/// <summary>
        /// Gets the access token for service account.
        /// </summary>
        /// <exception cref="ArgumentNullException">Thrown if one of the following
        /// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
        /// JwtCertificatePath, JwtCertificatePassword.</exception>
        public void GenerateAccessTokenForServiceAccount()
        {
            // Mark the usage.
            featureUsageRegistry.MarkUsage(FEATURE_ID);

            long timestamp = config.UnixTimestamp;
            long expiry    = timestamp + DEFAULT_EXPIRY_PERIOD;

            ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
            ValidateOAuth2Parameter("Scope", Scope);

            // Validate certificate path and password only if private key is empty.
            if (string.IsNullOrEmpty(JwtPrivateKey))
            {
                ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
                ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);
            }

            OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
                                            .WithScope(Scope)
                                            .WithServiceAccountEmail(ServiceAccountEmail)
                                            .WithImpersonationEmail(PrnEmail)
                                            .WithAudience(JWT_AUDIENCE)
                                            .WithTimestamp(timestamp)
                                            .WithExpiry(expiry)
                                            .Build();

            string encodedHeader     = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
            string encodedClaimset   = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
            string inputForSignature = encodedHeader + "." + encodedClaimset;

            RSAParameters rsaParameters;

            if (!string.IsNullOrEmpty(JwtPrivateKey))
            {
                rsaParameters = ConvertPKCS8ToRsaParameters(JwtPrivateKey);
            }
            else
            {
                rsaParameters = ConvertP12ToRsaParameters(JwtCertificatePath, JwtCertificatePassword);
            }

            string signature = Base64UrlEncode(GetRsaSha256Signature(rsaParameters,
                                                                     Encoding.UTF8.GetBytes(inputForSignature)));
            string jwt = inputForSignature + "." + signature;

            string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
                          HttpUtility.UrlEncode(jwt);

            try {
                CallTokenEndpoint(body);
            } catch (ApplicationException e) {
                throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
                                            e.Message);
            }
        }
コード例 #2
0
        /// <summary>
        /// Gets the access token for service account.
        /// </summary>
        /// <exception cref="ArgumentNullException">Thrown if one of the following
        /// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
        /// JwtCertificatePath, JwtCertificatePassword.</exception>
        public void GenerateAccessTokenForServiceAccount()
        {
            long timestamp = config.UnixTimestamp;
            long expiry    = timestamp + DEFAULT_EXPIRY_PERIOD;

            ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
            ValidateOAuth2Parameter("Scope", Scope);
            ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
            ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);

            OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
                                            .WithScope(Scope)
                                            .WithServiceAccountEmail(ServiceAccountEmail)
                                            .WithImpersonationEmail(PrnEmail)
                                            .WithAudience(JWT_AUDIENCE)
                                            .WithTimestamp(timestamp)
                                            .WithExpiry(expiry)
                                            .Build();

            string encodedHeader     = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
            string encodedClaimset   = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
            string inputForSignature = encodedHeader + "." + encodedClaimset;

            X509Certificate2 jwtCertificate = new X509Certificate2(JwtCertificatePath,
                                                                   JwtCertificatePassword);

            string signature = Base64UrlEncode(GetRsaSha256Signature(jwtCertificate,
                                                                     Encoding.UTF8.GetBytes(inputForSignature)));
            string jwt = inputForSignature + "." + signature;

            string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
                          HttpUtility.UrlEncode(jwt);

            try {
                CallTokenEndpoint(body);
            } catch (ApplicationException e) {
                throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
                                            e.Message);
            }
        }
コード例 #3
0
        /// <summary>
        /// Gets the access token for service account.
        /// </summary>
        /// <exception cref="ArgumentNullException">Thrown if one of the following
        /// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
        /// JwtCertificatePath, JwtCertificatePassword.</exception>
        public void GenerateAccessTokenForServiceAccount()
        {
            // Mark the usage.
              featureUsageRegistry.MarkUsage(FEATURE_ID);;

              long timestamp = config.UnixTimestamp;
              long expiry = timestamp + DEFAULT_EXPIRY_PERIOD;

              ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
              ValidateOAuth2Parameter("Scope", Scope);
              ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
              ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);

              OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
              .WithScope(Scope)
              .WithServiceAccountEmail(ServiceAccountEmail)
              .WithImpersonationEmail(PrnEmail)
              .WithAudience(JWT_AUDIENCE)
              .WithTimestamp(timestamp)
              .WithExpiry(expiry)
              .Build();

              string encodedHeader = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
              string encodedClaimset = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
              string inputForSignature = encodedHeader + "." + encodedClaimset;

              X509Certificate2 jwtCertificate = new X509Certificate2(JwtCertificatePath,
              JwtCertificatePassword);

              string signature = Base64UrlEncode(GetRsaSha256Signature(jwtCertificate,
              Encoding.UTF8.GetBytes(inputForSignature)));
              string jwt = inputForSignature + "." + signature;

              string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
              HttpUtility.UrlEncode(jwt);

              try {
            CallTokenEndpoint(body);
              } catch (ApplicationException e) {
            throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
            e.Message);
              }
        }