public ManagedIdentityClient(AzureCredentialOptions options = null)
{
_options = options ?? new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(_options);
_clientDiagnostics = new ClientDiagnostics(_options);
}
/// <summary>
/// Creates an instance of the UsernamePasswordCredential with the details needed to authenticate against Azure Active Directory with a simple username
/// and password.
/// </summary>
/// <param name="username"></param>
/// <param name="password">The user account's user name, UPN.</param>
/// <param name="clientId">The client (application) ID of an App Registration in the tenant.</param>
/// <param name="tenantId">The Azure Active Directory tenant (directory) ID or name.</param>
/// <param name="options">The client options for the newly created UsernamePasswordCredential</param>
public UsernamePasswordCredential(string username, string password, string clientId, string tenantId, AzureCredentialOptions options)
{
_username = username ?? throw new ArgumentNullException(nameof(username));
_password = (password != null) ? password.ToSecureString() : throw new ArgumentNullException(nameof(password));
_options = options ?? new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(_options);
_pubApp = PublicClientApplicationBuilder.Create(clientId).WithHttpClientFactory(new HttpPipelineClientFactory(_pipeline)).WithTenantId(tenantId).Build();
}
/// <summary>
/// Creates a new InteractiveBrowserCredential with the specifeid options, which will authenticate users with the specified application.
/// </summary>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
/// <param name="tenantId">The tenant id of the application and the users to authentiacte</param>
/// TODO: need to link to info on how the application has to be created to authenticate users, for multiple applications
/// <param name="options">The client options for the newly created DeviceCodeCredential</param>
public InteractiveBrowserCredential(string clientId, string tenantId = default, AzureCredentialOptions options = default)
{
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
_options = options ??= new AzureCredentialOptions();
HttpPipeline pipeline = HttpPipelineBuilder.Build(_options);
var pubAppBuilder = PublicClientApplicationBuilder.Create(_clientId).WithHttpClientFactory(new HttpPipelineClientFactory(pipeline)).WithRedirectUri("http://localhost");
if (!string.IsNullOrEmpty(tenantId))
{
pubAppBuilder = pubAppBuilder.WithTenantId(tenantId);
}
_pubApp = pubAppBuilder.Build();
}
/// <summary>
/// Creates a new DeviceCodeCredential with the specifeid options, which will authenticate users with the specified application.
/// </summary>
/// <param name="deviceCodeCallback">The callback to be executed to display the device code to the user</param>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
/// <param name="tenantId">The tenant id of the application to which users will authenticate. This can be unspecified for multi-tenanted applications.</param>
/// <param name="options">The client options for the newly created DeviceCodeCredential</param>
public DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, string clientId, string tenantId = default, AzureCredentialOptions options = default)
{
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
_deviceCodeCallback = deviceCodeCallback ?? throw new ArgumentNullException(nameof(deviceCodeCallback));
_options = options ?? new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(_options);
var pubAppBuilder = PublicClientApplicationBuilder.Create(_clientId).WithHttpClientFactory(new HttpPipelineClientFactory(_pipeline)).WithRedirectUri("https://login.microsoftonline.com/common/oauth2/nativeclient");
if (!string.IsNullOrEmpty(tenantId))
{
pubAppBuilder = pubAppBuilder.WithTenantId(tenantId);
}
_pubApp = pubAppBuilder.Build();
}
/// <summary>
/// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables.
/// If the expected environment variables are not found at this time, the GetToken method will return the default <see cref="AccessToken"/> when invoked.
/// </summary>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public EnvironmentCredential(AzureCredentialOptions options)
{
string tenantId = EnvironmentVariables.TenantId;
string clientId = EnvironmentVariables.ClientId;
string clientSecret = EnvironmentVariables.ClientSecret;
string username = EnvironmentVariables.Username;
string password = EnvironmentVariables.Password;
if (tenantId != null && clientId != null)
{
if (clientSecret != null)
{
_credential = new ClientSecretCredential(tenantId, clientId, clientSecret, options);
}
else if (username != null && password != null && tenantId != null && clientId != null)
{
_credential = new UsernamePasswordCredential(username, password, clientId, tenantId);
}
}
}
/// <summary>
/// Creates an instance of the ClientSecretCredential with the details needed to authenticate against Azure Active Directory with a client secret.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientSecret">A client secret that was generated for the App Registration used to authenticate the client.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientSecretCredential(string tenantId, string clientId, string clientSecret, AzureCredentialOptions options)
{
TenantId = tenantId;
ClientId = clientId;
ClientSecret = clientSecret;
_client = (options != null) ? new AadIdentityClient(options) : AadIdentityClient.SharedClient;
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with the details needed to authenticate against Azure Active Directory with the specified certificate.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientCertificate">The authentication X509 Certificate of the service principal</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientCertificateCredential(string tenantId, string clientId, X509Certificate2 clientCertificate, AzureCredentialOptions options)
{
TenantId = tenantId ?? throw new ArgumentNullException(nameof(tenantId));
ClientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
ClientCertificate = clientCertificate ?? throw new ArgumentNullException(nameof(clientCertificate));
_client = (options != null) ? new AadIdentityClient(options) : AadIdentityClient.SharedClient;
}
public AadIdentityClient(AzureCredentialOptions options = null)
{
_options = options ?? new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(_options);
}
/// <summary>
/// Creates an instance of the ManagedIdentityCredential capable of authenticating a resource with a managed identity.
/// </summary>
/// <param name="clientId">
/// The client id to authenticate for a user assigned managed identity. More information on user assigned managed identities cam be found here:
/// https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview#how-a-user-assigned-managed-identity-works-with-an-azure-vm
/// </param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ManagedIdentityCredential(string clientId = null, AzureCredentialOptions options = null)
{
_clientId = clientId;
_client = (options != null) ? new ManagedIdentityClient(options) : ManagedIdentityClient.SharedClient;
}
/// <summary>
/// Creates an instance of the ClientSecretCredential with the details needed to authenticate against Azure Active Directory with a prefetched authorization code.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientSecret">A client secret that was generated for the App Registration used to authenticate the client.</param>
/// <param name="authorizationCode">The authorization code obtained from a call to authorize. The code should be obtained with all required scopes.
/// See https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow for more information.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, AzureCredentialOptions options)
{
if (tenantId is null)
{
throw new ArgumentNullException(nameof(tenantId));
}
if (clientId is null)
{
throw new ArgumentNullException(nameof(clientId));
}
if (clientSecret is null)
{
throw new ArgumentNullException(nameof(clientSecret));
}
_authCode = authorizationCode ?? throw new ArgumentNullException(nameof(authorizationCode));
options ??= new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(options);
_confidentialClient = ConfidentialClientApplicationBuilder.Create(clientId).WithHttpClientFactory(new HttpPipelineClientFactory(_pipeline)).WithTenantId(tenantId).WithClientSecret(clientSecret).Build();
_clientDiagnostics = new ClientDiagnostics(options);
}
