public string GetAadAuthenticatedToken(AsAzureContext asAzureContext, SecureString password, PromptBehavior promptBehavior, string clientId, string resourceUri, Uri resourceRedirectUri) #endif { var authUriBuilder = new UriBuilder((string)asAzureContext.Environment.Endpoints[AsAzureEnvironment.AsRolloutEndpoints.AdAuthorityBaseUrl]); authUriBuilder.Path = string.IsNullOrEmpty(asAzureContext.Account.Tenant) ? "common" : asAzureContext.Account.Tenant; var authenticationContext = new AuthenticationContext( authUriBuilder.ToString(), AsAzureClientSession.TokenCache); AuthenticationResult result = null; string accountType = string.IsNullOrEmpty(asAzureContext.Account.Type) ? AsAzureAccount.AccountType.User : asAzureContext.Account.Type; if (password == null && accountType == AsAzureAccount.AccountType.User) { if (asAzureContext.Account.Id != null) { #if NETSTANDARD result = authenticationContext.AcquireTokenAsync( resourceUri, clientId, resourceRedirectUri, new PlatformParameters(), new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId)).Result; #else result = authenticationContext.AcquireToken( resourceUri, clientId, resourceRedirectUri, promptBehavior, new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId)); #endif } else { #if NETSTANDARD result = authenticationContext.AcquireTokenAsync( resourceUri, clientId, resourceRedirectUri, new PlatformParameters()).Result; #else result = authenticationContext.AcquireToken( resourceUri, clientId, resourceRedirectUri, promptBehavior); #endif } asAzureContext.Account.Id = result.UserInfo.DisplayableId; asAzureContext.Account.Tenant = result.TenantId; asAzureContext.Account.UniqueId = result.UserInfo.UniqueId; } else { if (accountType == AsAzureAccount.AccountType.User) { #if NETSTANDARD //https://stackoverflow.com/a/39393039/294804 //https://github.com/AzureAD/azure-activedirectory-library-for-dotnet/issues/482 //https://github.com/Azure-Samples/active-directory-dotnet-deviceprofile/blob/5d5499d09c918ae837810d457822474df97600e9/DirSearcherClient/Program.cs#L206-L210 // Note: More robust implementation in UserTokenProvider.Netcore.cs in DoAcquireToken DeviceCodeResult codeResult = authenticationContext.AcquireDeviceCodeAsync(resourceUri, clientId).Result; promptAction(codeResult?.Message); result = authenticationContext.AcquireTokenByDeviceCodeAsync(codeResult).Result; #else UserCredential userCredential = new UserCredential(asAzureContext.Account.Id, password); result = authenticationContext.AcquireToken(resourceUri, clientId, userCredential); #endif asAzureContext.Account.Id = result.UserInfo.DisplayableId; asAzureContext.Account.Tenant = result.TenantId; asAzureContext.Account.UniqueId = result.UserInfo.UniqueId; } else if (accountType == AsAzureAccount.AccountType.ServicePrincipal) { if (string.IsNullOrEmpty(asAzureContext.Account.CertificateThumbprint)) { #if NETSTANDARD ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, ConversionUtilities.SecureStringToString(password)); result = authenticationContext.AcquireTokenAsync(resourceUri, credential).Result; #else ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, password); result = authenticationContext.AcquireToken(resourceUri, credential); #endif } else { DiskDataStore dataStore = new DiskDataStore(); var certificate = dataStore.GetCertificate(asAzureContext.Account.CertificateThumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, asAzureContext.Account.CertificateThumbprint)); } #if NETSTANDARD result = authenticationContext.AcquireTokenAsync(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate)).Result; #else result = authenticationContext.AcquireToken(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate)); #endif } } } return(result?.AccessToken); }
public string GetAadAuthenticatedToken(AsAzureContext asAzureContext, SecureString password, PromptBehavior promptBehavior, string clientId, string resourceUri, Uri resourceRedirectUri) { var authUriBuilder = new UriBuilder((string)asAzureContext.Environment.Endpoints[AsAzureEnvironment.AsRolloutEndpoints.AdAuthorityBaseUrl]); authUriBuilder.Path = string.IsNullOrEmpty(asAzureContext.Account.Tenant) ? "common" : asAzureContext.Account.Tenant; var authenticationContext = new AuthenticationContext( authUriBuilder.ToString(), AsAzureClientSession.TokenCache); AuthenticationResult result = null; string accountType = string.IsNullOrEmpty(asAzureContext.Account.Type) ? AsAzureAccount.AccountType.User : asAzureContext.Account.Type; if (password == null && accountType == AsAzureAccount.AccountType.User) { if (asAzureContext.Account.Id != null) { result = authenticationContext.AcquireToken( resourceUri, clientId, resourceRedirectUri, promptBehavior, new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId)); } else { result = authenticationContext.AcquireToken( resourceUri, clientId, resourceRedirectUri, promptBehavior); } asAzureContext.Account.Id = result.UserInfo.DisplayableId; asAzureContext.Account.Tenant = result.TenantId; asAzureContext.Account.UniqueId = result.UserInfo.UniqueId; } else { if (accountType == AsAzureAccount.AccountType.User) { UserCredential userCredential = new UserCredential(asAzureContext.Account.Id, password); result = authenticationContext.AcquireToken(resourceUri, clientId, userCredential); asAzureContext.Account.Id = result.UserInfo.DisplayableId; asAzureContext.Account.Tenant = result.TenantId; asAzureContext.Account.UniqueId = result.UserInfo.UniqueId; } else if (accountType == AsAzureAccount.AccountType.ServicePrincipal) { if (string.IsNullOrEmpty(asAzureContext.Account.CertificateThumbprint)) { ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, password); result = authenticationContext.AcquireToken(resourceUri, credential); } else { DiskDataStore dataStore = new DiskDataStore(); var certificate = dataStore.GetCertificate(asAzureContext.Account.CertificateThumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, asAzureContext.Account.CertificateThumbprint)); } result = authenticationContext.AcquireToken(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate)); } } } return(result.AccessToken); }