 @@
 import React, { MouseEventHandler, useMemo, useState } from "react";
 import { useTranslation } from "react-i18next";
 import { Link, useNavigate } from "react-router-dom";
-import { useMsal } from "@azure/msal-react";
-import { Auth } from "../../utils/auth/auth";
+//import { useMsal } from "@azure/msal-react";
+//import { Auth } from "../../utils/auth/auth";
+
+//import { loginRequest } from "../../msaConfig";
 import { RedirectRequest } from "@azure/msal-browser";
 import {
     Avatar,
@@ -18,6 +20,12 @@ import resolveConfig from "tailwindcss/resolveConfig";
 import TailwindConfig from "../../../tailwind.config";
 import { isPlatformAdmin } from "../../utils/auth/roles";
 
+
+import { useMsal, useIsAuthenticated } from "@azure/msal-react";
+import { msalInstance } from "../../providers/msalInstance";
+import { loginRequest } from "../../msaConfig";
+import { AccountInfo } from "@azure/msal-browser";
+
 const fullConfig = resolveConfig(TailwindConfig);
 const useStylesAvatar = makeStyles({
     root: {
@@ -51,14 +59,18 @@ interface NavItem {
 export function HeaderBar({ location }: { location?: NavLocation }) {
     const { t } = useTranslation();
     const [openDrawer, setOpenDrawer] = useState(false);
-    const { instance, accounts } = useMsal();
+    //const { instance, accounts } = useMsal();
     const navigate = useNavigate();
     const stylesAvatar = useStylesAvatar();
 
     const linkClasses = "cursor-pointer hover:no-underline hover:border-b-[3px] h-9 min-h-0 block text-white";
     const linkCurrent = "pointer-events-none border-b-[3px]";
-    const isAuthenticated = accounts.length > 0;
-    const isAdmin = isPlatformAdmin(accounts);
+    //const isAuthenticated = accounts.length > 0;
+    //const isAdmin = isPlatformAdmin(accounts);
+
+    const { accounts, instance } = useMsal();
+    const isAuthenticated = useIsAuthenticated();
+    const activeAccount: AccountInfo | undefined = accounts[0];
 
     const navItems: (NavItem | null)[] = useMemo(
         () => [
@@ -79,21 +91,21 @@ export function HeaderBar({ location }: { location?: NavLocation }) {
             //     : null,
             isAuthenticated
                 ? {
-                      key: "sign-out",
-                      label: t("components.header-bar.sign-out"),
-                      isPrimary: false,
-                      action: signOut,
-                  }
-                : null,
-            isAuthenticated
-                ? {
-                      key: "personalDocuments",
-                      label: "Personal Documents",
-                      isPrimary: false,
-                      location: NavLocation.PersonalDocs,
-                      to: "/personalDocuments",
-                  }
+                    key: "sign-out",
+                    label: t("components.header-bar.sign-out"),
+                    isPrimary: false,
+                    action: signOut,
+                }
                 : null,
+            // isAuthenticated
+            //     ? {
+            //           key: "personalDocuments",
+            //           label: "Personal Documents",
+            //           isPrimary: false,
+            //           location: NavLocation.PersonalDocs,
+            //           to: "/personalDocuments",
+            //       }
+            //     : null,
         ],
         [accounts]
     );
@@ -102,13 +114,28 @@ export function HeaderBar({ location }: { location?: NavLocation }) {
         setOpenDrawer((openDrawer) => !openDrawer);
     }
 
-    function signIn() {
-        instance.loginRedirect(Auth.getAuthenticationRequest() as RedirectRequest);
-    }
+    // function signIn() {
+    //     instance.loginRedirect(Auth.getAuthenticationRequest() as RedirectRequest);
+    // }
 
-    function signOut() {
-        instance.logoutRedirect();
-    }
+    // function signOut() {
+    //     instance.logoutRedirect();
+    // }
+
+    async function signOut() {
+        if (activeAccount) {
+            try {
+                await instance.logoutRedirect({
+                    account: activeAccount,
+                    onRedirectNavigate: () => false, // Prevent default navigation
+                });
+            } catch (error) {
+                console.error("Logout failed:", error);
+            }
+        } else {
+            console.warn("No active account found for logout.");
+        }
+    };
 
     function renderLink(nav: NavItem, className?: string) {
         return (
@@ -138,17 +165,17 @@ export function HeaderBar({ location }: { location?: NavLocation }) {
         <>
             <div className="flex mr-20 ml-20 justify-between">
                 <div className="flex justify-between gap-3">
-                    <img className="my-auto" src="/img/Contoso_Logo_sm.png" alt="logo" />  
+                    <img className="my-auto" src="/img/Contoso_Logo_sm.png" alt="logo" />
                     <div className="my-auto pb-3 text-lg font-semibold leading-tight text-white mt-3">
                         {t("components.header-bar.title")}
                     </div>
                     <div className="border border-zinc-500"></div>
-                    
+
                     <div className="order-5 my-auto pb-3 text-lg font-semibold leading-tight text-white mt-3">
                         {t("components.header-bar.sub-title")}
                     </div>
                 </div>
- 
+
                 <nav className="whitespace-nowrap text-lg font-semibold leading-10">
                     <ul
                         className={
diff --git a/App/frontend-app/src/main.tsx b/App/frontend-app/src/main.tsx
index 7412156c..fdf57286 100644
--- a/App/frontend-app/src/main.tsx
+++ b/App/frontend-app/src/main.tsx
@@ -7,20 +7,20 @@ import "./index.scss";
 import { AppContextProvider } from "./AppContext";
 
 declare global {
-    interface Window {
-        ENV: any; // eslint-disable-line @typescript-eslint/no-explicit-any
-        WcpConsent: any; // eslint-disable-line @typescript-eslint/no-explicit-any
-        
-    }
+  interface Window {
+    ENV: any; // eslint-disable-line @typescript-eslint/no-explicit-any
+    WcpConsent: any; // eslint-disable-line @typescript-eslint/no-explicit-any
+
+  }
 }
 
 initializeLanguage();
 initializeFileTypeIcons();
 
 ReactDOM.createRoot(document.getElementById("root") as HTMLElement).render(
-    // <React.StrictMode>
-    <AppContextProvider>
-        <App />
-    </AppContextProvider>
-    // </React.StrictMode>
+  // <React.StrictMode>
+  <AppContextProvider>
+    <App />
+  </AppContextProvider>
+  // </React.StrictMode>
 );
diff --git a/App/frontend-app/src/msaConfig.ts b/App/frontend-app/src/msaConfig.ts
new file mode 100644
index 00000000..b172eaab
--- /dev/null
+++ b/App/frontend-app/src/msaConfig.ts
@@ -0,0 +1,33 @@
+// msalConfig.ts
+import { Configuration, LogLevel } from '@azure/msal-browser';
+
+export const msalConfig: Configuration = {
+  auth: {
+    clientId: "f9553678-94e9-433b-b847-f1151e144351", //import.meta.env.VITE_MSAL_AUTH_CLIENTID,//"f9553678-94e9-433b-b847-f1151e144351",
+    authority: "https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe", //import.meta.env.VITE_MSAL_AUTH_AUTHORITY,// "https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe",
+    redirectUri: "http://localhost:5900" //i
+  },
+  cache: {
+    cacheLocation: 'localStorage', // Use localStorage for persistent cache
+    storeAuthStateInCookie: false,
+  },
+  system: {
+    loggerOptions: {
+      loggerCallback: (level, message, containsPii) => {
+        if (containsPii) return;
+        if (level === LogLevel.Error) console.error(message);
+        if (level === LogLevel.Info) console.info(message);
+        if (level === LogLevel.Verbose) console.debug(message);
+        if (level === LogLevel.Warning) console.warn(message);
+      },
+    },
+  },
+};
+
+export const loginRequest = {
+  scopes: ['User.Read'],
+};
+
+export const graphConfig = {
+  graphMeEndpoint: "https://graph.microsoft.com/v1.0/me",
+};
diff --git a/App/frontend-app/src/providers/AuthWrapper.tsx b/App/frontend-app/src/providers/AuthWrapper.tsx
new file mode 100644
index 00000000..74e607bd
--- /dev/null
+++ b/App/frontend-app/src/providers/AuthWrapper.tsx
@@ -0,0 +1,35 @@
+
+import React, { useEffect } from "react";
+import { msalInstance } from "./msalInstance";
+import { loginRequest } from "../msaConfig";
+import { useMsal, useIsAuthenticated } from "@azure/msal-react";
+import { InteractionStatus } from "@azure/msal-browser";
+
+const AuthWrapper: React.FC<{ children: React.ReactNode }> = ({ children }) => {
+  const { inProgress } = useMsal();
+  const isAuthenticated = useIsAuthenticated();
+
+  // Check for existing session and trigger login if not authenticated
+  const checkAuthentication = async () => {
+    const accounts = msalInstance.getAllAccounts();
+    if (accounts.length === 0 && inProgress === InteractionStatus.None) {
+      try {
+        await msalInstance.loginRedirect(loginRequest);
+      } catch (error) {
+        console.error("Login failed:", error);
+      }
+    }
+  };
+
+  useEffect(() => {
+    // Trigger login only if no interaction is in progress
+    if (!isAuthenticated && inProgress === InteractionStatus.None) {
+      checkAuthentication();
+    }
+  }, [isAuthenticated, inProgress]);
+
+  return <>{children}</>;
+};
+
+export default AuthWrapper;
+
diff --git a/App/frontend-app/src/providers/TokenProvider.jsx b/App/frontend-app/src/providers/TokenProvider.jsx
deleted file mode 100644
index 8fe25f03..00000000
--- a/App/frontend-app/src/providers/TokenProvider.jsx
+++ /dev/null
@@ -1,55 +0,0 @@
-// contexts/TokenContext.js
-// eslint-disable-next-line no-unused-vars
-import React, { createContext, useState, useEffect } from 'react';
-import { useMsal } from '@azure/msal-react';
-import { graphTokenRequest, tokenRequest } from '../authConfig';
-
-const TokenContext = createContext();
-
-// eslint-disable-next-line react/prop-types
-const TokenProvider = ({ children }) => {
-    const { instance, accounts } = useMsal();
-    const [accessToken, setAccessToken] = useState(localStorage.getItem('accessToken'));
-    const [graphToken, setGraphToken] = useState(localStorage.getItem('graphToken'));
-
-    const acquireToken = async () => {
-        const account = instance.getActiveAccount();
-        if (account) {
-            try {
-                const tokenResponse = await instance.acquireTokenSilent({ ...tokenRequest, account });
-                localStorage.setItem('accessToken', tokenResponse.accessToken);
-                setAccessToken(tokenResponse.accessToken);
-
-                const graphTokenResponse = await instance.acquireTokenSilent({
-                    ...graphTokenRequest,
-                    account
-                });
-                localStorage.setItem('graphToken', graphTokenResponse.accessToken);
-                setGraphToken(graphTokenResponse.accessToken);
-            } catch (error) {
-                console.error('Token acquisition failed:', error);
-                // Handle error (e.g., redirect to login page)
-            }
-        }
-    };
-
-    useEffect(() => {
-        const refreshToken = async () => {
-            await acquireToken();
-        };
-
-        if (accounts.length > 0) {
-            acquireToken();
-            const interval = setInterval(refreshToken, 15 * 60 * 1000);
-            return () => clearInterval(interval);
-        }
-    }, [accounts, instance]);
-
-    return (
-        <TokenContext.Provider value={{ accessToken, graphToken }}>
-            {children}
-        </TokenContext.Provider>
-    );
-};
-
-export { TokenContext, TokenProvider };
diff --git a/App/frontend-app/src/providers/UserContext.jsx b/App/frontend-app/src/providers/UserContext.jsx
deleted file mode 100644
index 3413315d..00000000
--- a/App/frontend-app/src/providers/UserContext.jsx
+++ /dev/null
@@ -1,68 +0,0 @@
-// eslint-disable-next-line no-unused-vars
-import React, { createContext, useState, useEffect, useContext } from 'react';
-import { getUserInfo } from '../utils/msGraph';
-import { apiEndPoint } from "../authConfig";
-import { TokenContext } from './TokenProvider';
-
-const UserContext = createContext();
-
-// eslint-disable-next-line react/prop-types
-const UserProvider = ({ children }) => {
-    const [user, setUser] = useState(null);
-    const [loading, setLoading] = useState(true);
-    const { accessToken, graphToken } = useContext(TokenContext);
-
-    useEffect(() => {
-        const fetchUserAndSync = async () => {
-            if (!accessToken || !graphToken) {
-                setLoading(false);
-                return;
-            }
-
-            try {
-                const userInfo = await getUserInfo();
-
-                const headers = new Headers();
-                const bearer = `Bearer ${accessToken}`;
-                headers.append("Authorization", bearer);
-                headers.append("Content-Type", 'application/json');
-
-                const user = {
-                    DisplayName: userInfo.displayName,
-                    Name: userInfo.givenName ? userInfo.givenName : userInfo.displayName,
-                    Region: userInfo.officeLocation ? userInfo.officeLocation : "",
-                    PrincipalName: userInfo.userPrincipalName,
-                    JobRole: userInfo.jobTitle ? userInfo.jobTitle : ""
-                };
-
-                const response = await fetch(`${apiEndPoint}/User/SyncUser`, {
-                    method: 'POST',
-                    headers: headers,
-                    body: JSON.stringify(user)
-                });
-
-                if (!response.ok) {
-                    throw new Error('Failed to sync user with backend');
-                }
-
-                const syncedUser = await response.json();
-                const userContext = { ...syncedUser };
-                setUser(userContext);
-            } catch (error) {
-                console.error('Failed to fetch and sync user info:', error);
-            } finally {
-                setLoading(false);
-            }
-        };
-
-        fetchUserAndSync();
-    }, [accessToken, graphToken]);
-
-    return (
-        <UserContext.Provider value={{ user, setUser, loading }}>
-            {children}
-        </UserContext.Provider>
-    );
-};
-
-export { UserContext, UserProvider };
diff --git a/App/frontend-app/src/providers/msalInstance.ts b/App/frontend-app/src/providers/msalInstance.ts
new file mode 100644
index 00000000..dede4ef2
--- /dev/null
+++ b/App/frontend-app/src/providers/msalInstance.ts
@@ -0,0 +1,5 @@
+// src/msalInstance.ts
+import { PublicClientApplication } from "@azure/msal-browser";
+import { msalConfig } from "../msaConfig";
+
+export const msalInstance = new PublicClientApplication(msalConfig);
diff --git a/App/frontend-app/src/utils/authConfig.js b/App/frontend-app/src/utils/authConfig.js
deleted file mode 100644
index 42672293..00000000
--- a/App/frontend-app/src/utils/authConfig.js
+++ /dev/null
@@ -1,31 +0,0 @@
-import { PublicClientApplication } from '@azure/msal-browser';
-
-export const msalConfig = {
-    auth: {
-        clientId: import.meta.env.VITE_MSAL_AUTH_CLIENTID,// "eb24479c-61d0-4bff-8bf0-c86f1c481ea5",//"926d0e34-f19a-4ff7-8187-e2403d10c0e6",
-        authority: import.meta.env.VITE_MSAL_AUTH_AUTHORITY,// "https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47",
-        redirectUri: import.meta.env.VITE_MSAL_AUTH_REDIRECTURI// "https://localhost:5173",
-    },
-    cache: {
-        cacheLocation: "localStorage",
-        storeAuthStateInCookie: true,
-    },
-};
-
-export const loginRequest = {
-    scopes: ["openid", "profile", import.meta.env.VITE_MSAL_LOGIN_SCOPE, "User.Read"]
-};
-
-export const tokenRequest = {
-    scopes: [import.meta.env.VITE_MSAL_LOGIN_SCOPE],
-};
-
-export const msalInstance = new PublicClientApplication(msalConfig);
-
-export const graphTokenRequest = {
-    scopes: ["User.Read"]
-};
-export const graphConfig = {
-    graphMeEndpoint: "https://graph.microsoft.com/v1.0/me",
-};
-export const apiEndPoint = import.meta.env.VITE_API_URL;// "https://localhost:7230";

From f5f72a8d1921c604ca1f1839b4aa524e3198058a Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Thu, 14 Nov 2024 18:33:05 +0530
Subject: [PATCH 3/7] removed auth backend code

---
 .../Microsoft.GS.DPS.Host/Program.cs          | 21 -------------------
 1 file changed, 21 deletions(-)

diff --git a/App/backend-api/Microsoft.GS.DPS.Host/Program.cs b/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
index 6de7b80b..39638872 100644
--- a/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
+++ b/App/backend-api/Microsoft.GS.DPS.Host/Program.cs
@@ -8,25 +8,6 @@
 using Microsoft.AspNetCore.Http.Features;
 
 var builder = WebApplication.CreateBuilder(args);
-
-// Add services to the container.
-builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
-
-    .AddMicrosoftIdentityWebApi(options =>
-
-    {
-
-        configuration.Bind("AzureAd", options);
-
-        options.EventsType = typeof(CustomJwtBearerEvents);
- 
-    }, options =>
-
-    {
-
-        configuration.Bind("AzureAd", options);
-
-    });
  
 // Learn more about configuring OpenAPI at https://aka.ms/aspnet/openapi
 builder.Services.AddEndpointsApiExplorer();
@@ -86,8 +67,6 @@
 //}
 
 app.UseCors("AllowAll");
-app.UseAuthentication();
-app.UseAuthorization();
 app.UseHttpsRedirection();
 app.Run();
 

From 9441ecc96d54f1754605b7ab322535d93c5c54b9 Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Thu, 14 Nov 2024 22:12:18 +0530
Subject: [PATCH 4/7] Added powercell script to create app registry

---
 App/frontend-app/src/msaConfig.ts           |   6 +-
 Deployment/appconfig/frontapp/.env.template |   7 +
 Deployment/resourcedeployment.ps1           | 187 +++++++++++++-------
 3 files changed, 131 insertions(+), 69 deletions(-)

diff --git a/App/frontend-app/src/msaConfig.ts b/App/frontend-app/src/msaConfig.ts
index b172eaab..dee2c03b 100644
--- a/App/frontend-app/src/msaConfig.ts
+++ b/App/frontend-app/src/msaConfig.ts
@@ -3,9 +3,9 @@ import { Configuration, LogLevel } from '@azure/msal-browser';
 
 export const msalConfig: Configuration = {
   auth: {
-    clientId: "f9553678-94e9-433b-b847-f1151e144351", //import.meta.env.VITE_MSAL_AUTH_CLIENTID,//"f9553678-94e9-433b-b847-f1151e144351",
-    authority: "https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe", //import.meta.env.VITE_MSAL_AUTH_AUTHORITY,// "https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe",
-    redirectUri: "http://localhost:5900" //i
+    clientId: import.meta.env.VITE_MSAL_AUTH_CLIENTID, 
+    authority: import.meta.env.VITE_MSAL_AUTH_AUTHORITY,
+    redirectUri: import.meta.env.VITE_MSAL_REDIRECT_URL,
   },
   cache: {
     cacheLocation: 'localStorage', // Use localStorage for persistent cache
diff --git a/Deployment/appconfig/frontapp/.env.template b/Deployment/appconfig/frontapp/.env.template
index 362bd3a1..382f64a7 100644
--- a/Deployment/appconfig/frontapp/.env.template
+++ b/Deployment/appconfig/frontapp/.env.template
@@ -1,2 +1,9 @@
 VITE_API_ENDPOINT={{ backend-fqdn }}
+
+VITE_MSAL_AUTH_CLIENTID={{ clientId }}
+
+VITE_MSAL_AUTH_AUTHORITY={{ authority }}
+
+VITE_MSAL_REDIRECT_URL={{ redirectUri }}
+
 DISABLE_AUTH=true
\ No newline at end of file
diff --git a/Deployment/resourcedeployment.ps1 b/Deployment/resourcedeployment.ps1
index ced60993..814f7274 100644
--- a/Deployment/resourcedeployment.ps1
+++ b/Deployment/resourcedeployment.ps1
@@ -25,7 +25,7 @@ function startBanner() {
 }
 
 #https://patorjk.com/software/taag
-function successBanner(){
+function successBanner() {
     Write-Host "   _____                              __       _           "
     Write-Host "  / ____|                            / _|     | |          "
     Write-Host " | (___  _   _  ___ ___ ___  ___ ___| |_ _   _| |          "
@@ -97,9 +97,9 @@ function PromptForParameters {
 
     return @{
         subscriptionID = $subscriptionID
-        location = $location
-        modelLocation = $modelLocation
-        email = $email
+        location       = $location
+        modelLocation  = $modelLocation
+        email          = $email
     }
 }
 
@@ -112,10 +112,10 @@ $modelLocation = $params.modelLocation
 $email = $params.email
 
 function LoginAzure([string]$subscriptionID) {
-        Write-Host "Log in to Azure.....`r`n" -ForegroundColor Yellow
-        az login
-        az account set --subscription $subscriptionID
-        Write-Host "Switched subscription to '$subscriptionID' `r`n" -ForegroundColor Yellow
+    Write-Host "Log in to Azure.....`r`n" -ForegroundColor Yellow
+    az login
+    az account set --subscription $subscriptionID
+    Write-Host "Switched subscription to '$subscriptionID' `r`n" -ForegroundColor Yellow
 }
 
 function DeployAzureResources([string]$location, [string]$modelLocation) {
@@ -152,7 +152,8 @@ function DeployAzureResources([string]$location, [string]$modelLocation) {
         $jsonString = ConvertFrom-Json $joinedString 
         
         return $jsonString
-    } catch {
+    }
+    catch {
         Write-Host "An error occurred during the deployment process:" -ForegroundColor Red
         Write-Host $_.Exception.Message -ForegroundColor Red
         Write-Host $_.InvocationInfo.PositionMessage -ForegroundColor Red
@@ -208,7 +209,7 @@ function Get-ExternalIP {
 # Function to generate a dynamic banner
 function Show-Banner {
     param (
-        [Parameter(Mandatory=$true)]
+        [Parameter(Mandatory = $true)]
         [string]$Title
     )
 
@@ -224,7 +225,8 @@ function Show-Banner {
     # Check if the title length is odd or even and adjust the padding. the boderLine width and the paddedTitle width should be the same
     if ($paddedTitle.Length -lt $borderLength) {
         $paddedTitle += " "
-    } else {
+    }
+    else {
         $paddedTitle = $paddedTitle.Substring(0, $bannerWidth - 1) + "*"
     }
     
@@ -316,7 +318,7 @@ class DeploymentResult {
         $this.StorageAccountName = $jsonString.properties.outputs.gs_storageaccount_name.value
         # Azure Search
         $this.AzSearchServiceName = $jsonString.properties.outputs.gs_azsearch_name.value
-        $this.AzSearchServicEndpoint =  "https://$($this.AzSearchServiceName).search.windows.net"
+        $this.AzSearchServicEndpoint = "https://$($this.AzSearchServiceName).search.windows.net"
         # Azure Kubernetes
         $this.AksName = $jsonString.properties.outputs.gs_aks_name.value
         $this.AksMid = $jsonString.properties.outputs.gs_aks_serviceprincipal_id.value
@@ -348,17 +350,20 @@ class DeploymentResult {
 
 function Check-Docker {
     try {
-         # Try to get Docker info to check if Docker daemon is running
-         $dockerInfo = docker info 2>&1
+        # Try to get Docker info to check if Docker daemon is running
+        $dockerInfo = docker info 2>&1
         if ($dockerInfo -match "ERROR: error during connect") {
             return $false
-        } else {
+        }
+        else {
             return $true
         }
-    } catch {
+    }
+    catch {
         Write-Host "An error occurred while checking Docker status." -ForegroundColor Red
         Write-Host $_.Exception.Message -ForegroundColor Red
-        return $false    }
+        return $false    
+    }
 }
 
 # Check if Docker is running before proceeding
@@ -418,39 +423,39 @@ try {
     # Define the placeholders and their corresponding values for AI service configuration
     
     $aiServicePlaceholders = @{
-        '{gpt-4o-mini-endpoint}' = $deploymentResult.AzOpenAiServiceEndpoint
-        '{gpt-4o-mini-apikey}' = $deploymentResult.AzOpenAiServiceKey
-        '{azureaisearch-apikey}' = $deploymentResult.AzSearchAdminKey
-        '{documentintelligence-apikey}' = $deploymentResult.AzCognitiveServiceKey 
-        '{cosmosmongo-connection-string}' = $deploymentResult.AzCosmosDBConnectionString 
-        '{azureblobs-connection-string}' = $deploymentResult.StorageAccountConnectionString 
-        '{azureblobs-account}' = $deploymentResult.StorageAccountName
-        '{azureaisearch-endpoint}' = $deploymentResult.AzSearchServicEndpoint 
-        '{gpt-4o-mini-modelname}' = $deploymentResult.AzGPT4oModelId  
-        '{gpt-4o-endpoint}' =  $deploymentResult.AzOpenAiServiceEndpoint 
-        '{textembedding-endpoint}' = $deploymentResult.AzOpenAiServiceEndpoint
-        '{azureopenaiembedding-endpoint}' = $deploymentResult.AzOpenAiServiceEndpoint
-        '{azureopenaitext-endpoint}' = $deploymentResult.AzOpenAiServiceEndpoint
-        '{azureopenaitext-deployment}' = $deploymentResult.AzGPT4oModelId 
-        '{gpt-4o-key}' = $deploymentResult.AzOpenAiServiceKey
-        '{textembedding-key}' = $deploymentResult.AzOpenAiServiceKey
-        '{azureopenaiembedding-apikey}' = $deploymentResult.AzOpenAiServiceKey
-        '{azureopenaitext-apikey}' = $deploymentResult.AzOpenAiServiceKey
-        '{textembedding-modelname}' = $deploymentResult.AzGPTEmbeddingModelName
-        '{azureaidocintel-apikey}' =  $deploymentResult.AzCognitiveServiceKey 
-        '{cosmosmongo-chat-history-collection}' = "ChatHistory"
-        '{cosmosmongo-chat-history-database}' = "DPS"
+        '{gpt-4o-mini-endpoint}'                    = $deploymentResult.AzOpenAiServiceEndpoint
+        '{gpt-4o-mini-apikey}'                      = $deploymentResult.AzOpenAiServiceKey
+        '{azureaisearch-apikey}'                    = $deploymentResult.AzSearchAdminKey
+        '{documentintelligence-apikey}'             = $deploymentResult.AzCognitiveServiceKey 
+        '{cosmosmongo-connection-string}'           = $deploymentResult.AzCosmosDBConnectionString 
+        '{azureblobs-connection-string}'            = $deploymentResult.StorageAccountConnectionString 
+        '{azureblobs-account}'                      = $deploymentResult.StorageAccountName
+        '{azureaisearch-endpoint}'                  = $deploymentResult.AzSearchServicEndpoint 
+        '{gpt-4o-mini-modelname}'                   = $deploymentResult.AzGPT4oModelId  
+        '{gpt-4o-endpoint}'                         = $deploymentResult.AzOpenAiServiceEndpoint 
+        '{textembedding-endpoint}'                  = $deploymentResult.AzOpenAiServiceEndpoint
+        '{azureopenaiembedding-endpoint}'           = $deploymentResult.AzOpenAiServiceEndpoint
+        '{azureopenaitext-endpoint}'                = $deploymentResult.AzOpenAiServiceEndpoint
+        '{azureopenaitext-deployment}'              = $deploymentResult.AzGPT4oModelId 
+        '{gpt-4o-key}'                              = $deploymentResult.AzOpenAiServiceKey
+        '{textembedding-key}'                       = $deploymentResult.AzOpenAiServiceKey
+        '{azureopenaiembedding-apikey}'             = $deploymentResult.AzOpenAiServiceKey
+        '{azureopenaitext-apikey}'                  = $deploymentResult.AzOpenAiServiceKey
+        '{textembedding-modelname}'                 = $deploymentResult.AzGPTEmbeddingModelName
+        '{azureaidocintel-apikey}'                  = $deploymentResult.AzCognitiveServiceKey 
+        '{cosmosmongo-chat-history-collection}'     = "ChatHistory"
+        '{cosmosmongo-chat-history-database}'       = "DPS"
         '{cosmosmongo-document-manager-collection}' = "Documents"
-        '{cosmosmongo-document-manager-database}' = "DPS"
-        '{azureaidocintel-endpoint}' = $deploymentResult.AzCognitiveServiceEndpoint 
-        '{documentintelligence-endpoint}' = $deploymentResult.AzCognitiveServiceEndpoint 
-        '{azureblobs-container}' = "smemory"
-        '{azurequeues-account}' = $deploymentResult.StorageAccountName
-        '{azurequeues-connection-string}' = $deploymentResult.StorageAccountConnectionString
-        '{gpt-4o-modelname}' = $deploymentResult.AzGPT4oModelName 
-        '{azureopenaiembedding-deployment}' = $deploymentResult.AzGPTEmbeddingModelName 
-        '{kernelmemory-endpoint}' = "http://kernelmemory-service" 
-        }
+        '{cosmosmongo-document-manager-database}'   = "DPS"
+        '{azureaidocintel-endpoint}'                = $deploymentResult.AzCognitiveServiceEndpoint 
+        '{documentintelligence-endpoint}'           = $deploymentResult.AzCognitiveServiceEndpoint 
+        '{azureblobs-container}'                    = "smemory"
+        '{azurequeues-account}'                     = $deploymentResult.StorageAccountName
+        '{azurequeues-connection-string}'           = $deploymentResult.StorageAccountConnectionString
+        '{gpt-4o-modelname}'                        = $deploymentResult.AzGPT4oModelName 
+        '{azureopenaiembedding-deployment}'         = $deploymentResult.AzGPTEmbeddingModelName 
+        '{kernelmemory-endpoint}'                   = "http://kernelmemory-service" 
+    }
 
     ## Load and update the AI service configuration template
     $aiServiceConfigTemplate = Get-Content -Path .\appconfig\aiservice\appconfig.jsonl -Raw
@@ -489,7 +494,8 @@ try {
     if (Test-Path $aiServiceConfigPath) {
         Remove-Item $aiServiceConfigPath -Force
         #Write-Host "File '$aiServiceConfigPath' has been deleted."
-    } else {
+    }
+    else {
         Write-Host "File '$aiServiceConfigPath' does not exist."
     }
     $ErrorActionPreference = "Continue"
@@ -512,13 +518,15 @@ try {
             az aks update --name $deploymentResult.AksName --resource-group $deploymentResult.ResourceGroupName --attach-acr $deploymentResult.AzContainerRegistryName
             Write-Host "AKS cluster updated successfully."
             break
-        } catch {
+        }
+        catch {
             $errorMessage = $_.Exception.Message
             if ($errorMessage -match "OperationNotAllowed" -and $errorMessage -match "Another operation \(Updating\) is in progress") {
                 Write-Host "Operation not allowed: Another operation is in progress. Retrying in $delay seconds..."
                 Start-Sleep -Seconds $delay
                 $retryCount++
-            } else {
+            }
+            else {
                 Write-Host "An unexpected error occurred: $errorMessage" -ForegroundColor Red
                 throw $_
             }
@@ -591,7 +599,8 @@ try {
         if ($externalIP -and $externalIP -ne "<none>") {
             Write-Host "Get EXTERNAL-IP for nginx in $appRoutingNamespace namespace is: $externalIP"
             break
-        } else {
+        }
+        else {
             Write-Host "Waiting for EXTERNAL-IP to be assigned..."
             Start-Sleep -Seconds 10
         }
@@ -600,7 +609,7 @@ try {
     # 6. Assign DNS Name to the public IP address
     #  6-1. Get Az Network resource Name with the public IP address
     Write-Host "Assign DNS Name to the public IP address" -ForegroundColor Green
-    $publicIpName=$(az network public-ip list --query "[?ipAddress=='$externalIP'].name" --output tsv)
+    $publicIpName = $(az network public-ip list --query "[?ipAddress=='$externalIP'].name" --output tsv)
 
     #  6-2. Generate Unique backend API fqdn Name - esgdocanalysis-3 digit random number with padding 0
     $dnsName = "kmgs$($(Get-Random -Minimum 0 -Maximum 9999).ToString("D4"))"
@@ -685,9 +694,9 @@ try {
 
 
     $deploymentTemplatePlaceholders = @{
-        '{{ aiservice-imagepath }}' = $acrAIServiceTag
+        '{{ aiservice-imagepath }}'    = $acrAIServiceTag
         '{{ kernelmemory-imagepath }}' = $acrKernelMemoryTag
-        '{{ frontapp-imagepath }}' = $acrFrontAppTag
+        '{{ frontapp-imagepath }}'     = $acrFrontAppTag
     }
 
     $deploymentTemplate = Get-Content -Path .\kubernetes\deploy.deployment.yaml.template -Raw
@@ -707,7 +716,8 @@ try {
             if ($certManagerPods -eq "Running Running Running") {
                 Write-Host "Cert-Manager is running." -ForegroundColor Green
                 break
-            } else {
+            }
+            else {
                 Write-Host "Cert-Manager is not ready yet. Waiting..." -ForegroundColor Yellow
                 Start-Sleep -Seconds 10
             }
@@ -725,7 +735,7 @@ try {
     Wait-ForCertManager
 
 
-#======================================================================================================================================================================
+    #======================================================================================================================================================================
     # App Deployment after finishing the AKS infrastructure setup
     
     $appConfigServicePlaceholders = @{
@@ -760,10 +770,55 @@ try {
     # Front App
     ###############################
     
+    
+    ###############################
+    # App Registration
+    ###############################
+    # Sign in to Azure
+    Connect-AzAccount
+
+    # Prompt for App Name
+    $appName = Read-Host -Prompt "Enter the name for the Azure AD App Registration"
+
+    # Variables
+    $tenantId = (Get-AzContext).Tenant.Id
+    $redirectUri = $fqdn  # Change this to your app's redirect URI
+    $secretDuration = (Get-Date).AddYears(1)  # Secret valid for 1 year
+
+    # Step 1: Create the App Registration
+    Write-Host "Creating Azure AD App Registration for '$appName'..."
+    $app = New-AzADApplication -DisplayName $appName -ReplyUrls $redirectUri
+    Write-Host "App Registration '$appName' created successfully!"
+
+    # Step 2: Update platform type to 'Single-page application'
+    Write-Host "Setting platform type to 'Single-page application' with redirect URI '$redirectUri'..."
+    $updatedApp = Set-AzADApplication -ObjectId $app.Id -ReplyUrls $redirectUri
+    Write-Host "Platform set to 'Single-page application' with redirect URI '$redirectUri'."
+
+
+    # Step 3: Generate a Client Secret
+    Write-Host "Generating Client Secret for '$appName'..."
+
+    Write-Host "Client Secret generated successfully for '$appName'!"
+
+    # Output the required configuration values
+    $clientId = $app.AppId
+    $authority = "https://login.microsoftonline.com/$tenantId"
+
+    Write-Host "================== Configuration Details =================="
+    Write-Host "Client ID:  $($clientId)"
+    Write-Host "Authority: $authority"
+    Write-Host "Redirect URI: $redirectUri"
+    #Write-Host "Client Secret: $clientSecretValue"  # Store this securely
+    Write-Host "==========================================================="
+
     $frontAppConfigServicePlaceholders = @{
         '{{ backend-fqdn }}' = "https://${fqdn}/backend"
+        '{{ clientId }}'     = $clientId
+        '{{ authority }}'    = $authority
+        '{{ redirectUri }}'  = $redirectUri
     }
-    
+
     ## Load and update the front app configuration template
     $frontAppConfigTemplate = Get-Content -Path .\appconfig\frontapp\.env.template -Raw
     $frontAppConfigTemplate = Invoke-PlaceholdersReplacement $frontAppConfigTemplate $frontAppConfigServicePlaceholders
@@ -809,7 +864,7 @@ try {
     docker build ..\App\frontend-app\. --no-cache -t $acrFrontAppTag
     docker push $acrFrontAppTag
 
-#======================================================================================================================================================================
+    #======================================================================================================================================================================
 
     # 7.2. Deploy ClusterIssuer in Kubernetes for SSL/TLS certificate
     kubectl apply -f .\kubernetes\deploy.certclusterissuer.yaml
@@ -838,12 +893,12 @@ try {
     successBanner
 
     $messageString = "Please find the deployment details below: `r`n" +
-                    "1. Check Front Web Application with this URL - https://${fqdn} `n`r" +
-                    "2. Check GPT Model's TPM rate in your resource group - $($deploymentResult.ResourceGroupName) `n`r" +
-                    "Please set each value high as much as you can set`n`r" +
-                    "`t- Open AI Resource Name - $($deploymentResult.AzOpenAiServiceName) `n`r" +
-                    "`t- GPT4o Model - $($deploymentResult.AzGPT4oModelName) `n`r" +
-                    "`t- GPT Embedding Model - $($deploymentResult.AzGPTEmbeddingModelName) `n`r"
+    "1. Check Front Web Application with this URL - https://${fqdn} `n`r" +
+    "2. Check GPT Model's TPM rate in your resource group - $($deploymentResult.ResourceGroupName) `n`r" +
+    "Please set each value high as much as you can set`n`r" +
+    "`t- Open AI Resource Name - $($deploymentResult.AzOpenAiServiceName) `n`r" +
+    "`t- GPT4o Model - $($deploymentResult.AzGPT4oModelName) `n`r" +
+    "`t- GPT Embedding Model - $($deploymentResult.AzGPTEmbeddingModelName) `n`r"
     Write-Host $messageString -ForegroundColor Yellow
     Write-Host "Don't forget to control the TPM rate for your GPT and Embedding Model in Azure Open AI Studio Deployments section." -ForegroundColor Red
     Write-Host "After controlling the TPM rate for your GPT and Embedding Model, let's start Data file import process with this command." -ForegroundColor Yellow

From 6793d9039a5de838272262bf96f823bb0bc3b012 Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Thu, 14 Nov 2024 22:21:32 +0530
Subject: [PATCH 5/7] url updated

---
 Deployment/resourcedeployment.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Deployment/resourcedeployment.ps1 b/Deployment/resourcedeployment.ps1
index 814f7274..0eda2bd8 100644
--- a/Deployment/resourcedeployment.ps1
+++ b/Deployment/resourcedeployment.ps1
@@ -782,7 +782,7 @@ try {
 
     # Variables
     $tenantId = (Get-AzContext).Tenant.Id
-    $redirectUri = $fqdn  # Change this to your app's redirect URI
+    $redirectUri = "https://$fqdn"  # Change this to your app's redirect URI
     $secretDuration = (Get-Date).AddYears(1)  # Secret valid for 1 year
 
     # Step 1: Create the App Registration

From 2d17e5784713aff83f2f6be5007ee0286a7c75a1 Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Fri, 15 Nov 2024 10:36:35 +0530
Subject: [PATCH 6/7] deleted unwanted file

---
 App/frontend-app/src/components/App.jsx | 67 -------------------------
 1 file changed, 67 deletions(-)
 delete mode 100644 App/frontend-app/src/components/App.jsx

diff --git a/App/frontend-app/src/components/App.jsx b/App/frontend-app/src/components/App.jsx
deleted file mode 100644
index 772071ff..00000000
--- a/App/frontend-app/src/components/App.jsx
+++ /dev/null
@@ -1,67 +0,0 @@
-import "../assests/css/App.css";
-// eslint-disable-next-line no-unused-vars
-import React, { useEffect } from "react";
-import AppRoutes from "./AppRoutes";
-import {
-  AuthenticatedTemplate,
-  UnauthenticatedTemplate,
-  useMsal,
-  useIsAuthenticated,
-} from "@azure/msal-react";
-import { FluentProvider, webLightTheme } from "@fluentui/react-components";
-import { UserProvider } from "../providers/UserContext";
-import { loginRequest } from "../authConfig";
-import { TokenProvider } from "../providers/TokenProvider";
-import classNames from "classnames";
-import { useTranslation } from "react-i18next";
-
-const App = () => {
-  const { instance } = useMsal();
-  const isAuthenticated = useIsAuthenticated();
-  const { i18n } = useTranslation();
-  useEffect(() => {
-    const handleRedirect = async () => {
-      try {
-        await instance.initialize();
-        const response = await instance.handleRedirectPromise();
-        if (response !== null) {
-          const account = response.account;
-          instance.setActiveAccount(account);
-        } else {
-          const currentAccount = instance.getActiveAccount();
-          if (!currentAccount) {
-            await instance.loginRedirect(loginRequest);
-          }
-        }
-      } catch (e) {
-        console.error(e);
-      }
-    };
-    handleRedirect();
-  }, [instance]);
-
-  return (
-    <div>
-      <AuthenticatedTemplate>
-        {isAuthenticated && (
-          <TokenProvider>
-            <UserProvider>
-              <FluentProvider
-                theme={webLightTheme}
-                className={classNames("fluentProvider", i18n.dir())}
-              >
-                <AppRoutes test-id="routes" />
-              </FluentProvider>
-            </UserProvider>
-          </TokenProvider>
-        )}
-      </AuthenticatedTemplate>
-
-      <UnauthenticatedTemplate>
-        <span> Signing you in...</span>
-      </UnauthenticatedTemplate>
-    </div>
-  );
-};
-
-export default App;

From da167ba96590e2d65d0f7b2929d823b2c00f922b Mon Sep 17 00:00:00 2001
From: Bangarraju-Microsoft <v-golib@microsoft.com>
Date: Fri, 15 Nov 2024 15:25:03 +0530
Subject: [PATCH 7/7] Platform set to single page app

---
 Deployment/resourcedeployment.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Deployment/resourcedeployment.ps1 b/Deployment/resourcedeployment.ps1
index 0eda2bd8..a1e805e9 100644
--- a/Deployment/resourcedeployment.ps1
+++ b/Deployment/resourcedeployment.ps1
@@ -792,7 +792,7 @@ try {
 
     # Step 2: Update platform type to 'Single-page application'
     Write-Host "Setting platform type to 'Single-page application' with redirect URI '$redirectUri'..."
-    $updatedApp = Set-AzADApplication -ObjectId $app.Id -ReplyUrls $redirectUri
+    $updatedApp = Set-AzADApplication -ObjectId $app.Id -SPARedirectUri $redirectUri
     Write-Host "Platform set to 'Single-page application' with redirect URI '$redirectUri'."