/// <summary> /// Adds a known Azure AD authority to the application to sign-in users specifying /// the cloud instance and the sign-in audience. See https://aka.ms/msal-net-application-configuration. /// </summary> /// <param name="azureCloudInstance">Instance of Azure Cloud (for instance Azure /// worldwide cloud, Azure German Cloud, US government ...)</param> /// <param name="authorityAudience">Sign-in audience (one AAD organization, /// any work and school accounts, or any work and school accounts and Microsoft personal /// accounts</param> /// <param name="validateAuthority">Whether the authority should be validated against the server metadata.</param> /// <returns>The builder to chain the .With methods</returns> public T WithAuthority(AzureCloudInstance azureCloudInstance, AadAuthorityAudience authorityAudience, bool validateAuthority = true) { Config.AzureCloudInstance = azureCloudInstance; Config.AadAuthorityAudience = authorityAudience; Config.ValidateAuthority = validateAuthority; return((T)this); }
internal static AuthorityInfo FromAadAuthority( AzureCloudInstance azureCloudInstance, AadAuthorityAudience authorityAudience, bool validateAuthority) { string authorityUri = GetAuthorityUri(azureCloudInstance, authorityAudience); return(new AuthorityInfo(AuthorityType.Aad, authorityUri, validateAuthority)); }
internal static string GetAuthorityUri( AzureCloudInstance azureCloudInstance, AadAuthorityAudience authorityAudience, string tenantId = null) { string cloudUrl = GetCloudUrl(azureCloudInstance); string tenantValue = GetAadAuthorityAudienceValue(authorityAudience, tenantId); return(string.Format(CultureInfo.InvariantCulture, "{0}/{1}", cloudUrl, tenantValue)); }
/// <summary> /// Adds a known Azure AD authority to the application to sign-in users specifying /// the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration. /// </summary> /// <param name="authorityAudience">Sign-in audience (one AAD organization, /// any work and school accounts, or any work and school accounts and Microsoft personal /// accounts.</param> /// <param name="validateAuthority">Whether the authority should be validated against the server metadata.</param> /// <returns>The builder to chain the .With methods.</returns> public T WithAuthority(AadAuthorityAudience authorityAudience, bool validateAuthority = true) { CommonParameters.AddApiTelemetryFeature(ApiTelemetryFeature.WithAuthority); if (validateAuthority) { CommonParameters.AddApiTelemetryFeature(ApiTelemetryFeature.WithValidateAuthority); } CommonParameters.AuthorityOverride = AuthorityInfo.FromAadAuthority(authorityAudience, validateAuthority); return((T)this); }
public async Task <Application> CreateApp(string appName, AadAuthorityAudience audience) { var application = new Application { DisplayName = appName, SignInAudience = audience.ToString() }; var createdApp = await _graphClient?.Applications .Request() .AddAsync(application); return(createdApp); }
public void TestAuthorityPermutations( AzureCloudInstance cloudInstance, AadAuthorityAudience audience, string expectedAuthority) { var options = new PublicClientApplicationOptions { AzureCloudInstance = cloudInstance, AadAuthorityAudience = audience, ClientId = TestConstants.ClientId }; var pca = PublicClientApplicationBuilder.CreateWithApplicationOptions(options) .Build(); Assert.AreEqual(expectedAuthority, pca.Authority); }
public async Task <string> CreateApp(string appName, string tenantId, AadAuthorityAudience audience) { var graphUrl = "https://graph.microsoft.com/beta"; var createAppUri = "applications"; var serializedApp = JsonConvert.SerializeObject(new { displayName = appName, signInAudience = audience.ToString() }); var accessToken = await GetAccessToken(scopesToCreateApp, tenantId); string result = string.Empty; try { using (var httpClient = new HttpClient()) { httpClient.BaseAddress = new Uri($"{graphUrl}/"); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); var response = await httpClient.PostAsync(createAppUri, new StringContent(serializedApp, Encoding.UTF8, "application/json")); if (response.IsSuccessStatusCode) { var content = response.Content; result = await content.ReadAsStringAsync(); } else { result = await response.Content.ReadAsStringAsync(); // TODO WTS: Please handle other status codes as appropriate to your scenario } } } catch (Exception ex) { result = $"Error to create app: {ex.Message}"; } return(result); }
/// <summary> /// Adds a known Azure AD authority to the application to sign-in users specifying /// the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration. /// </summary> /// <param name="authorityAudience">Sign-in audience (one AAD organization, /// any work and school accounts, or any work and school accounts and Microsoft personal /// accounts</param> /// <param name="validateAuthority">Whether the authority should be validated against the server metadata.</param> /// <returns>The builder to chain the .With methods</returns> public T WithAuthority(AadAuthorityAudience authorityAudience, bool validateAuthority = true) { Config.AuthorityInfo = AuthorityInfo.FromAadAuthority(authorityAudience, validateAuthority); return((T)this); }
public static string GetAuthorityUrl(this AzureCloudInstance azureCloudInstance, AadAuthorityAudience authorityAudience = default(AadAuthorityAudience), string tenantId = null) { return(String.Format(CultureInfo.InvariantCulture, "{0}/{1}/", GetCloudUri(), GetAudienceUri())); string GetAudienceUri() { return((authorityAudience, tenantId) switch { (AadAuthorityAudience.AzureAdAndPersonalMicrosoftAccount, _) => "common", (AadAuthorityAudience.AzureAdMultipleOrgs, _) => "organizations", (AadAuthorityAudience.PersonalMicrosoftAccount, _) => "consumers", (AadAuthorityAudience.AzureAdMyOrg, _)when !String.IsNullOrWhiteSpace(tenantId) => tenantId, (AadAuthorityAudience.AzureAdMyOrg, _) when String.IsNullOrWhiteSpace(tenantId) => throw new ArgumentException(nameof(tenantId)), (_, _) => throw new ArgumentException(nameof(authorityAudience)) }); }
/// <summary> /// Adds a known Azure AD authority to the application to sign-in users specifying /// the sign-in audience (the cloud being the Azure public cloud). See https://aka.ms/msal-net-application-configuration. /// </summary> /// <param name="authorityAudience">Sign-in audience (one AAD organization, /// any work and school accounts, or any work and school accounts and Microsoft personal /// accounts.</param> /// <param name="validateAuthority">Whether the authority should be validated against the server metadata.</param> /// <returns>The builder to chain the .With methods.</returns> public T WithAuthority(AadAuthorityAudience authorityAudience, bool validateAuthority = true) { CommonParameters.AuthorityOverride = AuthorityInfo.FromAadAuthority(authorityAudience, validateAuthority); return((T)this); }