/// <summary> /// Creates a new authentication broker based for the specified resource. /// </summary> /// <param name="targetUri">The resource for which authentication is being requested.</param> /// <param name="scope">The scope of the access being requested.</param> /// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param> /// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param> /// <param name="authentication"> /// An implementation of <see cref="BaseAuthentication"/> if one was detected; /// <see langword="null"/> otherwise. /// </param> /// <returns> /// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise. /// </returns> public static bool GetAuthentication( TargetUri targetUri, VstsTokenScope scope, ICredentialStore personalAccessTokenStore, ITokenStore adaRefreshTokenStore, out BaseAuthentication authentication) { Trace.WriteLine("BaseVstsAuthentication::DetectAuthority"); Guid tenantId; if (DetectAuthority(targetUri, out tenantId)) { // empty Guid is MSA, anything else is AAD if (tenantId == Guid.Empty) { Trace.WriteLine(" MSA authority detected"); authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore, adaRefreshTokenStore); } else { Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected"); authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore, adaRefreshTokenStore); (authentication as VstsAadAuthentication).TenantId = tenantId; } } else { authentication = null; } return(authentication != null); }
/// <summary> /// Creates a new authentication broker based for the specified resource. /// <para/> /// Returns `<see langword="true"/>` if an authority could be determined; otherwise `<see langword="false"/>`. /// </summary> /// <param name="targetUri">The resource for which authentication is being requested.</param> /// <param name="scope">The scope of the access being requested.</param> /// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param> public static async Task <BaseAuthentication> GetAuthentication( RuntimeContext context, TargetUri targetUri, VstsTokenScope scope, ICredentialStore personalAccessTokenStore) { BaseSecureStore.ValidateTargetUri(targetUri); if (scope is null) { throw new ArgumentNullException(nameof(scope)); } if (personalAccessTokenStore is null) { throw new ArgumentNullException(nameof(personalAccessTokenStore)); } BaseAuthentication authentication = null; var result = await DetectAuthority(context, targetUri); if (!result.HasValue) { return(null); } // Query for the tenant's identity Guid tenantId = result.Value; // empty identity is MSA, anything else is AAD if (tenantId == Guid.Empty) { context.Trace.WriteLine("MSA authority detected."); authentication = new VstsMsaAuthentication(context, scope, personalAccessTokenStore); } else { context.Trace.WriteLine($"AAD authority for tenant '{tenantId}' detected."); authentication = new VstsAadAuthentication(context, tenantId, scope, personalAccessTokenStore); (authentication as VstsAadAuthentication).TenantId = tenantId; } return(authentication); }
/// <summary> /// Creates a new authentication broker based for the specified resource. /// </summary> /// <param name="targetUri">The resource for which authentication is being requested.</param> /// <param name="scope">The scope of the access being requested.</param> /// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param> /// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param> /// <param name="authentication"> /// An implementation of <see cref="BaseAuthentication"/> if one was detected; /// <see langword="null"/> otherwise. /// </param> /// <returns> /// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise. /// </returns> public static BaseAuthentication GetAuthentication( TargetUri targetUri, VstsTokenScope scope, ICredentialStore personalAccessTokenStore) { BaseSecureStore.ValidateTargetUri(targetUri); if (ReferenceEquals(scope, null)) { throw new ArgumentNullException(nameof(scope)); } if (ReferenceEquals(personalAccessTokenStore, null)) { throw new ArgumentNullException(nameof(personalAccessTokenStore)); } Trace.WriteLine("BaseVstsAuthentication::DetectAuthority"); BaseAuthentication authentication = null; Guid tenantId; if (DetectAuthority(targetUri, out tenantId)) { // empty Guid is MSA, anything else is AAD if (tenantId == Guid.Empty) { Trace.WriteLine(" MSA authority detected"); authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore); } else { Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected"); authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore); (authentication as VstsAadAuthentication).TenantId = tenantId; } } return(authentication); }
/// <summary> /// Creates a new authentication broker based for the specified resource. /// </summary> /// <param name="targetUri">The resource for which authentication is being requested.</param> /// <param name="scope">The scope of the access being requested.</param> /// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param> /// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param> /// <param name="authentication"> /// An implementation of <see cref="BaseAuthentication"/> if one was detected; /// <see langword="null"/> otherwise. /// </param> /// <returns> /// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise. /// </returns> public static bool GetAuthentication( TargetUri targetUri, VstsTokenScope scope, ICredentialStore personalAccessTokenStore, ITokenStore adaRefreshTokenStore, out BaseAuthentication authentication) { Trace.WriteLine("BaseVstsAuthentication::DetectAuthority"); Guid tenantId; if (DetectAuthority(targetUri, out tenantId)) { // empty Guid is MSA, anything else is AAD if (tenantId == Guid.Empty) { Trace.WriteLine(" MSA authority detected"); authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore, adaRefreshTokenStore); } else { Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected"); authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore, adaRefreshTokenStore); (authentication as VstsAadAuthentication).TenantId = tenantId; } } else { authentication = null; } return authentication != null; }
/// <summary> /// Creates a new authentication broker based for the specified resource. /// </summary> /// <param name="targetUri">The resource for which authentication is being requested.</param> /// <param name="scope">The scope of the access being requested.</param> /// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param> /// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param> /// <param name="authentication"> /// An implementation of <see cref="BaseAuthentication"/> if one was detected; /// <see langword="null"/> otherwise. /// </param> /// <returns> /// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise. /// </returns> public static BaseAuthentication GetAuthentication( TargetUri targetUri, VstsTokenScope scope, ICredentialStore personalAccessTokenStore) { BaseSecureStore.ValidateTargetUri(targetUri); if (ReferenceEquals(scope, null)) throw new ArgumentNullException(nameof(scope)); if (ReferenceEquals(personalAccessTokenStore, null)) throw new ArgumentNullException(nameof(personalAccessTokenStore)); BaseAuthentication authentication = null; Guid tenantId; if (DetectAuthority(targetUri, out tenantId)) { // empty Guid is MSA, anything else is AAD if (tenantId == Guid.Empty) { Git.Trace.WriteLine("MSA authority detected."); authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore); } else { Git.Trace.WriteLine($"AAD authority for tenant '{tenantId}' detected."); authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore); (authentication as VstsAadAuthentication).TenantId = tenantId; } } return authentication; }