private static OnBehalfOfAuthenticationProvider PrepareOnBehalfOfAuthenticationProviderWithCertificate()
{
if (TestCommon.RunningInGitHubWorkflow())
{
Assert.Inconclusive("Skipping test because we're running inside a GitHub action and we don't have access to the certificate store");
}
var configuration = TestCommon.GetConfigurationSettings();
var clientId = configuration.GetValue <string>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:ClientId");
var tenantId = configuration.GetValue <string>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:TenantId");
var storeName = configuration.GetValue <StoreName>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreName");
var storeLocation = configuration.GetValue <StoreLocation>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreLocation");
var thumbprint = configuration.GetValue <string>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:Thumbprint");
var provider = new OnBehalfOfAuthenticationProvider(
clientId,
tenantId,
storeName,
storeLocation,
thumbprint,
// We get the consumer access token using an InteractiveAuthenticationProvider
() => GetUserAccessToken().GetAwaiter().GetResult());
return(provider);
}
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
public async Task TestOnBehalfOfConstructorNoDIWithCertificate_NullClientId_NullTenantId()
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
{
if (TestCommon.RunningInGitHubWorkflow())
{
Assert.Inconclusive("Skipping test because we're running inside a GitHub action and we don't have access to the certificate store");
}
var configuration = TestCommon.GetConfigurationSettings();
var storeName = configuration.GetValue <StoreName>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreName");
var storeLocation = configuration.GetValue <StoreLocation>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreLocation");
var thumbprint = configuration.GetValue <string>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:Thumbprint");
var provider = new OnBehalfOfAuthenticationProvider(
null,
null,
storeName,
storeLocation,
thumbprint,
// We get the consumer access token using an InteractiveAuthenticationProvider
() => GetUserAccessToken().GetAwaiter().GetResult());
Assert.IsNotNull(provider);
Assert.IsNotNull(provider.ClientId);
Assert.IsNotNull(provider.TenantId);
Assert.IsNotNull(provider.Certificate);
}
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
public async Task TestOnBehalfOfConstructorNoDIWithClientSecret_NullClientSecret()
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
{
var configuration = TestCommon.GetConfigurationSettings();
var storeName = configuration.GetValue <StoreName>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreName");
var storeLocation = configuration.GetValue <StoreLocation>($"{TestGlobals.CredentialsConfigurationBasePath}:{onBehalfOfConfigurationPath}:OnBehalfOf:StoreLocation");
var provider = new OnBehalfOfAuthenticationProvider(
AuthGlobals.DefaultClientId,
AuthGlobals.OrganizationsTenantId,
clientSecret: null,
// We get the consumer access token using an InteractiveAuthenticationProvider
() => GetUserAccessToken().GetAwaiter().GetResult());
}
public async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("PiaSys Yo Teams Backend function triggered!");
var targetSiteUrl = new Uri(Environment.GetEnvironmentVariable("TargetSiteUrl"));
var clientId = Environment.GetEnvironmentVariable("ClientId");
var tenantId = Environment.GetEnvironmentVariable("TenantId");
var clientSecret = this.ToSecureString(Environment.GetEnvironmentVariable("ClientSecret"));
// Let's try to get the access token from the Authorization request header
if (req.Headers.ContainsKey(AUTHORIZATION_HEADER) &&
req.Headers[AUTHORIZATION_HEADER].Count == 1)
{
string accessToken = req.Headers[AUTHORIZATION_HEADER][0].Split(' ', StringSplitOptions.RemoveEmptyEntries)[1];
var oboProvider = new OnBehalfOfAuthenticationProvider(clientId, tenantId, clientSecret,
() => accessToken);
using (var context = await _pnpContextFactory.CreateAsync(targetSiteUrl, oboProvider))
{
var web = await context.Web.GetAsync(w => w.Id, w => w.Title, w => w.CurrentUser);
var user = await context.Web.CurrentUser.GetAsync(
u => u.Title,
u => u.UserPrincipalName);
var result = new {
web = new {
web.Id,
web.Title,
},
user = new
{
user.UserPrincipalName,
user.Title,
}
};
return(new JsonResult(result));
}
}
return(new UnauthorizedObjectResult(null));
}
