public async Task <string> ConvertAsync(TokenBaseAttribute attribute, CancellationToken cancellationToken)
        {
            attribute.CheckValidity();
            switch (attribute.Identity)
            {
            case TokenIdentityMode.UserFromId:
                // If the attribute has no identity provider, assume AAD
                attribute.IdentityProvider = attribute.IdentityProvider ?? "AAD";
                var easyAuthTokenManager = new EasyAuthTokenManager(_easyAuthClient, _options);
                return(await easyAuthTokenManager.GetEasyAuthAccessTokenAsync(attribute));

            case TokenIdentityMode.UserFromToken:
                return(await GetAuthTokenFromUserToken(attribute.UserToken, attribute.Resource));

            case TokenIdentityMode.ClientCredentials:
                return(await _aadManager.GetTokenFromClientCredentials(attribute.Resource));
            }

            throw new InvalidOperationException("Unable to authorize without Principal ID or ID Token.");
        }
Esempio n. 2
0
        /// <summary>
        /// Retrieve an access token for the specified resource (e.g. MS Graph)
        /// </summary>
        /// <param name="attribute">TokenAttribute with desired resource & user's principal ID or ID token</param>
        /// <returns>JWT with audience, scopes, user id</returns>
        public async Task <string> GetAccessTokenAsync(TokenAttribute attribute)
        {
            attribute.CheckValidity();
            switch (attribute.Identity)
            {
            case TokenIdentityMode.UserFromId:
                // If the attribute has no identity provider, assume AAD
                attribute.IdentityProvider = attribute.IdentityProvider ?? "AAD";
                string signingKey           = AppSettings.Resolve(Constants.AppSettingWebsiteAuthSigningKey);
                var    easyAuthTokenManager = new EasyAuthTokenManager(EasyAuthClient, signingKey);
                return(await easyAuthTokenManager.GetEasyAuthAccessTokenAsync(attribute));

            case TokenIdentityMode.UserFromToken:
                return(await GetAuthTokenFromUserToken(attribute.UserToken, attribute.Resource));

            case TokenIdentityMode.ClientCredentials:
                return(await AadClient.GetTokenFromClientCredentials(attribute.Resource));
            }

            throw new InvalidOperationException("Unable to authorize without Principal ID or ID Token.");
        }