/// <summary>
/// Generates a token for Partner tenant using partner user refresh token
/// The expiry time calculation explined below is not strong.
/// please use stardard ADAL library to gain access token by refresh token, which provides strongly typed classes with proper expirty time calculation.
/// </summary>
/// <param name="partnerTenantId">partner tenant id</param>
/// <returns>
/// Access token and expiry time.
/// </returns>
public static async Task <Tuple <string, DateTimeOffset> > LoginToGraph(string partnerTenantId)
{
KeyVaultProvider provider = new KeyVaultProvider();
string refreshToken = await provider.GetSecretAsync(partnerTenantId);
Newtonsoft.Json.Linq.JObject token = await AuthorizationUtilities.GetAADTokenFromRefreshToken(
"https://login.microsoftonline.com/" + partnerTenantId,
"https://graph.microsoft.com",
CSPApplicationId,
CSPApplicationSecret,
refreshToken);
return(new Tuple <string, DateTimeOffset>(token["access_token"].ToString(), DateTimeOffset.UtcNow + TimeSpan.FromTicks(long.Parse(token["expires_on"].ToString()))));
}
/// <summary>
/// Generates a token for Customer tenant using partner user refresh token
/// The expiry time calculation explined below is not strong.
/// please use stardard ADAL library to gain access token by refresh token, which provides strongly typed classes with proper expirty time calculation.
/// </summary>
/// <param name="partnerTenantId">partner tenant id</param>
/// <param name="customerTenantId">customer tenant id</param>
/// <returns>
/// Access token and expiry time.
/// </returns>
public static async Task <Tuple <string, DateTimeOffset> > LoginToCustomerGraph(string partnerTenantId, string customerTenantId)
{
KeyVaultProvider provider = new KeyVaultProvider();
string refreshToken = await provider.GetSecretAsync(partnerTenantId);
JObject token = await AuthorizationUtilities.GetAADTokenFromRefreshToken(
$"{AADInstance}/{customerTenantId}",
"https://graph.windows.net",
CPVApplicationId,
CPVApplicationSecret,
refreshToken);
return(new Tuple <string, DateTimeOffset>(token["access_token"].ToString(), DateTimeOffset.UtcNow + TimeSpan.FromTicks(long.Parse(token["expires_on"].ToString()))));
}
public static async Task <Tuple <string, DateTimeOffset> > LoginToPartnerCenter(string tenantId)
{
KeyVaultProvider provider = new KeyVaultProvider();
string refreshToken = await provider.GetSecretAsync(tenantId);
JObject token = await AuthorizationUtilities.GetAADTokenFromRefreshToken(
$"{AADInstance}/{tenantId}",
"https://api.partnercenter.microsoft.com",
CPVApplicationId,
CPVApplicationSecret,
refreshToken);
return(new Tuple <string, DateTimeOffset>(token["access_token"].ToString(), DateTimeOffset.UtcNow + TimeSpan.FromTicks(long.Parse(token["expires_on"].ToString()))));
}
public static async Task <Tuple <string, DateTimeOffset> > LoginToPartnerCenter(string tenantId)
{
KeyVaultProvider provider = new KeyVaultProvider();
string refreshToken = await provider.GetSecretAsync(tenantId);
AuthenticationResult token = await serviceClient.RefreshAccessTokenAsync(
$"https://login.microsoftonline.com/{tenantId}/oauth2/token",
"https://api.partnercenter.microsoft.com",
refreshToken,
CSPApplicationId,
CSPApplicationSecret).ConfigureAwait(false);
return(new Tuple <string, DateTimeOffset>(token.AccessToken, token.ExpiresOn));
}
/// <summary>
/// Generates a token for Customer tenant using partner user refresh token
/// The expiry time calculation explined below is not strong.
/// please use stardard ADAL library to gain access token by refresh token, which provides strongly typed classes with proper expirty time calculation.
/// </summary>
/// <param name="partnerTenantId">partner tenant id</param>
/// <param name="customerTenantId">customer tenant id</param>
/// <returns>
/// Access token and expiry time.
/// </returns>
public static async Task <Tuple <string, DateTimeOffset> > LoginToCustomerGraph(string partnerTenantId, string customerTenantId)
{
KeyVaultProvider provider = new KeyVaultProvider();
string refreshToken = await provider.GetSecretAsync(partnerTenantId);
AuthenticationResult token = await serviceClient.RefreshAccessTokenAsync(
$"https://login.microsoftonline.com/{customerTenantId}/oauth2/token",
"https://graph.windows.net",
refreshToken,
CSPApplicationId,
CSPApplicationSecret).ConfigureAwait(false);
return(new Tuple <string, DateTimeOffset>(token.AccessToken, token.ExpiresOn));
}
public async Task Secret_GetByCertificate()
{
//Arrange
IKeyVaultSecretReaderAsync keyVaultProvider = new KeyVaultProvider(_vaultName, _azureAdClientId, _appCertificateThumbprint, _certificateStoreLocation, _certificateStoreName);
var secretKey = "secret-storage-key";
var expectedSecret = "";
//Act
var secret = await keyVaultProvider.GetSecretAsync(secretKey, false);
//Assert
Assert.IsNotNull(secret);
Assert.IsNotNull(secret.Value);
Assert.AreEqual(expectedSecret, secret.Value);
}
