/// <summary> /// Computes the URL of the authorization request letting the user sign-in and consent to the application accessing specific scopes in /// the user's name. The URL targets the /authorize endpoint of the authority configured in the application. /// This override enables you to specify a login hint and extra query parameter. /// </summary> /// <param name="scopes">Scopes requested to access a protected API</param> /// <returns>A builder enabling you to add optional parameters before executing the token request to get the /// URL of the STS authorization endpoint parametrized with the parameters</returns> /// <remarks>You can also chain the following optional parameters: /// <see cref="GetAuthorizationRequestUrlParameterBuilder.WithRedirectUri(string)"/> /// <see cref="GetAuthorizationRequestUrlParameterBuilder.WithLoginHint(string)"/> /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithExtraQueryParameters(Dictionary{string, string})"/> /// <see cref="GetAuthorizationRequestUrlParameterBuilder.WithExtraScopesToConsent(IEnumerable{string})"/> /// </remarks> public GetAuthorizationRequestUrlParameterBuilder GetAuthorizationRequestUrl( IEnumerable <string> scopes) { return(GetAuthorizationRequestUrlParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes)); }
/// <summary> /// Acquires a token from the authority configured in the app, for the confidential client itself (in the name of no user) /// using the client credentials flow. See https://aka.ms/msal-net-client-credentials. /// </summary> /// <param name="scopes">scopes requested to access a protected API. For this flow (client credentials), the scopes /// should be of the form "{ResourceIdUri/.default}" for instance <c>https://management.azure.net/.default</c> or, for Microsoft /// Graph, <c>https://graph.microsoft.com/.default</c> as the requested scopes are defined statically with the application registration /// in the portal, and cannot be overriden in the application.</param> /// <returns>A builder enabling you to add optional parameters before executing the token request</returns> /// <remarks>You can also chain the following optional parameters: /// <see cref="AcquireTokenForClientParameterBuilder.WithForceRefresh(bool)"/> /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithExtraQueryParameters(Dictionary{string, string})"/> /// </remarks> public AcquireTokenForClientParameterBuilder AcquireTokenForClient( IEnumerable <string> scopes) { return(AcquireTokenForClientParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes)); }
/// <summary> /// Acquires a security token from the authority configured in the app using the authorization code /// previously received from the STS. /// It uses the OAuth 2.0 authorization code flow (See https://aka.ms/msal-net-authorization-code). /// It's usually used in web apps (for instance ASP.NET / ASP.NET Core web apps) which sign-in users, /// and can request an authorization code. /// This method does not lookup the token cache, but stores the result in it, so it can be looked up /// using other methods such as <see cref="IClientApplicationBase.AcquireTokenSilent(IEnumerable{string}, IAccount)"/>. /// </summary> /// <param name="scopes">Scopes requested to access a protected API</param> /// <param name="authorizationCode">The authorization code received from the service authorization endpoint.</param> /// <returns>A builder enabling you to add optional parameters before executing the token request</returns> /// <remarks>You can set optional parameters by chaining the builder with: /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithAuthority(string, bool)"/>, /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithExtraQueryParameters(Dictionary{string, string})"/>, /// </remarks> public AcquireTokenByAuthorizationCodeParameterBuilder AcquireTokenByAuthorizationCode( IEnumerable <string> scopes, string authorizationCode) { return(AcquireTokenByAuthorizationCodeParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes, authorizationCode)); }
/// <summary> /// Acquires an access token for this application (usually a Web API) from the authority configured in the application, /// in order to access another downstream protected Web API on behalf of a user using the OAuth 2.0 On-Behalf-Of flow. /// See https://aka.ms/msal-net-on-behalf-of. /// This confidential client application was itself called with a token which will be provided in the /// <paramref name="userAssertion">userAssertion</paramref> parameter. /// </summary> /// <param name="scopes">Scopes requested to access a protected API</param> /// <param name="userAssertion">Instance of <see cref="UserAssertion"/> containing credential information about /// the user on behalf of whom to get a token.</param> /// <returns>A builder enabling you to add optional parameters before executing the token request</returns> /// <remarks>You can also chain the following optional parameters: /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithExtraQueryParameters(Dictionary{string, string})"/> /// </remarks> public AcquireTokenOnBehalfOfParameterBuilder AcquireTokenOnBehalfOf( IEnumerable <string> scopes, UserAssertion userAssertion) { return(AcquireTokenOnBehalfOfParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes, userAssertion)); }
/// <inheritdoc /> public AcquireTokenOnBehalfOfParameterBuilder AcquireTokenInLongRunningProcess( IEnumerable <string> scopes, string longRunningProcessSessionKey) { if (string.IsNullOrEmpty(longRunningProcessSessionKey)) { throw new ArgumentNullException(nameof(longRunningProcessSessionKey)); } return(AcquireTokenOnBehalfOfParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes, longRunningProcessSessionKey)); }
/// <summary> /// Acquires an access token for this application (usually a Web API) from the authority configured in the application, /// in order to access another downstream protected web API on behalf of a user using the OAuth 2.0 On-Behalf-Of flow. /// See https://aka.ms/msal-net-on-behalf-of. /// This confidential client application was itself called with a token which will be provided in the /// <paramref name="userAssertion">userAssertion</paramref> parameter. /// </summary> /// <param name="scopes">Scopes requested to access a protected API</param> /// <param name="userAssertion">Instance of <see cref="UserAssertion"/> containing credential information about /// the user on behalf of whom to get a token.</param> /// <returns>A builder enabling you to add optional parameters before executing the token request</returns> /// <remarks>You can also chain the following optional parameters: /// <see cref="AbstractAcquireTokenParameterBuilder{T}.WithExtraQueryParameters(Dictionary{string, string})"/> /// </remarks> public AcquireTokenOnBehalfOfParameterBuilder AcquireTokenOnBehalfOf( IEnumerable <string> scopes, UserAssertion userAssertion) { if (userAssertion == null) { ServiceBundle.ApplicationLogger.Error("User assertion for OBO request should not be null"); throw new MsalClientException(MsalError.UserAssertionNullError); } return(AcquireTokenOnBehalfOfParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes, userAssertion)); }
/// <inheritdoc /> public AcquireTokenOnBehalfOfParameterBuilder InitiateLongRunningProcessInWebApi( IEnumerable <string> scopes, string userToken, ref string longRunningProcessSessionKey) { if (string.IsNullOrEmpty(userToken)) { throw new ArgumentNullException(nameof(userToken)); } UserAssertion userAssertion = new UserAssertion(userToken); if (string.IsNullOrEmpty(longRunningProcessSessionKey)) { longRunningProcessSessionKey = userAssertion.AssertionHash; } return(AcquireTokenOnBehalfOfParameterBuilder.Create( ClientExecutorFactory.CreateConfidentialClientExecutor(this), scopes, userAssertion, longRunningProcessSessionKey)); }