internal AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, TokenCredentialOptions options, MsalConfidentialClient client, CredentialPipeline pipeline = null)
{
Validations.ValidateTenantId(tenantId, nameof(tenantId));
_tenantId = tenantId;
Argument.AssertNotNull(clientSecret, nameof(clientSecret));
Argument.AssertNotNull(clientId, nameof(clientId));
Argument.AssertNotNull(authorizationCode, nameof(authorizationCode));
_clientId = clientId;
_authCode = authorizationCode;
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options ?? new TokenCredentialOptions());
_redirectUri = options switch
{
AuthorizationCodeCredentialOptions o => o.RedirectUri?.AbsoluteUri,
_ => null
};
_client = client ??
new MsalConfidentialClient(
_pipeline,
tenantId,
clientId,
clientSecret,
_redirectUri,
options as ITokenCacheOptions,
null,
options?.IsLoggingPIIEnabled ?? false);
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with a synchronous callback that provides a signed client assertion to authenicate against Azure Active Directory.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="assertionCallback">A synchronous callback returning a valid client assertion used to authenticate the service principal.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientAssertionCredential(string tenantId, string clientId, Func <string> assertionCallback, ClientAssertionCredentialOptions options = default)
{
Argument.AssertNotNull(clientId, nameof(clientId));
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId;
Client = options?.MsalClient ?? new MsalConfidentialClient(options?.Pipeline ?? CredentialPipeline.GetInstance(options), tenantId, clientId, assertionCallback, null, null, options?.IsLoggingPIIEnabled ?? false);
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with an asynchronous callback that provides a signed client assertion to authenticate against Azure Active Directory.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="assertionCallback">An asynchronous callback returning a valid client assertion used to authenticate the service principal.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientAssertionCredential(string tenantId, string clientId, Func <CancellationToken, Task <string> > assertionCallback, ClientAssertionCredentialOptions options = default)
{
Argument.AssertNotNull(clientId, nameof(clientId));
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId;
Client = options?.MsalClient ?? new MsalConfidentialClient(options?.Pipeline ?? CredentialPipeline.GetInstance(options), tenantId, clientId, assertionCallback, options);
}
internal ClientSecretCredential(string tenantId, string clientId, string clientSecret, TokenCredentialOptions options, CredentialPipeline pipeline, MsalConfidentialClient client)
{
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
ClientSecret = clientSecret ?? throw new ArgumentNullException(nameof(clientSecret));
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalConfidentialClient(_pipeline, tenantId, clientId, clientSecret, options as ITokenCacheOptions);
}
internal ClientSecretCredential(string tenantId, string clientId, string clientSecret, TokenCredentialOptions options, CredentialPipeline pipeline, MsalConfidentialClient client)
{
Argument.AssertNotNull(clientId, nameof(clientId));
Argument.AssertNotNull(clientSecret, nameof(clientSecret));
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
ClientSecret = clientSecret;
_allowMultiTenantAuthentication = options?.AllowMultiTenantAuthentication ?? false;
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
Client = client ?? new MsalConfidentialClient(_pipeline, tenantId, clientId, clientSecret, options as ITokenCacheOptions, (options as ClientSecretCredentialOptions)?.RegionalAuthority);
}
internal UsernamePasswordCredential(string username, string password, string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client)
{
_username = username ?? throw new ArgumentNullException(nameof(username));
_password = (password != null) ? password.ToSecureString() : throw new ArgumentNullException(nameof(password));
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
Validations.ValidateTenantId(tenantId, nameof(tenantId));
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalPublicClient(_pipeline, tenantId, clientId, null, options as ITokenCacheOptions);
}
internal UsernamePasswordCredential(string username, string password, string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client)
{
Argument.AssertNotNull(username, nameof(username));
Argument.AssertNotNull(password, nameof(password));
Argument.AssertNotNull(clientId, nameof(clientId));
_tenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
_allowMultiTenantAuthentication = options?.AllowMultiTenantAuthentication ?? false;
_username = username;
_password = password.ToSecureString();
_clientId = clientId;
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalPublicClient(_pipeline, tenantId, clientId, null, options as ITokenCacheOptions);
}
internal AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, TokenCredentialOptions options, MsalConfidentialClient client)
{
Validations.ValidateTenantId(tenantId, nameof(tenantId));
_tenantId = tenantId;
Argument.AssertNotNull(clientSecret, nameof(clientSecret));
Argument.AssertNotNull(clientId, nameof(clientId));
Argument.AssertNotNull(authorizationCode, nameof(authorizationCode));
_clientId = clientId;
_authCode = authorizationCode;
options ??= new TokenCredentialOptions();
_pipeline = CredentialPipeline.GetInstance(options);
_redirectUri = options switch
{
AuthorizationCodeCredentialOptions o => o.RedirectUri?.ToString(),
_ => null
};
_client = client ?? new MsalConfidentialClient(_pipeline, tenantId, clientId, clientSecret, options as ITokenCacheOptions);
}
/// <summary>
/// Creates an instance of the ClientSecretCredential with the details needed to authenticate against Azure Active Directory with a prefetched authorization code.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientSecret">A client secret that was generated for the App Registration used to authenticate the client.</param>
/// <param name="authorizationCode">The authorization code obtained from a call to authorize. The code should be obtained with all required scopes.
/// See https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow for more information.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, TokenCredentialOptions options)
{
Validations.ValidateTenantId(tenantId, nameof(tenantId));
if (clientSecret is null)
{
throw new ArgumentNullException(nameof(clientSecret));
}
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
_authCode = authorizationCode ?? throw new ArgumentNullException(nameof(authorizationCode));
options ??= new TokenCredentialOptions();
_pipeline = CredentialPipeline.GetInstance(options);
_confidentialClient = ConfidentialClientApplicationBuilder.Create(clientId).WithHttpClientFactory(new HttpPipelineClientFactory(_pipeline.HttpPipeline)).WithTenantId(tenantId).WithClientSecret(clientSecret).Build();
_clientDiagnostics = new ClientDiagnostics(options);
}
public DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, string tenantId, string clientId, TokenCredentialOptions options = default)
: this(deviceCodeCallback, Validations.ValidateTenantId(tenantId, nameof(tenantId), allowNull : true), clientId, options, null)
{
}
public InteractiveBrowserCredential(string tenantId, string clientId, TokenCredentialOptions options = default)
: this(Validations.ValidateTenantId(tenantId, nameof(tenantId), allowNull : true), clientId, options, null, null)
{
}