static LabAuthenticationHelper()
{
//The data.txt is a place holder for the keyvault secret. It will only be written to during build time when testing appcenter.
//After the tests are finished in appcenter, the file will be deleted from the appcenter servers.
//The file will then be deleted locally Via VSTS task.
if (File.Exists(DataFileName))
{
var data = File.ReadAllText(DataFileName);
if (!string.IsNullOrWhiteSpace(data))
{
s_defaultAuthType = LabAccessAuthenticationType.ClientSecret;
s_secret = data;
}
}
}
public static async Task <string> GetLabAccessTokenAsync(string authority, string[] scopes, LabAccessAuthenticationType authType, string clientId, string certThumbprint, string clientSecret)
{
AuthenticationResult authResult;
IConfidentialClientApplication confidentialApp;
X509Certificate2 cert;
switch (authType)
{
case LabAccessAuthenticationType.ClientCertificate:
var clientIdForCertAuth = String.IsNullOrEmpty(clientId) ? LabAccessConfidentialClientId : clientId;
var certThumbprintForLab = String.IsNullOrEmpty(clientId) ? LabAccessThumbPrint : certThumbprint;
cert = CertificateHelper.FindCertificateByThumbprint(certThumbprintForLab);
if (cert == null)
{
throw new InvalidOperationException(
"Test setup error - cannot find a certificate in the My store for KeyVault. This is available for Microsoft employees only.");
}
confidentialApp = ConfidentialClientApplicationBuilder
.Create(clientIdForCertAuth)
.WithAuthority(new Uri(authority), true)
.WithCertificate(cert)
.Build();
s_staticCache.Bind(confidentialApp.AppTokenCache);
authResult = await confidentialApp
.AcquireTokenForClient(scopes)
.ExecuteAsync(CancellationToken.None)
.ConfigureAwait(false);
break;
case LabAccessAuthenticationType.ClientSecret:
var clientIdForSecretAuth = String.IsNullOrEmpty(clientId) ? LabAccessConfidentialClientId : clientId;
var clientSecretForLab = String.IsNullOrEmpty(clientId) ? s_secret : clientSecret;
confidentialApp = ConfidentialClientApplicationBuilder
.Create(clientIdForSecretAuth)
.WithAuthority(new Uri(authority), true)
.WithClientSecret(clientSecretForLab)
.Build();
s_staticCache.Bind(confidentialApp.AppTokenCache);
authResult = await confidentialApp
.AcquireTokenForClient(scopes)
.ExecuteAsync(CancellationToken.None)
.ConfigureAwait(false);
break;
case LabAccessAuthenticationType.UserCredential:
var clientIdForPublicClientAuth = String.IsNullOrEmpty(clientId) ? LabAccessPublicClientId : clientId;
var publicApp = PublicClientApplicationBuilder
.Create(clientIdForPublicClientAuth)
.WithAuthority(new Uri(authority), true)
.Build();
s_staticCache.Bind(publicApp.UserTokenCache);
authResult = await publicApp
.AcquireTokenByIntegratedWindowsAuth(scopes)
.ExecuteAsync(CancellationToken.None)
.ConfigureAwait(false);
break;
default:
throw new ArgumentOutOfRangeException();
}
return(authResult?.AccessToken);
}
