private async ValueTask <AccessToken> GetTokenImplAsync(TokenRequestContext requestContext, bool async, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("VisualStudioCredential.GetToken", requestContext); try { var tokenProviderPath = GetTokenProviderPath(); var tokenProviders = GetTokenProviders(tokenProviderPath); var resource = ScopeUtilities.ScopesToResource(requestContext.Scopes); var processStartInfos = GetProcessStartInfos(tokenProviders, resource, cancellationToken); if (processStartInfos.Count == 0) { throw new CredentialUnavailableException("No installed instance of Visual Studio was found"); } return(await RunProcessesAsync(processStartInfos, async, cancellationToken).ConfigureAwait(false)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("DefaultAzureCredential.GetToken", requestContext); try { AccessToken token; if (_credential != null) { token = async ? await _credential.GetTokenAsync(requestContext, cancellationToken).ConfigureAwait(false) : _credential.GetToken(requestContext, cancellationToken); } else { token = await GetTokenFromSourcesAsync(async, requestContext, cancellationToken).ConfigureAwait(false); } return(scope.Succeeded(token)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) when(!(e is CredentialUnavailableException)) { throw scope.FailAndWrap(new AuthenticationFailedException(UnhandledExceptionMessage, e)); } }
private async ValueTask <AccessToken> GetTokenImplAsync(TokenRequestContext requestContext, bool async, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("VisualStudioCodeCredential.GetToken", requestContext); try { GetUserSettings(out var tenant, out var environmentName); var cloudInstance = GetAzureCloudInstance(environmentName); var storedCredentials = _vscAdapter.GetCredentials(CredentialsSection, environmentName); if (!IsBase64UrlString(storedCredentials)) { throw new CredentialUnavailableException("Need to re-authenticate user in VSCode Azure Account."); } var result = await _client.AcquireTokenByRefreshToken(requestContext.Scopes, storedCredentials, cloudInstance, tenant, async, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("EnvironmentCredential.GetToken", requestContext); if (_credential is null) { throw scope.Failed(new CredentialUnavailableException(UnavailbleErrorMessage)); } try { AccessToken token = async ? await _credential.GetTokenAsync(requestContext, cancellationToken).ConfigureAwait(false) : _credential.GetToken(requestContext, cancellationToken); return(scope.Succeeded(token)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("SharedTokenCacheCredential.GetToken", requestContext); try { IAccount account = async ? await _account.Value.ConfigureAwait(false) #pragma warning disable AZC0102 // Do not use GetAwaiter().GetResult(). Use the TaskExtensions.EnsureCompleted() extension method instead. : _account.Value.GetAwaiter().GetResult(); #pragma warning restore AZC0102 // Do not use GetAwaiter().GetResult(). Use the TaskExtensions.EnsureCompleted() extension method instead. AuthenticationResult result = await _client.AcquireTokenSilentAsync(requestContext.Scopes, account, async, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (MsalUiRequiredException) { throw scope.Failed(new CredentialUnavailableException($"{nameof(SharedTokenCacheCredential)} authentication unavailable. Token acquisition failed for user {_username}. Ensure that you have authenticated with a developer tool that supports Azure single sign on.")); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("DeviceCodeCredential.GetToken", requestContext); try { if (_account != null) { try { AuthenticationResult result = await _client.AcquireTokenSilentAsync(requestContext.Scopes, _account, async, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (MsalUiRequiredException) { return(scope.Succeeded(await GetTokenViaDeviceCodeAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false))); } } else { return(scope.Succeeded(await GetTokenViaDeviceCodeAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false))); } } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
/// <summary> /// Obtains a token for a user account, authenticating them through the device code authentication flow. This method is called by Azure SDK clients. It isn't intended for use in application code. /// </summary> /// <param name="requestContext">The details of the authentication request.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls.</returns> public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("DeviceCodeCredential.GetToken", requestContext); try { if (_account != null) { try { AuthenticationResult result = _client.AcquireTokenSilentAsync(requestContext.Scopes, _account, cancellationToken).GetAwaiter().GetResult(); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (MsalUiRequiredException) { return(scope.Succeeded(GetTokenViaDeviceCodeAsync(requestContext.Scopes, cancellationToken).GetAwaiter().GetResult())); } } else { return(scope.Succeeded(GetTokenViaDeviceCodeAsync(requestContext.Scopes, cancellationToken).GetAwaiter().GetResult())); } } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("SharedTokenCacheCredential.GetToken", requestContext); try { IAccount account = await _account.Value.ConfigureAwait(false); AuthenticationResult result = await _client.AcquireTokenSilentAsync(requestContext.Scopes, account, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (MsalUiRequiredException) { throw scope.Failed(new CredentialUnavailableException($"{nameof(SharedTokenCacheCredential)} authentication unavailable. Token acquisition failed for user {_username}. Ensure that you have authenticated with a developer tool that supports Azure single sign on.")); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
/// <summary> /// Obtains a token for a user account, authenticating them using the given username and password. Note: This will fail with /// an <see cref="AuthenticationFailedException"/> if the specified user account has MFA enabled. This method is called by Azure SDK clients. It isn't intended for use in application code. /// </summary> /// <param name="requestContext">The details of the authentication request.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls.</returns> public override async ValueTask <AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("UsernamePasswordCredential.GetToken", requestContext); try { AuthenticationResult result = await _client.AcquireTokenByUsernamePasswordAsync(requestContext.Scopes, _username, _password, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (Exception e) { throw scope.FailAndWrap(e); } }
/// <summary> /// Obtains a token from the Azure Active Directory service, using the specified X509 certificate to authenticate. This method is called by Azure SDK clients. It isn't intended for use in application code. /// </summary> /// <param name="requestContext">The details of the authentication request.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls.</returns> public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("ClientCertificateCredential.GetToken", requestContext); try { return(scope.Succeeded(_client.Authenticate(TenantId, ClientId, ClientCertificate, requestContext.Scopes, cancellationToken))); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
/// <summary> /// Obtains a token from the Azure Active Directory service, using the specified client secret to authenticate. This method is called by Azure SDK clients. It isn't intended for use in application code. /// </summary> /// <param name="requestContext">The details of the authentication request.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>An <see cref="AccessToken"/> which can be used to authenticate service client calls.</returns> public override async ValueTask <AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("ClientSecretCredential.GetToken", requestContext); try { return(scope.Succeeded(await _client.AuthenticateAsync(TenantId, ClientId, ClientSecret, requestContext.Scopes, cancellationToken).ConfigureAwait(false))); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("AzureCliCredential.GetToken", requestContext); try { AccessToken token = await RequestCliAccessTokenAsync(async, requestContext.Scopes, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(token)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("ManagedIdentityCredential.GetToken", requestContext); try { AccessToken result = async ? await _client.AuthenticateAsync(requestContext.Scopes, cancellationToken).ConfigureAwait(false) : _client.Authenticate(requestContext.Scopes, cancellationToken); return(scope.Succeeded(result)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async Task <AuthenticationRecord> AuthenticateImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope($"{nameof(InteractiveBrowserCredential)}.{nameof(Authenticate)}", requestContext); try { scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false)); return(_record); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope($"{nameof(InteractiveBrowserCredential)}.{nameof(GetToken)}", requestContext); try { Exception inner = null; if (_record != null) { try { AuthenticationResult result = await _client.AcquireTokenSilentAsync(requestContext.Scopes, (AuthenticationAccount)_record, async, cancellationToken).ConfigureAwait(false); return(scope.Succeeded(new AccessToken(result.AccessToken, result.ExpiresOn))); } catch (MsalUiRequiredException e) { inner = e; } } if (_disableAutomaticAuthentication) { throw new AuthenticationRequiredException(AuthenticationRequiredMessage, requestContext, inner); } return(scope.Succeeded(await GetTokenViaBrowserLoginAsync(requestContext.Scopes, async, cancellationToken).ConfigureAwait(false))); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }
private async ValueTask <AccessToken> GetTokenImplAsync(bool async, TokenRequestContext requestContext, CancellationToken cancellationToken = default) { using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope($"{nameof(AuthorizationCodeCredential)}.{nameof(GetToken)}", requestContext); try { AccessToken token = default; if (_record is null) { AuthenticationResult result = await _confidentialClient.AcquireTokenByAuthorizationCode(requestContext.Scopes, _authCode).ExecuteAsync(async, cancellationToken).ConfigureAwait(false); _record = new AuthenticationRecord(result); token = new AccessToken(result.AccessToken, result.ExpiresOn); } else { AuthenticationResult result = await _confidentialClient.AcquireTokenSilent(requestContext.Scopes, (AuthenticationAccount)_record).ExecuteAsync(async, cancellationToken).ConfigureAwait(false); token = new AccessToken(result.AccessToken, result.ExpiresOn); } return(scope.Succeeded(token)); } catch (OperationCanceledException e) { scope.Failed(e); throw; } catch (Exception e) { throw scope.FailAndWrap(e); } }