/// <summary>
/// Creates a embed token with default expiration used to embed Power BI components into your own applications
/// </summary>
/// <param name="workspaceCollectionName">The workspace collection name</param>
/// <param name="workspaceId">The workspace id</param>
/// <param name="reportId">The report id</param>
/// <param name="datasetId">The dataset id</param>
/// <param name="expiration">The token expiration date/time</param>
/// <param name="username">The RLS username</param>
/// <param name="roles">The RLS roles</param>
/// <param name="scopes">The permission scopes</param>
/// <returns>The Power BI access token</returns>
public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, string datasetId, DateTime expiration, string username = null, IEnumerable <string> roles = null, string scopes = null)
{
Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
Guard.ValidateString(workspaceId, "workspaceId");
if (expiration < DateTime.UtcNow)
{
throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
}
if (string.IsNullOrWhiteSpace(reportId) && string.IsNullOrWhiteSpace(datasetId))
{
throw new ArgumentException("Either ReportId or DatasetId must be set", nameof(reportId) + "\\ " + nameof(datasetId));
}
var token = new PowerBIToken
{
Expiration = expiration
};
token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));
if (!string.IsNullOrWhiteSpace(reportId))
{
token.ReportId = reportId;
token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));
}
if (!string.IsNullOrWhiteSpace(datasetId))
{
token.DatasetId = datasetId;
token.Claims.Add(new Claim(ClaimTypes.DatasetId, datasetId));
}
// RLS claims: requires username and roles are optional
if (!string.IsNullOrEmpty(username))
{
token.Claims.Add(new Claim(ClaimTypes.Username, username));
}
if (roles != null)
{
foreach (var role in roles)
{
token.Claims.Add(new Claim(ClaimTypes.Roles, role));
}
}
if (!string.IsNullOrWhiteSpace(scopes))
{
token.Claims.Add(new Claim(ClaimTypes.Scopes, scopes));
}
return(token);
}
/// <summary>
/// Creates a embed token with default expiration used to embed Power BI components into your own applications
/// </summary>
/// <param name="workspaceCollectionName">The workspace collection name</param>
/// <param name="workspaceId">The workspace id</param>
/// <param name="reportId">The report id</param>
/// <param name="expiration">The token expiration date/time</param>
/// <param name="username">The RLS username</param>
/// <param name="roles">The RLS roles</param>
/// <returns>The Power BI access token</returns>
public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, DateTime expiration, string username = null, IEnumerable <string> roles = null)
{
Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
Guard.ValidateString(workspaceId, "workspaceId");
Guard.ValidateString(reportId, "reportId");
if (expiration < DateTime.UtcNow)
{
throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
}
if (roles != null && string.IsNullOrEmpty(username))
{
throw new ArgumentException("Cannot have an empty or null Username claim with the non-empty Roles claim");
}
var token = new PowerBIToken
{
Expiration = expiration
};
token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));
token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));
// RLS claims: requires username and roles are optional
if (!string.IsNullOrEmpty(username))
{
token.Claims.Add(new Claim(ClaimTypes.Username, username));
if (roles != null)
{
foreach (var role in roles)
{
token.Claims.Add(new Claim(ClaimTypes.Roles, role));
}
}
}
return(token);
}
/// <summary>
/// Creates a embed token with default expiration used to embed Power BI components into your own applications
/// </summary>
/// <param name="workspaceCollectionName">The workspace collection name</param>
/// <param name="workspaceId">The workspace id</param>
/// <param name="reportId">The report id</param>
/// <param name="expiration">The token expiration date/time</param>
/// <param name="username">The RLS username</param>
/// <param name="roles">The RLS roles</param>
/// <returns>The Power BI access token</returns>
public static PowerBIToken CreateReportEmbedToken(string workspaceCollectionName, string workspaceId, string reportId, DateTime expiration, string username = null, IEnumerable<string> roles = null)
{
Guard.ValidateString(workspaceCollectionName, "workspaceCollectionName");
Guard.ValidateString(workspaceId, "workspaceId");
Guard.ValidateString(reportId, "reportId");
if (expiration < DateTime.UtcNow)
{
throw new ArgumentException("Expiration must be a date/time in the future", nameof(expiration));
}
if (roles != null && string.IsNullOrEmpty(username))
{
throw new ArgumentException("Cannot have an empty or null Username claim with the non-empty Roles claim");
}
var token = new PowerBIToken
{
Expiration = expiration
};
token.Claims.Add(new Claim(ClaimTypes.WorkspaceCollectionName, workspaceCollectionName));
token.Claims.Add(new Claim(ClaimTypes.WorkspaceId, workspaceId));
token.Claims.Add(new Claim(ClaimTypes.ReportId, reportId));
// RLS claims: requires username and roles are optional
if (!string.IsNullOrEmpty(username))
{
token.Claims.Add(new Claim(ClaimTypes.Username, username));
if (roles != null)
{
foreach (var role in roles)
{
token.Claims.Add(new Claim(ClaimTypes.Roles, role));
}
}
}
return token;
}
public void CreateGenericTokenWithMissingParamsFails()
{
var token = new PowerBIToken
{
Issuer = null,
Audience = null
};
token.Generate(this.accessKey);
}
public void CreateGenericTokenWithInvalidExpirationFails()
{
var token = new PowerBIToken
{
Issuer = "issuer",
Audience = "audience",
AccessKey = this.accessKey,
Expiration = DateTime.MinValue
};
token.Generate();
}
public void CanManuallyCreatePowerBIToken()
{
var token = new PowerBIToken
{
Audience = "TestAudience",
Issuer = "TestIssuer",
Expiration = DateTime.UtcNow.AddHours(2),
AccessKey = this.accessKey
};
token.Claims.Add(new Claim("Name", "TestUser"));
var jwt = token.Generate();
var decodedToken = new JwtSecurityToken(jwt);
var tokenExpiration = new DateTime(
token.Expiration.Value.Year,
token.Expiration.Value.Month,
token.Expiration.Value.Day,
token.Expiration.Value.Hour,
token.Expiration.Value.Minute,
token.Expiration.Value.Second);
Assert.IsTrue(decodedToken.Audiences.Contains(token.Audience));
Assert.AreEqual(token.Issuer, decodedToken.Issuer);
Assert.AreEqual(tokenExpiration, decodedToken.ValidTo);
var nameClaim = decodedToken.Claims.FirstOrDefault(c => c.Type == "Name");
Assert.AreEqual("TestUser", nameClaim.Value);
}
protected IPowerBIClient CreatePowerBIClient(PowerBIToken token)
{
var jwt = token.Generate(accessKey);
var credentials = new TokenCredentials(jwt, "AppToken");
var client = new PowerBIClient(credentials)
{
BaseUri = new Uri(apiUrl)
};
return client;
}
private static IPowerBIClient CreatePowerBiClient(PowerBIToken token)
{
var jwt = token.Generate(ConfigHelper.PowerbiSigningKey);
var credentials = new TokenCredentials(jwt, "AppToken");
var client = new PowerBIClient(credentials)
{
BaseUri = new Uri(ConfigHelper.PowerbiApiUrl)
};
return client;
}
static IPowerBIClient CreateClient(PowerBIToken token, string accessKey, string apiUrl)
{
WorkspaceCollectionKeys accessKeys = new WorkspaceCollectionKeys()
{
Key1 = accessKey
};
// Generate a JWT token used when accessing the REST APIs
var jwt = token.Generate(accessKeys.Key1);
// Create a token credentials with "AppToken" type
var credentials = new TokenCredentials(jwt, "AppToken");
// Instantiate your Power BI client passing in the required credentials
var client = new PowerBIClient(credentials);
// Override the api endpoint base URL. Default value is https://api.powerbi.com
client.BaseUri = new Uri(apiUrl);
return client;
}