private ExtendedAccessToken GetTokenImpl(TokenRequestContext requestContext, CancellationToken cancellationToken)
{
using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("ManagedIdentityCredential.GetToken", requestContext);
try
{
ExtendedAccessToken result = _client.Authenticate(requestContext.Scopes, cancellationToken);
if (result.Exception != null)
{
scope.Failed(result.Exception);
}
else
{
scope.Succeeded(result.AccessToken);
}
return(result);
}
catch (OperationCanceledException e)
{
scope.Failed(e);
throw;
}
catch (Exception e)
{
return(new ExtendedAccessToken(scope.Failed(e)));
}
}
private ExtendedAccessToken GetTokenImpl(TokenRequestContext requestContext, CancellationToken cancellationToken)
{
using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("Azure.Identity.ManagedIdentityCredential.GetToken", requestContext);
try
{
MsiType msiType = _client.GetMsiType(cancellationToken);
// if msi is unavailable or we were unable to determine the type return a default access token
if (msiType == MsiType.Unavailable || msiType == MsiType.Unknown)
{
return(new ExtendedAccessToken(scope.Failed(new CredentialUnavailableException(MsiUnavailableError))));
}
AccessToken token = _client.Authenticate(msiType, requestContext.Scopes, _clientId, cancellationToken);
return(new ExtendedAccessToken(scope.Succeeded(token)));
}
catch (OperationCanceledException e)
{
scope.Failed(e);
throw;
}
catch (Exception e)
{
return(new ExtendedAccessToken(scope.Failed(e)));
}
}
/// <summary>
/// Obtains an <see cref="AccessToken"/> from the Managed Identity service if available.
/// </summary>
/// <param name="scopes">The list of scopes for which the token will have access.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls, or a default <see cref="AccessToken"/> if no managed identity is available.</returns>
public override AccessToken GetToken(string[] scopes, CancellationToken cancellationToken = default)
{
return(_client.Authenticate(scopes, _clientId, cancellationToken));
}
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken)
{
using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("ManagedIdentityCredential.GetToken", requestContext);
try
{
AccessToken result = async ? await _client.AuthenticateAsync(requestContext.Scopes, cancellationToken).ConfigureAwait(false) : _client.Authenticate(requestContext.Scopes, cancellationToken);
return(scope.Succeeded(result));
}
catch (OperationCanceledException e)
{
scope.Failed(e);
throw;
}
catch (Exception e)
{
throw scope.FailAndWrap(e);
}
}
/// <summary>
/// Obtains an <see cref="AccessToken"/> from the Managed Identity service if available.
/// </summary>
/// <param name="requestContext">The details of the authentication request.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls, or a default <see cref="AccessToken"/> if no managed identity is available.</returns>
public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default)
{
return(_client.Authenticate(requestContext.Scopes, _clientId, cancellationToken));
}
