/// <summary>
/// Creates an instance of the ManagedIdentityCredential capable of authenticating a resource with a managed identity.
/// </summary>
/// <param name="clientId">
/// The client id to authenticate for a user assigned managed identity. More information on user assigned managed identities can be found here:
/// https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview#how-a-user-assigned-managed-identity-works-with-an-azure-vm
/// </param>
/// <param name="options">Options to configure the management of the requests sent to the Azure Active Directory service.</param>
public ManagedIdentityCredential(string clientId = null, TokenCredentialOptions options = null)
: this(clientId, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
public SharedTokenCacheCredential()
: this(null, null, CredentialPipeline.GetInstance(null))
{
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
/// <param name="username">The username of the user to authenticate</param>
/// <param name="options">The client options for the newly created <see cref="SharedTokenCacheCredential"/></param>
public SharedTokenCacheCredential(string username, TokenCredentialOptions options = default)
: this(tenantId : null, username : username, pipeline : CredentialPipeline.GetInstance(options))
{
}
internal AzureCliCredential(CredentialPipeline pipeline)
: this(pipeline, new AzureCliCredentialClient())
{
}
/// <summary>
/// Creates an instance of the <see cref="DefaultAzureCredential"/> class.
/// </summary>
/// <param name="options">Options that configure the management of the requests sent to Azure Active Directory services, and determine which credentials are included in the <see cref="DefaultAzureCredential"/> authentication flow.</param>
public DefaultAzureCredential(DefaultAzureCredentialOptions options)
: this(new DefaultAzureCredentialFactory(CredentialPipeline.GetInstance(options)), options)
{
}
protected ManagedIdentitySource(CredentialPipeline pipeline)
{
Pipeline = pipeline;
_responseClassifier = new ManagedIdentityResponseClassifier();
}
private AppServiceV2017ManagedIdentitySource(CredentialPipeline pipeline, Uri endpoint, string secret,
ManagedIdentityClientOptions options) : base(pipeline, endpoint, secret, options)
{
}
/// <summary>
/// Creates an instance of the <see cref="UsernamePasswordCredential"/> with the details needed to authenticate against Azure Active Directory with a simple username
/// and password.
/// </summary>
/// <param name="username"></param>
/// <param name="password">The user account's user name, UPN.</param>
/// <param name="tenantId">The Azure Active Directory tenant (directory) ID or name.</param>
/// <param name="clientId">The client (application) ID of an App Registration in the tenant.</param>
/// <param name="options">The client options for the newly created UsernamePasswordCredential</param>
public UsernamePasswordCredential(string username, string password, string tenantId, string clientId, TokenCredentialOptions options)
: this(username, password, tenantId, clientId, CredentialPipeline.GetInstance(options))
{
}
internal UsernamePasswordCredential(string username, string password, string tenantId, string clientId, CredentialPipeline pipeline)
: this(username, password, pipeline, pipeline.CreateMsalPublicClient(clientId, tenantId))
{
}
public MsalPublicClient(CredentialPipeline pipeline, string tenantId, string clientId, string redirectUrl, ITokenCacheOptions cacheOptions, bool isPiiLoggingEnabled, Action <PublicClientApplicationBuilder> beforeBuildClient = null)
: base(pipeline, tenantId, clientId, isPiiLoggingEnabled, cacheOptions)
{
RedirectUrl = redirectUrl;
_beforeBuildClient = beforeBuildClient;
}
internal InteractiveBrowserCredential(string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client)
{
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalPublicClient(_pipeline, tenantId, clientId, null, options as ITokenCacheOptions);
}
internal DefaultAzureCredential(DefaultAzureCredentialFactory factory, DefaultAzureCredentialOptions options)
{
_pipeline = factory.Pipeline;
_sources = GetDefaultAzureCredentialChain(factory, options);
_credentialLock = new AsyncLockWithValue <TokenCredential>();
}
internal ManagedIdentityCredential(CredentialPipeline pipeline, ManagedIdentityClient client)
{
_pipeline = pipeline;
_client = client;
}
internal ManagedIdentityCredential(string clientId, CredentialPipeline pipeline)
: this(pipeline, new ManagedIdentityClient(pipeline, clientId))
{
}
internal AzureCliCredential(CredentialPipeline pipeline, IProcessService processService)
{
_pipeline = pipeline;
_path = !string.IsNullOrEmpty(EnvironmentVariables.Path) ? EnvironmentVariables.Path : DefaultPath;
_processService = processService ?? ProcessService.Default;
}
internal InteractiveBrowserCredential(string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline)
: this(tenantId, clientId, options, pipeline, null)
{
}
internal ClientSecretCredential(string tenantId, string clientId, string clientSecret, TokenCredentialOptions options, CredentialPipeline pipeline, MsalConfidentialClient client)
{
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
ClientSecret = clientSecret ?? throw new ArgumentNullException(nameof(clientSecret));
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalConfidentialClient(_pipeline, tenantId, clientId, clientSecret, options as ITokenCacheOptions);
}
internal InteractiveBrowserCredential(string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client)
{
Argument.AssertNotNull(clientId, nameof(clientId));
ClientId = clientId;
_tenantId = tenantId;
_allowMultiTenantAuthentication = options?.AllowMultiTenantAuthentication ?? false;
Pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
LoginHint = (options as InteractiveBrowserCredentialOptions)?.LoginHint;
var redirectUrl = (options as InteractiveBrowserCredentialOptions)?.RedirectUri?.AbsoluteUri ?? Constants.DefaultRedirectUrl;
Client = client ?? new MsalPublicClient(Pipeline, tenantId, clientId, redirectUrl, options as ITokenCacheOptions, options?.IsLoggingPIIEnabled ?? false);
}
public ManagedIdentityClient(CredentialPipeline pipeline, string clientId = null)
{
_pipeline = pipeline;
ClientId = clientId;
}
public MsalConfidentialClient(CredentialPipeline pipeline, string tenantId, string clientId, Func <string> assertionCallback, ITokenCacheOptions cacheOptions, RegionalAuthority?regionalAuthority, bool isPiiLoggingEnabled)
: base(pipeline, tenantId, clientId, isPiiLoggingEnabled, cacheOptions)
{
_assertionCallback = assertionCallback;
RegionalAuthority = regionalAuthority;
}
/// <summary>
/// Create an instance of CliCredential class.
/// </summary>
public AzureCliCredential()
: this(CredentialPipeline.GetInstance(null), new AzureCliCredentialClient())
{
}
internal DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline)
: this(deviceCodeCallback, tenantId, clientId, options, pipeline, null)
{
}
internal AzureCliCredential(CredentialPipeline pipeline, AzureCliCredentialClient client)
{
_pipeline = pipeline;
_client = client;
}
internal DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, string tenantId, string clientId, TokenCredentialOptions options, CredentialPipeline pipeline, MsalPublicClient client)
{
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
_deviceCodeCallback = deviceCodeCallback ?? throw new ArgumentNullException(nameof(deviceCodeCallback));
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_client = client ?? new MsalPublicClient(_pipeline, tenantId, clientId, AzureAuthorityHosts.GetDeviceCodeRedirectUri(_pipeline.AuthorityHost).ToString(), options as ITokenCacheOptions);
}
internal DefaultAzureCredential(DefaultAzureCredentialFactory factory, DefaultAzureCredentialOptions options)
{
_pipeline = factory.Pipeline;
_sources = GetDefaultAzureCredentialChain(factory, options);
}
public DefaultAzureCredentialFactory(CredentialPipeline pipeline)
{
Pipeline = pipeline;
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
/// <param name="options">The client options for the newly created <see cref="SharedTokenCacheCredential"/></param>
public SharedTokenCacheCredential(SharedTokenCacheCredentialOptions options)
: this(options?.TenantId, options?.Username, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Create an instance of CliCredential class.
/// </summary>
public AzureCliCredential()
: this(CredentialPipeline.GetInstance(null), default)
{
}
internal SharedTokenCacheCredential(string tenantId, string username, CredentialPipeline pipeline)
: this(tenantId : tenantId, username : username, pipeline : pipeline, client : pipeline.CreateMsalPublicClient(Constants.DeveloperSignOnClientId, tenantId : tenantId, attachSharedCache : true))
{
}
internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential credential)
{
_pipeline = pipeline;
_credential = credential;
}