/// <summary>
/// Gets the access token for service account.
/// </summary>
/// <exception cref="ArgumentNullException">Thrown if one of the following
/// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
/// JwtCertificatePath, JwtCertificatePassword.</exception>
public void GenerateAccessTokenForServiceAccount()
{
// Mark the usage.
featureUsageRegistry.MarkUsage(FEATURE_ID);
long timestamp = config.UnixTimestamp;
long expiry = timestamp + DEFAULT_EXPIRY_PERIOD;
ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
ValidateOAuth2Parameter("Scope", Scope);
// Validate certificate path and password only if private key is empty.
if (string.IsNullOrEmpty(JwtPrivateKey))
{
ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);
}
OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
.WithScope(Scope)
.WithServiceAccountEmail(ServiceAccountEmail)
.WithImpersonationEmail(PrnEmail)
.WithAudience(JWT_AUDIENCE)
.WithTimestamp(timestamp)
.WithExpiry(expiry)
.Build();
string encodedHeader = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
string encodedClaimset = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
string inputForSignature = encodedHeader + "." + encodedClaimset;
RSAParameters rsaParameters;
if (!string.IsNullOrEmpty(JwtPrivateKey))
{
rsaParameters = ConvertPKCS8ToRsaParameters(JwtPrivateKey);
}
else
{
rsaParameters = ConvertP12ToRsaParameters(JwtCertificatePath, JwtCertificatePassword);
}
string signature = Base64UrlEncode(GetRsaSha256Signature(rsaParameters,
Encoding.UTF8.GetBytes(inputForSignature)));
string jwt = inputForSignature + "." + signature;
string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
HttpUtility.UrlEncode(jwt);
try {
CallTokenEndpoint(body);
} catch (ApplicationException e) {
throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
e.Message);
}
}
/// <summary>
/// Gets the access token for service account.
/// </summary>
/// <exception cref="ArgumentNullException">Thrown if one of the following
/// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
/// JwtCertificatePath, JwtCertificatePassword.</exception>
public void GenerateAccessTokenForServiceAccount()
{
long timestamp = config.UnixTimestamp;
long expiry = timestamp + DEFAULT_EXPIRY_PERIOD;
ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
ValidateOAuth2Parameter("Scope", Scope);
ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);
OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
.WithScope(Scope)
.WithServiceAccountEmail(ServiceAccountEmail)
.WithImpersonationEmail(PrnEmail)
.WithAudience(JWT_AUDIENCE)
.WithTimestamp(timestamp)
.WithExpiry(expiry)
.Build();
string encodedHeader = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
string encodedClaimset = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
string inputForSignature = encodedHeader + "." + encodedClaimset;
X509Certificate2 jwtCertificate = new X509Certificate2(JwtCertificatePath,
JwtCertificatePassword);
string signature = Base64UrlEncode(GetRsaSha256Signature(jwtCertificate,
Encoding.UTF8.GetBytes(inputForSignature)));
string jwt = inputForSignature + "." + signature;
string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
HttpUtility.UrlEncode(jwt);
try {
CallTokenEndpoint(body);
} catch (ApplicationException e) {
throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
e.Message);
}
}
/// <summary>
/// Gets the access token for service account.
/// </summary>
/// <exception cref="ArgumentNullException">Thrown if one of the following
/// OAuth2 parameters are empty: ServiceAccountEmail, Scope,
/// JwtCertificatePath, JwtCertificatePassword.</exception>
public void GenerateAccessTokenForServiceAccount()
{
// Mark the usage.
featureUsageRegistry.MarkUsage(FEATURE_ID);;
long timestamp = config.UnixTimestamp;
long expiry = timestamp + DEFAULT_EXPIRY_PERIOD;
ValidateOAuth2Parameter("ServiceAccountEmail", ServiceAccountEmail);
ValidateOAuth2Parameter("Scope", Scope);
ValidateOAuth2Parameter("JwtCertificatePath", JwtCertificatePath);
ValidateOAuth2Parameter("JwtCertificatePassword", JwtCertificatePassword);
OAuth2JwtClaimset jwtClaimset = new OAuth2JwtClaimsetBuilder()
.WithScope(Scope)
.WithServiceAccountEmail(ServiceAccountEmail)
.WithImpersonationEmail(PrnEmail)
.WithAudience(JWT_AUDIENCE)
.WithTimestamp(timestamp)
.WithExpiry(expiry)
.Build();
string encodedHeader = Base64UrlEncode(Encoding.UTF8.GetBytes(JWT_HEADER));
string encodedClaimset = Base64UrlEncode(Encoding.UTF8.GetBytes(jwtClaimset.ToJson()));
string inputForSignature = encodedHeader + "." + encodedClaimset;
X509Certificate2 jwtCertificate = new X509Certificate2(JwtCertificatePath,
JwtCertificatePassword);
string signature = Base64UrlEncode(GetRsaSha256Signature(jwtCertificate,
Encoding.UTF8.GetBytes(inputForSignature)));
string jwt = inputForSignature + "." + signature;
string body = "grant_type=" + HttpUtility.UrlEncode(JWT_GRANT_TYPE) + "&assertion=" +
HttpUtility.UrlEncode(jwt);
try {
CallTokenEndpoint(body);
} catch (ApplicationException e) {
throw new AdsOAuthException("Failed to get access token for service account." + "\n" +
e.Message);
}
}