/// <summary> /// Get SP Client Context based on user name and password stored in AppSettings /// </summary> public ClientContext GetClientContextWithUserNamePassword(string webUrl) { string userName = KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["kv:ServicePrincipalNameSecretName"], this.TraceWriter).Result; string password = KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["kv:ServicePrincipalPasswordSecretName"], this.TraceWriter).Result; return(GetClientContextWithUserNamePassword(webUrl, userName, password)); }
private ClientContext GetClientContextWithSharePointAppIdentity(string webUrl) { string appId = KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["sps:spGroupRequestAppIdKeyVaultSecretName"], this.TraceWriter).Result; string appSecret = KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["sps:spGroupRequestAppSecretKeyVaultSecretName"], this.TraceWriter).Result; this.TraceWriter.Info($"Creating SP Client Context with SharePoint App Identity to {webUrl} with appId { appId }"); ClientContext clientContext = new OfficeDevPnP.Core.AuthenticationManager().GetAppOnlyAuthenticatedContext(webUrl, appId, appSecret); return(clientContext); }
/// <summary> /// Get Delegated access token to AAD with credentials stored in AppSettings /// </summary> /// <returns></returns> public static async Task <string> GetAzureDelegatedAuthenticationToken(string resource, TraceWriter log) { log.Info($"Getting delegated app access token"); string authority = $"https://login.microsoftonline.com/{ ConfigurationManager.AppSettings["o365:SpoTenantName"] }"; string tenantId = ConfigurationManager.AppSettings["aad:TenantId"]; string clientId = ConfigurationManager.AppSettings["aad:NativeAppId"]; UserCredential userCredential = new UserCredential( KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["kv:ServicePrincipalNameSecretName"], log).Result, KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["kv:ServicePrincipalPasswordSecretName"], log).Result); AuthenticationContext context = new AuthenticationContext(authority); var result = await context.AcquireTokenAsync(resource, clientId, userCredential); log.Info($"auth result for { userCredential.UserName } is { result.UserInfo } { result.AccessTokenType }"); return(result.AccessToken); }
/// <summary> /// Get client context with Azure AD App and authenticate with certificate /// </summary> /// <param name="notification"></param> /// <param name="log"></param> /// <param name="exeuctionContext"></param> /// <returns></returns> public ClientContext GetClientContextWithAzureAppIdentity(string webUrl, ExecutionContext exeuctionContext) { //string url = String.Format("https://{0}{1}", ConfigurationManager.AppSettings["o365:SpoTenantUrl"], notification.SiteUrl); string spoTenantName = ConfigurationManager.AppSettings["o365:SpoTenantName"]; string clientId = ConfigurationManager.AppSettings["aad:ApplicationId"]; string clientSecret = ConfigurationManager.AppSettings["aad:ApplicationSecret"]; string certName = ConfigurationManager.AppSettings["aad:ApplicationCertificatePrivateKeyFileName"]; string certPassword = KeyVaultUtility.GetSecret(ConfigurationManager.AppSettings["kv:ApplicationCertificatePasswordSecretName"], this.TraceWriter).Result; this.TraceWriter.Info($"Tenant Name is { spoTenantName } Client ID is {clientId } client Secret is { clientSecret } Cert name is { certName } Cert password is { certPassword }"); //Cert is at the root of the function //string certPath = Path.Combine(Directory.GetParent(exeuctionContext.FunctionDirectory).FullName, certName); string certPath = Path.Combine(exeuctionContext.FunctionDirectory, certName); this.TraceWriter.Info($"Getting X509Certificate from { certPath }"); this.TraceWriter.Info($"Parent path is {Path.Combine(Directory.GetParent(exeuctionContext.FunctionDirectory).FullName, certName)}"); X509Certificate2 cert = new X509Certificate2(certPath, certPassword); this.TraceWriter.Info($"Creating SP Client Context with Azure App Identity to {webUrl}"); return(new OfficeDevPnP.Core.AuthenticationManager().GetAzureADAppOnlyAuthenticatedContext(webUrl, clientId, spoTenantName, cert)); }