/// <summary>
/// Log in to Azure active directory with both user account and authentication credentials provided by the user. This call may display a
/// credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain,
ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, TokenCache cache)
{
return(await LoginWithPromptAsync(domain, clientSettings, serviceSettings,
UserIdentifier.AnyUser, cache));
}
/// <summary>
/// Log in to Azure active directory using the given username with authentication provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="username">The username to use for authentication.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain,
ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, string username, TokenCache cache)
{
return(await LoginWithPromptAsync(domain, clientSettings, serviceSettings,
new UserIdentifier(username, UserIdentifierType.RequiredDisplayableId), cache));
}
/// <summary>
/// Log in to Azure active directory with both user account and authentication credentials provided by the user. This call may display a
/// credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain,
ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings)
{
return(await LoginWithPromptAsync(domain, clientSettings, serviceSettings,
UserIdentifier.AnyUser, TokenCache.DefaultShared).ConfigureAwait(false));
}
// Interactive authentication is not implemented for CoreCLR.
#if !PORTABLE
/// <summary>
/// Log in to Azure active directory common tenant with user account and authentication provided by the user. Authentication is automatically scoped to the default azure management endpoint.
/// This call may display a credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(
ActiveDirectoryClientSettings clientSettings)
{
return(await LoginWithPromptAsync(CommonTenantId, clientSettings, ActiveDirectoryServiceSettings.Azure,
UserIdentifier.AnyUser, TokenCache.DefaultShared));
}
/// <summary>
/// Log in to Azure active directory with credentials provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="userId">The userid of the desired credentials</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain, ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, UserIdentifier userId, TokenCache cache)
{
var authenticationContext = GetAuthenticationContext(domain, serviceSettings, cache);
TaskScheduler scheduler = TaskScheduler.FromCurrentSynchronizationContext();
var task = new Task <AuthenticationResult>(() =>
{
try
{
var result = authenticationContext.AcquireToken(
serviceSettings.TokenAudience.ToString(),
clientSettings.ClientId,
clientSettings.ClientRedirectUri,
clientSettings.PromptBehavior,
userId,
clientSettings.AdditionalQueryParameters);
return(result);
}
catch (Exception e)
{
throw new AuthenticationException(
string.Format(CultureInfo.CurrentCulture, Resources.ErrorAcquiringToken,
e.Message), e);
}
});
task.Start(scheduler);
var authResult = await task.ConfigureAwait(false);
var newUserId = new UserIdentifier(authResult.UserInfo.DisplayableId,
UserIdentifierType.RequiredDisplayableId);
return(new TokenCredentials(new UserTokenProvider(authenticationContext, clientSettings.ClientId,
serviceSettings.TokenAudience, newUserId)));
}
/// <summary>
/// Log in to Azure active directory common tenant using the given username, with authentication provided by the user. Authentication is automatically scoped to the default azure management endpoint.
/// This call may display a credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="username">The username to use for authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(
ActiveDirectoryClientSettings clientSettings, string username)
{
return(await LoginWithPromptAsync(CommonTenantId, clientSettings, ActiveDirectoryServiceSettings.Azure,
new UserIdentifier(username, UserIdentifierType.RequiredDisplayableId), TokenCache.DefaultShared));
}
public void ClientSettingsDefaultToAutoPrompt()
{
var clientId = Guid.NewGuid().ToString();
var clientUri = new Uri("https://www.contoso.com/callbacks/");
var settings = new ActiveDirectoryClientSettings(clientId, clientUri);
Assert.Equal(clientId, settings.ClientId);
Assert.Equal(clientUri, settings.ClientRedirectUri);
#if !PORTABLE
Assert.Equal(PromptBehavior.Auto, settings.PromptBehavior);
#endif
Assert.Equal(ActiveDirectoryClientSettings.EnableEbdMagicCookie, settings.AdditionalQueryParameters);
}
/// <summary>
/// Log in to Azure active directory with credentials provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="taskScheduler">Scheduler needed to run the task</param>
/// <returns></returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain, ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, Func <TaskScheduler> taskScheduler)
{
return(await LoginWithPromptAsync(domain, clientSettings, serviceSettings, UserIdentifier.AnyUser, TokenCache.DefaultShared, taskScheduler));
}
/// <summary>
/// Log in to Azure active directory with credentials provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="userId">The userid of the desired credentials</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(string domain, ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, UserIdentifier userId, TokenCache cache)
{
TaskScheduler scheduler;
if (SynchronizationContext.Current != null)
{
scheduler = TaskScheduler.FromCurrentSynchronizationContext();
}
else
{
scheduler = TaskScheduler.Current;
}
return(await LoginWithPromptAsync(domain, clientSettings, serviceSettings, userId, cache, () => { return scheduler; }).ConfigureAwait(false));
}
/// <summary>
/// Log in to Azure active directory common tenant with user account and authentication provided by the user. Authentication is automatically scoped to the default azure management endpoint.
/// This call may display a credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>ServiceClientCredentials object for the common tenant that match provided authentication credentials.</returns>
public static async Task <ServiceClientCredentials> LoginWithPromptAsync(
ActiveDirectoryClientSettings clientSettings, TokenCache cache)
{
return(await LoginWithPromptAsync(CommonTenantId, clientSettings, ActiveDirectoryServiceSettings.Azure,
UserIdentifier.AnyUser, cache).ConfigureAwait(false));
}
/// <summary>
/// Log in to Azure active directory common tenant using the given username, with authentication provided by the user. Authentication is automatically scoped to the default azure management endpoint.
/// This call may display a credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="username">The username to use for authentication.</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task<ServiceClientCredentials> LoginWithPromptAsync(
ActiveDirectoryClientSettings clientSettings, string username, TokenCache cache)
{
return await LoginWithPromptAsync(CommonTenantId, clientSettings, ActiveDirectoryServiceSettings.Azure,
new UserIdentifier(username, UserIdentifierType.RequiredDisplayableId), cache);
}
// Interactive authentication is not implemented for Dnx.
#if !PORTABLE
/// <summary>
/// Log in to Azure active directory common tenant with user account and authentication provided by the user. Authentication is automatically scoped to the default azure management endpoint.
/// This call may display a credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task<ServiceClientCredentials> LoginWithPromptAsync(
ActiveDirectoryClientSettings clientSettings)
{
return await LoginWithPromptAsync(CommonTenantId, clientSettings, ActiveDirectoryServiceSettings.Azure,
UserIdentifier.AnyUser, TokenCache.DefaultShared);
}
/// <summary>
/// Log in to Azure active directory with credentials provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="userId">The userid of the desired credentials</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task<ServiceClientCredentials> LoginWithPromptAsync(string domain, ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, UserIdentifier userId, TokenCache cache)
{
var authenticationContext = GetAuthenticationContext(domain, serviceSettings, cache);
TaskScheduler scheduler = TaskScheduler.FromCurrentSynchronizationContext();
var task = new Task<AuthenticationResult>(() =>
{
try
{
var result = authenticationContext.AcquireToken(
serviceSettings.TokenAudience.ToString(),
clientSettings.ClientId,
clientSettings.ClientRedirectUri,
clientSettings.PromptBehavior,
userId,
clientSettings.AdditionalQueryParameters);
return result;
}
catch (Exception e)
{
throw new AuthenticationException(
string.Format(CultureInfo.CurrentCulture, Resources.ErrorAcquiringToken,
e.Message), e);
}
});
task.Start(scheduler);
var authResult = await task.ConfigureAwait(false);
var newUserId = new UserIdentifier(authResult.UserInfo.DisplayableId,
UserIdentifierType.RequiredDisplayableId);
return new TokenCredentials(new UserTokenProvider(authenticationContext, clientSettings.ClientId,
serviceSettings.TokenAudience, newUserId));
}
/// <summary>
/// Log in to Azure active directory using the given username with authentication provided by the user. This call may display a credentials
/// dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="username">The username to use for authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task<ServiceClientCredentials> LoginWithPromptAsync(string domain,
ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, string username)
{
return await LoginWithPromptAsync(domain, clientSettings, serviceSettings,
new UserIdentifier(username, UserIdentifierType.RequiredDisplayableId), TokenCache.DefaultShared);
}
/// <summary>
/// Log in to Azure active directory with both user account and authentication credentials provided by the user. This call may display a
/// credentials dialog, depending on the supplied client settings and the state of the token cache and user cookies.
/// </summary>
/// <param name="domain">The domain to authenticate against.</param>
/// <param name="clientSettings">The client settings to use for authentication. These determine when a dialog will be displayed.</param>
/// <param name="serviceSettings">The settings for ad service, including endpoint and token audience</param>
/// <param name="cache">The token cache to target during authentication.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
public static async Task<ServiceClientCredentials> LoginWithPromptAsync(string domain,
ActiveDirectoryClientSettings clientSettings,
ActiveDirectoryServiceSettings serviceSettings, TokenCache cache)
{
return await LoginWithPromptAsync(domain, clientSettings, serviceSettings,
UserIdentifier.AnyUser, cache);
}
