/// <summary>
/// Creates a new authentication broker based for the specified resource.
/// </summary>
/// <param name="targetUri">The resource for which authentication is being requested.</param>
/// <param name="scope">The scope of the access being requested.</param>
/// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param>
/// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param>
/// <param name="authentication">
/// An implementation of <see cref="BaseAuthentication"/> if one was detected;
/// <see langword="null"/> otherwise.
/// </param>
/// <returns>
/// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise.
/// </returns>
public static bool GetAuthentication(
TargetUri targetUri,
VstsTokenScope scope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
out BaseAuthentication authentication)
{
Trace.WriteLine("BaseVstsAuthentication::DetectAuthority");
Guid tenantId;
if (DetectAuthority(targetUri, out tenantId))
{
// empty Guid is MSA, anything else is AAD
if (tenantId == Guid.Empty)
{
Trace.WriteLine(" MSA authority detected");
authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore, adaRefreshTokenStore);
}
else
{
Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected");
authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore, adaRefreshTokenStore);
(authentication as VstsAadAuthentication).TenantId = tenantId;
}
}
else
{
authentication = null;
}
return(authentication != null);
}
/// <summary>
/// Gets a configured authentication object for 'github.com'.
/// </summary>
/// <param name="targetUri">The uniform resource indicator of the resource which requires
/// authentication.</param>
/// <param name="tokenScope">The desired scope of any personal access tokens aqcuired.</param>
/// <param name="personalAccessTokenStore">A secure secret store for any personal access
/// tokens acquired.</param>
/// <param name="authentication">(out) The authenitcation object if successful.</param>
/// <returns>True if success; otherwise false.</returns>
public static bool GetAuthentication(
Uri targetUri,
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationCodeDelegate acquireAuthenticationCodeCallback,
AuthenticationResultDelegate authenticationResultCallback,
out BaseAuthentication authentication)
{
const string GitHubBaseUrlHost = "github.com";
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
{
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` is null or invalid.");
}
Trace.WriteLine("GithubAuthentication::GetAuthentication");
if (targetUri.DnsSafeHost.EndsWith(GitHubBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
authentication = new GithubAuthentication(tokenScope, personalAccessTokenStore, acquireCredentialsCallback, acquireAuthenticationCodeCallback, authenticationResultCallback);
Trace.WriteLine(" authentication for GitHub created");
}
else
{
authentication = null;
Trace.WriteLine(" not github.com, authentication creation aborted");
}
return(authentication != null);
}
/// <summary>
/// Gets a configured authentication object for 'github.com'.
/// </summary>
/// <param name="targetUri">The uniform resource indicator of the resource which requires
/// authentication.</param>
/// <param name="tokenScope">The desired scope of any personal access tokens aqcuired.</param>
/// <param name="personalAccessTokenStore">A secure secret store for any personal access
/// tokens acquired.</param>
/// <param name="authentication">(out) The authenitcation object if successful.</param>
/// <returns>True if success; otherwise false.</returns>
public static bool GetAuthentication(
Uri targetUri,
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
out BaseAuthentication authentication)
{
const string GitHubBaseUrlHost = "github.com";
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` is null or invalid.");
Trace.WriteLine("GithubAuthentication::GetAuthentication");
if (targetUri.DnsSafeHost.EndsWith(GitHubBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
authentication = new GithubAuthentication(tokenScope, personalAccessTokenStore);
Trace.WriteLine(" authentication for GitHub created");
}
else
{
authentication = null;
Trace.WriteLine(" not github.com, authentication creation aborted");
}
return authentication != null;
}
/// <summary>
/// Creates a new authentication broker based for the specified resource.
/// <para/>
/// Returns `<see langword="true"/>` if an authority could be determined; otherwise `<see langword="false"/>`.
/// </summary>
/// <param name="targetUri">The resource for which authentication is being requested.</param>
/// <param name="scope">The scope of the access being requested.</param>
/// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param>
public static async Task <BaseAuthentication> GetAuthentication(
RuntimeContext context,
TargetUri targetUri,
VstsTokenScope scope,
ICredentialStore personalAccessTokenStore)
{
BaseSecureStore.ValidateTargetUri(targetUri);
if (scope is null)
{
throw new ArgumentNullException(nameof(scope));
}
if (personalAccessTokenStore is null)
{
throw new ArgumentNullException(nameof(personalAccessTokenStore));
}
BaseAuthentication authentication = null;
var result = await DetectAuthority(context, targetUri);
if (!result.HasValue)
{
return(null);
}
// Query for the tenant's identity
Guid tenantId = result.Value;
// empty identity is MSA, anything else is AAD
if (tenantId == Guid.Empty)
{
context.Trace.WriteLine("MSA authority detected.");
authentication = new VstsMsaAuthentication(context, scope, personalAccessTokenStore);
}
else
{
context.Trace.WriteLine($"AAD authority for tenant '{tenantId}' detected.");
authentication = new VstsAadAuthentication(context, tenantId, scope, personalAccessTokenStore);
(authentication as VstsAadAuthentication).TenantId = tenantId;
}
return(authentication);
}
/// <summary>
/// Creates a new authentication broker based for the specified resource.
/// </summary>
/// <param name="targetUri">The resource for which authentication is being requested.</param>
/// <param name="scope">The scope of the access being requested.</param>
/// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param>
/// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param>
/// <param name="authentication">
/// An implementation of <see cref="BaseAuthentication"/> if one was detected;
/// <see langword="null"/> otherwise.
/// </param>
/// <returns>
/// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise.
/// </returns>
public static BaseAuthentication GetAuthentication(
TargetUri targetUri,
VstsTokenScope scope,
ICredentialStore personalAccessTokenStore)
{
BaseSecureStore.ValidateTargetUri(targetUri);
if (ReferenceEquals(scope, null))
{
throw new ArgumentNullException(nameof(scope));
}
if (ReferenceEquals(personalAccessTokenStore, null))
{
throw new ArgumentNullException(nameof(personalAccessTokenStore));
}
Trace.WriteLine("BaseVstsAuthentication::DetectAuthority");
BaseAuthentication authentication = null;
Guid tenantId;
if (DetectAuthority(targetUri, out tenantId))
{
// empty Guid is MSA, anything else is AAD
if (tenantId == Guid.Empty)
{
Trace.WriteLine(" MSA authority detected");
authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore);
}
else
{
Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected");
authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore);
(authentication as VstsAadAuthentication).TenantId = tenantId;
}
}
return(authentication);
}
/// <summary>
/// Creates a new authentication broker based for the specified resource.
/// </summary>
/// <param name="targetUri">The resource for which authentication is being requested.</param>
/// <param name="scope">The scope of the access being requested.</param>
/// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param>
/// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param>
/// <param name="authentication">
/// An implementation of <see cref="BaseAuthentication"/> if one was detected;
/// <see langword="null"/> otherwise.
/// </param>
/// <returns>
/// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise.
/// </returns>
public static bool GetAuthentication(
Uri targetUri,
VsoTokenScope scope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
out BaseAuthentication authentication)
{
Trace.WriteLine("BaseVsoAuthentication::DetectAuthority");
Guid tenantId;
if (DetectAuthority(targetUri, out tenantId))
{
// empty Guid is MSA, anything else is AAD
if (tenantId == Guid.Empty)
{
Trace.WriteLine(" MSA authority detected");
authentication = new VsoMsaAuthentication(scope, personalAccessTokenStore, adaRefreshTokenStore);
}
else
{
Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected");
authentication = new VsoAadAuthentication(tenantId, scope, personalAccessTokenStore, adaRefreshTokenStore);
(authentication as VsoAadAuthentication).TenantId = tenantId;
}
}
else
{
authentication = null;
}
return authentication != null;
}
