/// <summary>
/// Creates a new InteractiveBrowserCredential with the specified options, which will authenticate users with the specified application.
/// </summary>
/// <param name="tenantId">The tenant id of the application and the users to authenticate. Can be null in the case of multi-tenant applications.</param>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
/// TODO: need to link to info on how the application has to be created to authenticate users, for multiple applications
/// <param name="options">The client options for the newly created DeviceCodeCredential</param>
public InteractiveBrowserCredential(string tenantId, string clientId, TokenCredentialOptions options = default)
: this(tenantId, clientId, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates an instance of the <see cref="UsernamePasswordCredential"/> with the details needed to authenticate against Azure Active Directory with a simple username
/// and password.
/// </summary>
/// <param name="username"></param>
/// <param name="password">The user account's user name, UPN.</param>
/// <param name="tenantId">The Azure Active Directory tenant (directory) ID or name.</param>
/// <param name="clientId">The client (application) ID of an App Registration in the tenant.</param>
/// <param name="options">The client options for the newly created UsernamePasswordCredential</param>
public UsernamePasswordCredential(string username, string password, string tenantId, string clientId, TokenCredentialOptions options)
: this(username, password, tenantId, clientId, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates a new InteractiveBrowserCredential with the specified options, which will authenticate users with the specified application.
/// </summary>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
public InteractiveBrowserCredential(string clientId)
: this(null, clientId, CredentialPipeline.GetInstance(null))
{
}
/// <summary>
/// Creates an instance of the <see cref="DefaultAzureCredential"/> class.
/// </summary>
/// <param name="options">Options that configure the management of the requests sent to Azure Active Directory services, and determine which credentials are included in the <see cref="DefaultAzureCredential"/> authentication flow.</param>
public DefaultAzureCredential(DefaultAzureCredentialOptions options)
: this(new DefaultAzureCredentialFactory(CredentialPipeline.GetInstance(options)), options)
{
}
/// <summary>
/// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables.
/// If the expected environment variables are not found at this time, the GetToken method will return the default <see cref="AccessToken"/> when invoked.
/// </summary>
public EnvironmentCredential()
: this(CredentialPipeline.GetInstance(null))
{
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with the details needed to authenticate against Azure Active Directory with the specified certificate.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientCertificate">The authentication X509 Certificate of the service principal</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientCertificateCredential(string tenantId, string clientId, X509Certificate2 clientCertificate, TokenCredentialOptions options)
: this(tenantId, clientId, clientCertificate, CredentialPipeline.GetInstance(options))
{
}
public DefaultAzureCredentialFactory(TokenCredentialOptions options)
: this(CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
public SharedTokenCacheCredential()
: this(null, null, CredentialPipeline.GetInstance(null))
{
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
/// <param name="options">The client options for the newly created <see cref="SharedTokenCacheCredential"/></param>
public SharedTokenCacheCredential(SharedTokenCacheCredentialOptions options)
: this(options?.TenantId, options?.Username, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates a new DeviceCodeCredential with the specifeid options, which will authenticate users with the specified application.
/// </summary>
/// <param name="deviceCodeCallback">The callback to be executed to display the device code to the user</param>
/// <param name="tenantId">The tenant id of the application to which users will authenticate. This can be null for multi-tenanted applications.</param>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
/// <param name="options">The client options for the newly created DeviceCodeCredential</param>
public DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, string tenantId, string clientId, TokenCredentialOptions options = default)
: this(deviceCodeCallback, tenantId, clientId, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates a new instance of the <see cref="VisualStudioCredential"/> with the specified options.
/// </summary>
/// <param name="options">Options for configuring the credential.</param>
public VisualStudioCredential(VisualStudioCredentialOptions options) : this(options?.TenantId, CredentialPipeline.GetInstance(options), default, default)
{
}
/// <summary>
/// Creates a new DeviceCodeCredential with the specified options, which will authenticate users using the device code flow.
/// </summary>
/// <param name="deviceCodeCallback">The callback to be executed to display the device code to the user.</param>
/// <param name="options">The client options for the newly created <see cref="DeviceCodeCredential"/>.</param>
public DeviceCodeCredential(Func <DeviceCodeInfo, CancellationToken, Task> deviceCodeCallback, DeviceCodeCredentialOptions options = default)
: this(deviceCodeCallback, options?.TenantId, options?.ClientId, CredentialPipeline.GetInstance(options), options?.EnablePersistentCache ?? false)
{
_disableAutomaticAuthentication = options?.DisableAutomaticAuthentication ?? false;
_record = options?.AuthenticationRecord;
}
/// <summary>
/// Create an instance of CliCredential class.
/// </summary>
/// <param name="options"> The Azure Active Directory tenant (directory) Id of the service principal. </param>
public AzureCliCredential(AzureCliCredentialOptions options)
: this(CredentialPipeline.GetInstance(null), default, options)
{
}
/// <summary>
/// Create an instance of CliCredential class.
/// </summary>
public AzureCliCredential()
: this(CredentialPipeline.GetInstance(null), default)
{
}
/// <summary>
/// Creates an instance of the ManagedIdentityCredential capable of authenticating a resource with a managed identity.
/// </summary>
/// <param name="clientId">
/// The client id to authenticate for a user assigned managed identity. More information on user assigned managed identities can be found here:
/// https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview#how-a-user-assigned-managed-identity-works-with-an-azure-vm
/// </param>
/// <param name="options">Options to configure the management of the requests sent to the Azure Active Directory service.</param>
public ManagedIdentityCredential(string clientId = null, TokenCredentialOptions options = null)
: this(clientId, CredentialPipeline.GetInstance(options))
{
_logAccountDetails = options?.Diagnostics?.IsAccountIdentifierLoggingEnabled ?? false;
}
/// <summary>
/// Creates a new <see cref="SharedTokenCacheCredential"/> which will authenticate users signed in through developer tools supporting Azure single sign on.
/// </summary>
/// <param name="username">The username of the user to authenticate</param>
/// <param name="options">The client options for the newly created <see cref="SharedTokenCacheCredential"/></param>
public SharedTokenCacheCredential(string username, TokenCredentialOptions options = default)
: this(tenantId : null, username : username, pipeline : CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates an instance of the ManagedIdentityCredential capable of authenticating a resource with a managed identity.
/// </summary>
/// <param name="resourceId">
/// The resource id to authenticate for a user assigned managed identity. More information on user assigned managed identities can be found here:
/// https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview#how-a-user-assigned-managed-identity-works-with-an-azure-vm
/// </param>
/// <param name="options">Options to configure the management of the requests sent to the Azure Active Directory service.</param>
public ManagedIdentityCredential(ResourceIdentifier resourceId, TokenCredentialOptions options = null)
: this(
new ManagedIdentityClient(new ManagedIdentityClientOptions { ResourceIdentifier = resourceId, Pipeline = CredentialPipeline.GetInstance(options) }))
{
_logAccountDetails = options?.Diagnostics?.IsAccountIdentifierLoggingEnabled ?? false;
_clientId = resourceId.ToString();
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with an asynchronous callback that provides a signed client assertion to authenticate against Azure Active Directory.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="assertionCallback">An asynchronous callback returning a valid client assertion used to authenticate the service principal.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientAssertionCredential(string tenantId, string clientId, Func <CancellationToken, Task <string> > assertionCallback, ClientAssertionCredentialOptions options = default)
{
Argument.AssertNotNull(clientId, nameof(clientId));
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId;
Client = options?.MsalClient ?? new MsalConfidentialClient(options?.Pipeline ?? CredentialPipeline.GetInstance(options), tenantId, clientId, assertionCallback, options);
}
/// <summary>
/// Creates an instance of the ClientCertificateCredential with a synchronous callback that provides a signed client assertion to authenicate against Azure Active Directory.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="assertionCallback">A synchronous callback returning a valid client assertion used to authenticate the service principal.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientAssertionCredential(string tenantId, string clientId, Func <string> assertionCallback, ClientAssertionCredentialOptions options = default)
{
Argument.AssertNotNull(clientId, nameof(clientId));
TenantId = Validations.ValidateTenantId(tenantId, nameof(tenantId));
ClientId = clientId;
Client = options?.MsalClient ?? new MsalConfidentialClient(options?.Pipeline ?? CredentialPipeline.GetInstance(options), tenantId, clientId, assertionCallback, null, null, options?.IsLoggingPIIEnabled ?? false);
}
/// <summary>
/// Creates an instance of the ClientSecretCredential with the details needed to authenticate against Azure Active Directory with a client secret.
/// </summary>
/// <param name="tenantId">The Azure Active Directory tenant (directory) Id of the service principal.</param>
/// <param name="clientId">The client (application) ID of the service principal</param>
/// <param name="clientSecret">A client secret that was generated for the App Registration used to authenticate the client.</param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ClientSecretCredential(string tenantId, string clientId, string clientSecret, TokenCredentialOptions options)
: this(tenantId, clientId, clientSecret, CredentialPipeline.GetInstance(options))
{
}
/// <summary>
/// Creates an instance of the ManagedIdentityCredential capable of authenticating a resource with a managed identity.
/// </summary>
/// <param name="clientId">
/// The client id to authenticate for a user assigned managed identity. More information on user assigned managed identities cam be found here:
/// https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview#how-a-user-assigned-managed-identity-works-with-an-azure-vm
/// </param>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public ManagedIdentityCredential(string clientId = null, TokenCredentialOptions options = null)
: this(clientId, CredentialPipeline.GetInstance(options))
{
}
internal VisualStudioCodeCredential(string tenantId, TokenCredentialOptions options, IFileSystemService fileSystem, IVisualStudioCodeAdapter vscAdapter)
: this(tenantId, CredentialPipeline.GetInstance(options), fileSystem, vscAdapter)
{
}
/// <inheritdoc />
internal VisualStudioCredential(string tenantId, TokenCredentialOptions options) : this(tenantId, CredentialPipeline.GetInstance(options), default, default)
{
}
/// <summary>
/// Creates a new InteractiveBrowserCredential with the specified options, which will authenticate users.
/// </summary>
public InteractiveBrowserCredential()
: this(null, Constants.DeveloperSignOnClientId, CredentialPipeline.GetInstance(null))
{
}
/// <summary>
/// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables.
/// If the expected environment variables are not found at this time, the GetToken method will return the default <see cref="AccessToken"/> when invoked.
/// </summary>
/// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
public EnvironmentCredential(TokenCredentialOptions options)
: this(CredentialPipeline.GetInstance(options))
{
}
internal AzurePowerShellCredential(AzurePowerShellCredentialOptions options, CredentialPipeline pipeline, IProcessService processService)
{
UseLegacyPowerShell = options?.UseLegacyPowerShell ?? new AzurePowerShellCredentialOptions().UseLegacyPowerShell;
_pipeline = pipeline ?? CredentialPipeline.GetInstance(options);
_processService = processService ?? ProcessService.Default;
}