The Power BI app token used to authenticate with Power BI Embedded services
Example #1
0
        /// <summary>
        /// Creates a embed token with default expiration used to embed Power BI components into your own applications
        /// </summary>
        /// <param name="workspaceCollectionName">The workspace collection name</param>
        /// <param name="workspaceId">The workspace id</param>
        /// <param name="reportId">The report id</param>
        /// <param name="datasetId">The dataset id</param>
        /// <param name="expiration">The token expiration date/time</param>
        /// <param name="username">The RLS username</param>
        /// <param name="roles">The RLS roles</param>
        /// <param name="scopes">The permission scopes</param>
        /// <returns>The Power BI access token</returns>
        public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, string datasetId, DateTime expiration, string username = null, IEnumerable <string> roles = null, string scopes = null)
        {
            Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
            Guard.ValidateString(workspaceId, "workspaceId");

            if (expiration < DateTime.UtcNow)
            {
                throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
            }

            if (string.IsNullOrWhiteSpace(reportId) && string.IsNullOrWhiteSpace(datasetId))
            {
                throw new ArgumentException("Either ReportId or DatasetId must be set", nameof(reportId) + "\\ " + nameof(datasetId));
            }

            var token = new PowerBIToken
            {
                Expiration = expiration
            };

            token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
            token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));

            if (!string.IsNullOrWhiteSpace(reportId))
            {
                token.ReportId = reportId;
                token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));
            }

            if (!string.IsNullOrWhiteSpace(datasetId))
            {
                token.DatasetId = datasetId;
                token.Claims.Add(new Claim(ClaimTypes.DatasetId, datasetId));
            }

            // RLS claims: requires username and roles are optional
            if (!string.IsNullOrEmpty(username))
            {
                token.Claims.Add(new Claim(ClaimTypes.Username, username));
            }

            if (roles != null)
            {
                foreach (var role in roles)
                {
                    token.Claims.Add(new Claim(ClaimTypes.Roles, role));
                }
            }

            if (!string.IsNullOrWhiteSpace(scopes))
            {
                token.Claims.Add(new Claim(ClaimTypes.Scopes, scopes));
            }

            return(token);
        }
        /// <summary>
        /// Creates a embed token with default expiration used to embed Power BI components into your own applications
        /// </summary>
        /// <param name="workspaceCollectionName">The workspace collection name</param>
        /// <param name="workspaceId">The workspace id</param>
        /// <param name="reportId">The report id</param>
        /// <param name="expiration">The token expiration date/time</param>
        /// <param name="username">The RLS username</param>
        /// <param name="roles">The RLS roles</param>
        /// <returns>The Power BI access token</returns>
        public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, DateTime expiration, string username = null, IEnumerable <string> roles = null)
        {
            Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
            Guard.ValidateString(workspaceId, "workspaceId");
            Guard.ValidateString(reportId, "reportId");

            if (expiration < DateTime.UtcNow)
            {
                throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
            }

            if (roles != null && string.IsNullOrEmpty(username))
            {
                throw  new ArgumentException("Cannot have an empty or null Username claim with the non-empty Roles claim");
            }

            var token = new PowerBIToken
            {
                Expiration = expiration
            };

            token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
            token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));
            token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));

            // RLS claims: requires username and roles are optional
            if (!string.IsNullOrEmpty(username))
            {
                token.Claims.Add(new Claim(ClaimTypes.Username, username));

                if (roles != null)
                {
                    foreach (var role in roles)
                    {
                        token.Claims.Add(new Claim(ClaimTypes.Roles, role));
                    }
                }
            }

            return(token);
        }
        /// <summary>
        /// Creates a embed token with default expiration used to embed Power BI components into your own applications
        /// </summary>
        /// <param name="workspaceCollectionName">The workspace collection name</param>
        /// <param name="workspaceId">The workspace id</param>
        /// <param name="reportId">The report id</param>
        /// <param name="expiration">The token expiration date/time</param>
        /// <param name="username">The RLS username</param>
        /// <param name="roles">The RLS roles</param>
        /// <returns>The Power BI access token</returns>
        public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, DateTime expiration, string username = null, IEnumerable<string> roles = null)
        {
            Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
            Guard.ValidateString(workspaceId, "workspaceId");
            Guard.ValidateString(reportId, "reportId");

            if (expiration < DateTime.UtcNow)
            {
                throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
            }

            if (roles != null && string.IsNullOrEmpty(username))
            {
                throw  new ArgumentException("Cannot have an empty or null Username claim with the non-empty Roles claim");
            }

            var token = new PowerBIToken
            {
                Expiration = expiration
            };

            token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
            token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));
            token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));

            // RLS claims: requires username and roles are optional
            if (!string.IsNullOrEmpty(username))
            {
                token.Claims.Add(new Claim(ClaimTypes.Username, username));

                if (roles != null)
                {
                    foreach (var role in roles)
                    {
                        token.Claims.Add(new Claim(ClaimTypes.Roles, role));
                    }
                }
            }

            return token;
        }
        public void CreateGenericTokenWithMissingParamsFails()
        {
            var token = new PowerBIToken
            {
                Issuer = null,
                Audience = null
            };

            token.Generate(this.accessKey);
        }
        public void CreateGenericTokenWithInvalidExpirationFails()
        {
            var token = new PowerBIToken
            {
                Issuer = "issuer",
                Audience = "audience",
                AccessKey = this.accessKey,
                Expiration = DateTime.MinValue
            };

            token.Generate();
        }
        public void CanManuallyCreatePowerBIToken()
        {
            var token = new PowerBIToken
            {
                Audience = "TestAudience",
                Issuer = "TestIssuer",
                Expiration = DateTime.UtcNow.AddHours(2),
                AccessKey = this.accessKey
            };

            token.Claims.Add(new Claim("Name", "TestUser"));

            var jwt = token.Generate();
            var decodedToken = new JwtSecurityToken(jwt);

            var tokenExpiration = new DateTime(
                token.Expiration.Value.Year,
                token.Expiration.Value.Month,
                token.Expiration.Value.Day,
                token.Expiration.Value.Hour,
                token.Expiration.Value.Minute,
                token.Expiration.Value.Second);

            Assert.IsTrue(decodedToken.Audiences.Contains(token.Audience));
            Assert.AreEqual(token.Issuer, decodedToken.Issuer);
            Assert.AreEqual(tokenExpiration, decodedToken.ValidTo);

            var nameClaim = decodedToken.Claims.FirstOrDefault(c => c.Type == "Name");
            Assert.AreEqual("TestUser", nameClaim.Value);
        }
Example #7
-1
        protected IPowerBIClient CreatePowerBIClient(PowerBIToken token)
        {
            var jwt = token.Generate(accessKey);
            var credentials = new TokenCredentials(jwt, "AppToken");
            var client = new PowerBIClient(credentials)
            {
                BaseUri = new Uri(apiUrl)
            };

            return client;
        }
        private static IPowerBIClient CreatePowerBiClient(PowerBIToken token)
        {
            var jwt = token.Generate(ConfigHelper.PowerbiSigningKey);
            var credentials = new TokenCredentials(jwt, "AppToken");

            var client = new PowerBIClient(credentials)
            {
                BaseUri = new Uri(ConfigHelper.PowerbiApiUrl)
            };

            return client;
        }
Example #9
-2
        static IPowerBIClient CreateClient(PowerBIToken token, string accessKey, string apiUrl)
        {
            WorkspaceCollectionKeys accessKeys = new WorkspaceCollectionKeys()
            {
                Key1 = accessKey
            };

            // Generate a JWT token used when accessing the REST APIs
            var jwt = token.Generate(accessKeys.Key1);

            // Create a token credentials with "AppToken" type
            var credentials = new TokenCredentials(jwt, "AppToken");

            // Instantiate your Power BI client passing in the required credentials
            var client = new PowerBIClient(credentials);

            // Override the api endpoint base URL.  Default value is https://api.powerbi.com
            client.BaseUri = new Uri(apiUrl);

            return client;
        }