private async Task ShouldRefreshToken(Func<HttpRequestMessage, CancellationToken, Task<HttpResponseMessage>> handlerFunc)
{
// Arrange
var tokenStore = A.Fake<ITokenStore>();
var tokenCredential = new TokenCredential { AccessToken = "access_token", RefreshToken = "refresh_token" };
A.CallTo(() => tokenStore.GetToken("tokenid")).ReturnsLazily(() => tokenCredential);
A.CallTo(() => tokenStore.StoreToken("tokenid", A<TokenResponse>._)).Invokes(x => { tokenCredential.AccessToken = x.Arguments.Get<TokenResponse>("response").AccessToken; });
var timesSendAsync = 0;
var oAuth2Client = new TestingOAuth2Client("new_access_token", "new_refresh_token");
var handler = new OAuthHttpClientHandler("tokenid", tokenStore, oAuth2Client) { InnerHandler = new TestHandler((r, c) => { timesSendAsync++; return handlerFunc.Invoke(r, c); }) };
var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "http://test/");
var client = new HttpClient(handler);
// Act
await client.SendAsync(httpRequestMessage);
// Assert
A.CallTo(() => tokenStore.StoreToken("tokenid", A<TokenResponse>.That.Matches(x => x.AccessToken == "new_access_token"))).MustHaveHappened(Repeated.Exactly.Once);
httpRequestMessage.Headers.Authorization.Should().Be(new AuthenticationHeaderValue("Bearer", "new_access_token"));
timesSendAsync.Should().Be(2);
}
public ScenesClient(Uri endpoint, TokenCredential credential) : this(endpoint, credential, new FarmBeatsClientOptions())
{
}
/// <summary>
/// Initializes a new instance of the <see cref="AppendBlobClient"/>
/// class.
/// </summary>
/// <param name="blobUri">
/// A <see cref="Uri"/> referencing the append blob that includes the
/// name of the account, the name of the container, and the name of
/// the blob.
/// This is likely to be similar to "https://{account_name}.blob.core.windows.net/{container_name}/{blob_name}".
/// </param>
/// <param name="credential">
/// The token credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public AppendBlobClient(Uri blobUri, TokenCredential credential, BlobClientOptions options = default)
: base(blobUri, credential, options)
{
}
internal PrivateEndpoint(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_privateEndpointsRestClient = new PrivateEndpointsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
internal VirtualNetworkRule(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_virtualNetworkRulesRestClient = new VirtualNetworkRulesRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
internal SiteSlotInstance(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_webAppsRestClient = new WebAppsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
/// <summary>
/// Initializes a new instance of the <see cref="ArmClient"/> class.
/// </summary>
/// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
/// <exception cref="ArgumentNullException"> If <see cref="TokenCredential"/> is null. </exception>
public ArmClient(TokenCredential credential)
: this(null, new Uri(DefaultUri), credential, null)
{
}
private void AssignAuthenticationHeader(HttpRequestMessage request, TokenCredential tokenCredential)
{
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokenCredential.AccessToken);
}
internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential credential)
{
_pipeline = pipeline;
Credential = credential;
}
public IotHubTokenCrendentialProperties(string hostName, TokenCredential credential, IReadOnlyList <string> tokenCredentialAuthenticationScopes) : base(hostName)
{
_credential = credential;
_tokenCredentialAuthenticationScopes = tokenCredentialAuthenticationScopes.ToArray();
}
/// <summary>
/// Initializes a new instance of the <see cref="SparkBatchClient"/>.
/// </summary>
public SparkBatchClient(Uri endpoint, string sparkPoolName, TokenCredential credential)
: this(endpoint, sparkPoolName, credential, SparkClientOptions.Default)
{
}
/// <summary>
/// Add a health check for Azure Service Bus Subscription.
/// </summary>
/// <param name="builder">The <see cref="IHealthChecksBuilder"/>.</param>
/// <param name="endpoint">The azure service bus endpoint to be used, format sb://myservicebus.servicebus.windows.net/.</param>
/// <param name="topicName">The topic name of the topic to check.</param>
/// <param name="topicName">The topic name of the topic to check.</param>
/// <param name="subscriptionName">The subscription name of the topic to check.</param>
/// <param name="tokenCredential">The token credential for auth
/// <param name="name">The health check name. Optional. If <c>null</c> the type name 'azuretopic' will be used for the name.</param>
/// <param name="failureStatus">
/// The <see cref="HealthStatus"/> that should be reported when the health check fails. Optional. If <c>null</c> then
/// the default status of <see cref="HealthStatus.Unhealthy"/> will be reported.
/// </param>
/// <param name="tags">A list of tags that can be used to filter sets of health checks. Optional.</param>
/// <param name="configuringMessage">Message configuration Action, usually used when topic is partitioned or with duplication detection feature enabled. Optional.</param>
/// <param name="timeout">An optional System.TimeSpan representing the timeout of the check.</param>
/// <returns>The <see cref="IHealthChecksBuilder"/>.</returns>
public static IHealthChecksBuilder AddAzureServiceBusSubscription(this IHealthChecksBuilder builder, string endpoint, string topicName, string subscriptionName, TokenCredential tokenCredential, string name = default, HealthStatus?failureStatus = default, IEnumerable <string> tags = default, TimeSpan?timeout = default)
{
return(builder.Add(new HealthCheckRegistration(
name ?? AZURESUBSCRIPTION_NAME,
sp => new AzureServiceBusSubscriptionHealthCheck(endpoint, topicName, subscriptionName, tokenCredential),
failureStatus,
tags,
timeout)));
}
/// <summary>
/// Add a health check for specified Azure Service Bus Queue.
/// </summary>
/// <param name="builder">The <see cref="IHealthChecksBuilder"/>.</param>
/// <param name="endpoint">The azure service bus endpoint to be used, format sb://myservicebus.servicebus.windows.net/.</param>
/// <param name="queueName">The name of the queue to check.</param>
/// <param name="tokenCredential">The token credential for auth
/// <param name="name">The health check name. Optional. If <c>null</c> the type name 'azurequeue' will be used for the name.</param>
/// <param name="failureStatus">
/// The <see cref="HealthStatus"/> that should be reported when the health check fails. Optional. If <c>null</c> then
/// the default status of <see cref="HealthStatus.Unhealthy"/> will be reported.
/// </param>
/// <param name="tags">A list of tags that can be used to filter sets of health checks. Optional.</param>
/// <param name="configuringMessage">Message configuration Action, usually used when queue is partitioned or with duplication detection feature enabled Optional.</param>
/// <param name="timeout">An optional System.TimeSpan representing the timeout of the check.</param>
/// <param name="requiresSession">An optional boolean flag that indicates whether session is enabled on the queue or not. Defaults to false.</param>
/// <returns>The <see cref="IHealthChecksBuilder"/>.</returns>
public static IHealthChecksBuilder AddAzureServiceBusQueue(this IHealthChecksBuilder builder, string endpoint, string queueName, TokenCredential tokenCredential, string name = default, HealthStatus?failureStatus = default, IEnumerable <string> tags = default, TimeSpan?timeout = default)
{
return(builder.Add(new HealthCheckRegistration(
name ?? AZUREQUEUE_NAME,
sp => new AzureServiceBusQueueHealthCheck(endpoint, queueName, tokenCredential),
failureStatus,
tags,
timeout)));
}
/// <summary>
/// Initializes a new instance of the <see cref="KeyResolver"/> class.
/// </summary>
/// <param name="credential">A <see cref="TokenCredential"/> used to authenticate requests to the vault, such as DefaultAzureCredential.</param>
/// <exception cref="ArgumentNullException"><paramref name="credential"/> is null.</exception>
public KeyResolver(TokenCredential credential)
: this(credential, null)
{
}
internal VirtualMachineScaleSetVMExtensionVirtualMachineScaleSet(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_restClient = new VirtualMachineScaleSetVMExtensionsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, Id.SubscriptionId, BaseUri);
}
private void ShouldNotRefreshToken(Func<HttpRequestMessage, CancellationToken, Task<HttpResponseMessage>> handlerFunc)
{
// Arrange
var tokenStore = A.Fake<ITokenStore>();
var tokenCredential = new TokenCredential { AccessToken = "access_token", RefreshToken = "refresh_token" };
A.CallTo(() => tokenStore.GetToken("tokenid")).ReturnsLazily(() => tokenCredential);
A.CallTo(() => tokenStore.StoreToken("tokenid", A<TokenResponse>._)).Invokes(x => { tokenCredential.AccessToken = x.Arguments.Get<TokenResponse>("response").AccessToken; });
var oAuth2Client = new TestingOAuth2Client("error");
var handler = new OAuthHttpClientHandler("tokenid", tokenStore, oAuth2Client) { InnerHandler = new TestHandler(handlerFunc) };
var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "http://test/");
var client = new HttpClient(handler);
// Act/Assert
Assert.ThrowsAsync<InvalidRefreshTokenException>(() => client.SendAsync(httpRequestMessage));
}
protected AzureIdentityTokenProvider(string[] scopes, TokenCredential tokenCredential, IMemoryCache cache)
{
_scopes = scopes;
_tokenCredential = tokenCredential;
_cache = cache;
}
/// <summary>
/// Initializes a new instance of <see cref="LogsQueryClient"/>. Uses the default 'https://api.loganalytics.io' endpoint.
/// <code snippet="Snippet:CreateLogsClient" language="csharp">
/// var client = new LogsQueryClient(new DefaultAzureCredential());
/// </code>
/// </summary>
/// <param name="credential">The <see cref="TokenCredential"/> instance to use for authentication.</param>
public LogsQueryClient(TokenCredential credential) : this(credential, null)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="AttestationClient"/> class.
/// </summary>
/// <param name="endpoint">Uri for the Microsoft Azure Attestation Service Instance to use.</param>
/// <param name="credential">Credentials to be used in the Client.</param>
public AttestationClient(Uri endpoint, TokenCredential credential) : this(endpoint, credential, new AttestationClientOptions())
{
Endpoint = endpoint;
}
/// <summary>
/// Initializes a new instance of <see cref="LogsQueryClient"/>. Uses the default 'https://api.loganalytics.io' endpoint.
/// </summary>
/// <param name="credential">The <see cref="TokenCredential"/> instance to use for authentication.</param>
/// <param name="options">The <see cref="LogsQueryClientOptions"/> instance to use as client configuration.</param>
public LogsQueryClient(TokenCredential credential, LogsQueryClientOptions options) : this(_defaultEndpoint, credential, options)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="ArmClient"/> class.
/// </summary>
/// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
/// <param name="options"> The client parameters to use in these operations. </param>
/// <exception cref="ArgumentNullException"> If <see cref="TokenCredential"/> is null. </exception>
public ArmClient(TokenCredential credential, ArmClientOptions options)
: this(null, new Uri(DefaultUri), credential, options)
{
}
public ComputeManagementClient(string subscriptionId, TokenCredential tokenCredential, ComputeManagementClientOptions options = null) : this(null, subscriptionId, tokenCredential, options)
{
}
internal override TransportClient CreateTransportClient(string fullyQualifiedNamespace, string eventHubName, TokenCredential credential, EventHubConnectionOptions options)
{
var client = new Mock <TransportClient>();
client
.Setup(client => client.ServiceEndpoint)
.Returns(new Uri($"amgp://{ fullyQualifiedNamespace}.com/{eventHubName}"));
return(client.Object);
}
internal SubscriptionLongTermRetentionBackup(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_longTermRetentionBackupsRestClient = new LongTermRetentionBackupsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
public virtual CryptographyClient GetCryptographyClient(KeyVaultKeyUriProperties keyVaultKeyUriProperties, TokenCredential tokenCredential)
{
return(new CryptographyClient(keyVaultKeyUriProperties.KeyUri, tokenCredential));
}
internal ServerfarmVirtualNetworkConnection(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_appServicePlansRestClient = new AppServicePlansRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
private CommunicationIdentityClient(Uri endpoint, CommunicationIdentityClientOptions options, TokenCredential tokenCredential)
{
_clientDiagnostics = new ClientDiagnostics(options);
RestClient = new CommunicationIdentityRestClient(
_clientDiagnostics,
options.BuildHttpPipeline(tokenCredential),
endpoint.AbsoluteUri);
}
internal DedicatedHostGroup(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_restClient = new DedicatedHostGroupsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, Id.SubscriptionId, BaseUri);
}
internal ManagedInstanceDatabaseVulnerabilityAssessment(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_managedDatabaseVulnerabilityAssessmentsRestClient = new ManagedDatabaseVulnerabilityAssessmentsRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
internal DatabaseAccountMongodbDatabaseThroughputSetting(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_mongoDBResourcesRestClient = new MongoDBResourcesRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
/// <summary>
/// Initializes a new instance of <see cref="LogsClient"/>.
/// </summary>
/// <param name="endpoint">The service endpoint to use.</param>
/// <param name="credential">The <see cref="TokenCredential"/> instance to use for authentication.</param>
public LogsClient(Uri endpoint, TokenCredential credential) : this(endpoint, credential, null)
{
}
internal ServerConnectionPolicy(ArmClientOptions clientOptions, TokenCredential credential, Uri uri, HttpPipeline pipeline, ResourceIdentifier id) : base(clientOptions, credential, uri, pipeline, id)
{
_clientDiagnostics = new ClientDiagnostics(ClientOptions);
_serverConnectionPoliciesRestClient = new ServerConnectionPoliciesRestOperations(_clientDiagnostics, Pipeline, ClientOptions, BaseUri);
}
private void UpdateIdentityManager(TokenCredential token)
{
var arcGisTokenCredential = new ArcGISTokenCredential {Token = token.Token, ServiceUri = DEFAULT_SERVER_URL};
IdentityManager.Current.AddCredential(arcGisTokenCredential);
}
/// <summary>
/// Initializes a new instance of the <see cref="TrackOneEventHubClient"/> class.
/// </summary>
///
/// <param name="host">The fully qualified host name for the Event Hubs namespace. This is likely to be similar to <c>{yournamespace}.servicebus.windows.net</c>.</param>
/// <param name="eventHubPath">The path of the specific Event Hub to connect the client to.</param>
/// <param name="credential">The Azure managed identity credential to use for authorization. Access controls may be specified by the Event Hubs namespace or the requeseted Event Hub, depending on Azure configuration.</param>
/// <param name="clientOptions">A set of options to apply when configuring the client.</param>
///
/// <remarks>
/// As an internal type, this class performs only basic sanity checks against its arguments. It
/// is assumed that callers are trusted and have performed deep validation.
///
/// Any parameters passed are assumed to be owned by this instance and safe to mutate or dispose;
/// creation of clones or otherwise protecting the parameters is assumed to be the purview of the
/// caller.
/// </remarks>
///
public TrackOneEventHubClient(string host,
string eventHubPath,
TokenCredential credential,
EventHubClientOptions clientOptions) : this(host, eventHubPath, credential, clientOptions, CreateClient)
{
}
