private void Initialize(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult, DateTimeOffset tokenExpiration)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
if (string.IsNullOrWhiteSpace(tokenAudience))
{
throw new ArgumentNullException("tokenAudience");
}
if (string.IsNullOrWhiteSpace(clientId))
{
throw new ArgumentNullException("clientId");
}
if (authenticationStore == null)
{
throw new ArgumentNullException("authenticationStore");
}
if (authenticationResult == null)
{
throw new ArgumentNullException("authenticationResult");
}
this._authentications = authenticationStore;
this._clientId = clientId;
this._authenticationContext = context;
this._accessToken = authenticationResult.AccessToken;
this._accessTokenType = authenticationResult.AccessTokenType;
this._tokenAudience = tokenAudience;
this._expiration = tokenExpiration;
}
private void Initialize(string tokenAudience, IEnumerable <string> scopes, string accessToken, DateTimeOffset tokenExpiration, IApplicationAuthenticationProvider authenticationProvider)
{
_tokenAudience = tokenAudience;
_authenticationProvider = authenticationProvider;
_scopes = scopes;
_accessToken = accessToken;
_expiration = tokenExpiration;
}
/// <summary>
/// Create an application token provider that can retrieve tokens for the given application from the given context, using the given audience
/// and credential store.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="context">The authentication context to use when retrieving tokens.</param>
/// <param name="tokenAudience">The token audience to use when retrieving tokens</param>
/// <param name="clientId">The client Id for this active directory application</param>
/// <param name="authenticationStore">The source of authentication information for this application.</param>
/// <param name="authenticationResult">The authenticationResult of initial authentication with the application credentials.</param>
public ApplicationTokenProvider(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult)
{
if (authenticationResult == null)
{
throw new ArgumentNullException("authenticationResult");
}
Initialize(context, tokenAudience, clientId, authenticationStore, authenticationResult, authenticationResult.ExpiresOn);
}
/// <summary>
/// For testing purposes only: allows testing token expiration.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <param name="expiration">The token expiration.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
internal static async Task <ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings, TokenCache cache, DateTimeOffset expiration)
{
var audience = settings.TokenAudience.ToString();
var context = GetAuthenticationContext(domain, settings, cache);
var authResult = await authenticationProvider.AuthenticateAsync(clientId, audience, context);
return(new TokenCredentials(new ApplicationTokenProvider(context, audience, clientId,
authenticationProvider, authResult, expiration)));
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task <ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings, TokenCache cache)
{
var audience = settings.TokenAudience.OriginalString;
var context = GetAuthenticationContext(domain, settings, cache);
var authResult = await authenticationProvider.AuthenticateAsync(clientId, audience, context);
return(new TokenCredentials(
new ApplicationTokenProvider(context, audience, clientId, authenticationProvider, authResult),
authResult.TenantId,
authResult.UserInfo == null ? null : authResult.UserInfo.DisplayableId));
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application. Uses the default shared token cache.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task <ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings)
{
return(await LoginSilentAsync(domain, clientId, authenticationProvider, settings, TokenCache.DefaultShared));
}
/// <summary>
/// Create an application token provider that can retrieve tokens for the given application from the given context, using the given audience
/// and credential store.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="context">The authentication context to use when retrieving tokens.</param>
/// <param name="tokenAudience">The token audience to use when retrieving tokens</param>
/// <param name="clientId">The client Id for this active directory application</param>
/// <param name="authenticationStore">The source of authentication information for this application.</param>
/// <param name="authenticationResult">The authenticationResult of initial authentication with the application credentials.</param>
/// <param name="tokenExpiration">The date of expiration for the current access token.</param>
public ApplicationTokenProvider(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult, DateTimeOffset tokenExpiration)
{
Initialize(context, tokenAudience, clientId, authenticationStore, authenticationResult, tokenExpiration);
}
/// <summary>
/// Create an application token provider that can retrieve tokens for the given application from the given context, using the given audience
/// and credential store.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="context">The authentication context to use when retrieving tokens.</param>
/// <param name="tokenAudience">The token audience to use when retrieving tokens</param>
/// <param name="clientId">The client Id for this active directory application</param>
/// <param name="authenticationStore">The source of authentication information for this application.</param>
/// <param name="authenticationResult">The authenticationResult of initial authentication with the application credentials.</param>
public ApplicationTokenProvider(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult)
{
if (authenticationResult == null)
{
throw new ArgumentNullException("authenticationResult");
}
Initialize(context, tokenAudience, clientId, authenticationStore, authenticationResult, authenticationResult.ExpiresOn);
}
private void Initialize(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult, DateTimeOffset tokenExpiration)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
if (string.IsNullOrWhiteSpace(tokenAudience))
{
throw new ArgumentNullException("tokenAudience");
}
if (string.IsNullOrWhiteSpace(clientId))
{
throw new ArgumentNullException("clientId");
}
if (authenticationStore == null)
{
throw new ArgumentNullException("authenticationStore");
}
if (authenticationResult == null)
{
throw new ArgumentNullException("authenticationResult");
}
this._authentications = authenticationStore;
this._clientId = clientId;
this._authenticationContext = context;
this._accessToken = authenticationResult.AccessToken;
this._accessTokenType = authenticationResult.AccessTokenType;
this._tokenAudience = tokenAudience;
this._expiration = tokenExpiration;
}
/// <summary>
/// For testing purposes only: allows testing token expiration.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <param name="expiration">The token expiration.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
internal static async Task<ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings, TokenCache cache, DateTimeOffset expiration)
{
var audience = settings.TokenAudience.ToString();
var context = GetAuthenticationContext(domain, settings, cache);
var authResult = await authenticationProvider.AuthenticateAsync(clientId, audience, context);
return new TokenCredentials(new ApplicationTokenProvider(context, audience, clientId,
authenticationProvider, authResult, expiration));
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application. Uses the default shared token cache.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task<ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings)
{
return await LoginSilentAsync(domain, clientId, authenticationProvider, settings, TokenCache.DefaultShared);
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application. Uses the default service settings
/// (authority and token audience) for authenticating with azure resource manager.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task<ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, TokenCache cache)
{
return await LoginSilentAsync(domain, clientId, authenticationProvider, ActiveDirectoryServiceSettings.Azure, cache);
}
/// <summary>
/// Create an application token provider that can retrieve tokens for the given application from the given context, using the given audience
/// and credential store.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="context">The authentication context to use when retrieving tokens.</param>
/// <param name="tokenAudience">The token audience to use when retrieving tokens</param>
/// <param name="clientId">The client Id for this active directory application</param>
/// <param name="authenticationStore">The source of authentication information for this application.</param>
/// <param name="authenticationResult">The authenticationResult of initial authentication with the application credentials.</param>
/// <param name="tokenExpiration">The date of expiration for the current access token.</param>
public ApplicationTokenProvider(AuthenticationContext context, string tokenAudience, string clientId,
IApplicationAuthenticationProvider authenticationStore, AuthenticationResult authenticationResult, DateTimeOffset tokenExpiration)
{
Initialize(context, tokenAudience, clientId, authenticationStore, authenticationResult, tokenExpiration);
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application. Uses the default service settings
/// (authority and token audience) for authenticating with azure resource manager.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task <ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, TokenCache cache)
{
return(await LoginSilentAsync(domain, clientId, authenticationProvider, ActiveDirectoryServiceSettings.Azure, cache).ConfigureAwait(false));
}
/// <summary>
/// Creates ServiceClientCredentials for authenticating requests as an active directory application.
/// See <see href="https://azure.microsoft.com/en-us/documentation/articles/active-directory-devquickstarts-dotnet/">Active Directory Quickstart for .Net</see>
/// for detailed instructions on creating an Azure Active Directory application.
/// </summary>
/// <param name="domain">The active directory domain or tenantId to authenticate with.</param>
/// <param name="clientId">The active directory clientId for the application.</param>
/// <param name="authenticationProvider">A source for the secure secret for this application.</param>
/// <param name="settings">The active directory service side settings, including authority and token audience.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can authenticate http requests as the given application.</returns>
public static async Task<ServiceClientCredentials> LoginSilentAsync(string domain, string clientId,
IApplicationAuthenticationProvider authenticationProvider, ActiveDirectoryServiceSettings settings, TokenCache cache)
{
var audience = settings.TokenAudience.ToString();
var context = GetAuthenticationContext(domain, settings, cache);
var authResult = await authenticationProvider.AuthenticateAsync(clientId, audience, context);
return new TokenCredentials(
new ApplicationTokenProvider(context, audience, clientId,authenticationProvider, authResult),
authResult.TenantId,
authResult.UserInfo == null ? null : authResult.UserInfo.DisplayableId);
}
