we are getting good tutorials on letting the owin pipeline use opened connect auth_code grants to go off and pre-populate a refresh token into a web apps token store - ready for one or more API consumers in the web app to silently access when converting their client_credential grant into API-resource-endpoint ready access tokens.
The pre-population accesstoken() call attempts to get access/refresh tokens on the graph resource.
Is this access to the graph there for managing pre=-pulation of tokens, or gaining access to the graph (for people pickers, for user profile access)?
Is there a difference between hooking up explicitly to the graph resource API and using a "user info" endpoint?
Is token handling different?
The answer might be as simple as: one is old architecture, and the graph API is the preferred new architecture.
165 OpenIdConnectConfigurationPing =
166 new OpenIdConnectConfiguration()
167 {
168 AuthorizationEndpoint = "https://connect-interop.pinglabs.org:9031/as/authorization.oauth2",
169 Issuer = "https://connect-interop.pinglabs.org:9031",
170 TokenEndpoint = "https://connect-interop.pinglabs.org:9031/as/token.oauth2",
171 UserInfoEndpoint = "https://connect-interop.pinglabs.org:9031/idp/userinfo.openid"
172 };