static AzureSession()
{
ClientFactory = new ClientFactory();
AuthenticationFactory = new AuthenticationFactory();
DataStore = new DiskDataStore();
AzureSession.OldProfileFile = "WindowsAzureProfile.xml";
AzureSession.OldProfileFileBackup = "WindowsAzureProfile.xml.bak";
AzureSession.ProfileDirectory = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
Resources.AzureDirectoryName);;
AzureSession.ProfileFile = "AzureProfile.json";
AzureSession.TokenCacheFile = "TokenCache.dat";
}
private const int StreamCutOffSize = 10 * 1024; //10KB
private static bool TryFindCertificatesInStore(string thumbprint,
System.Security.Cryptography.X509Certificates.StoreLocation location, out X509Certificate2Collection certificates)
{
X509Certificate2Collection found = null;
DiskDataStore.X509StoreWrapper(StoreName.My, location, (store) =>
{
store.Open(OpenFlags.ReadOnly);
found = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
});
certificates = found;
return(certificates != null && certificates.Count > 0);
}
/// <summary>
/// Host a new network server
/// </summary>
/// <param name="directory">Path server will save data to
/// <para>Example: @"C:\MyTemp\Embark\Server\"</para></param>
/// <param name="port">port to use, default set to 8030</param>
/// <param name="textConverter">Custom converter between objects and text.
/// <para>If parameter is NULL, the textConverter is set to default json converter.</para>
/// </param>
public Server(string directory, int port = 8030, ITextConverter textConverter = null)
{
if (textConverter == null)
{
textConverter = new JavascriptSerializerTextConverter();
}
var store = new DiskDataStore(directory);
var textRepository = new LocalRepository(store, textConverter);
Uri url = new Uri("http://localhost:" + port + "/embark/");
webHost = new WebServiceHost(textRepository, url);
}
static FileUtilities()
{
DataStore = new DiskDataStore();
}
public string GetAadAuthenticatedToken(AsAzureContext asAzureContext, SecureString password, PromptBehavior promptBehavior, string clientId, string resourceUri, Uri resourceRedirectUri)
#endif
{
var authUriBuilder = new UriBuilder((string)asAzureContext.Environment.Endpoints[AsAzureEnvironment.AsRolloutEndpoints.AdAuthorityBaseUrl]);
authUriBuilder.Path = string.IsNullOrEmpty(asAzureContext.Account.Tenant)
? "common"
: asAzureContext.Account.Tenant;
var authenticationContext = new AuthenticationContext(
authUriBuilder.ToString(),
AsAzureClientSession.TokenCache);
AuthenticationResult result = null;
string accountType = string.IsNullOrEmpty(asAzureContext.Account.Type) ? AsAzureAccount.AccountType.User : asAzureContext.Account.Type;
if (password == null && accountType == AsAzureAccount.AccountType.User)
{
if (asAzureContext.Account.Id != null)
{
#if NETSTANDARD
result = authenticationContext.AcquireTokenAsync(
resourceUri,
clientId,
resourceRedirectUri,
new PlatformParameters(),
new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId)).Result;
#else
result = authenticationContext.AcquireToken(
resourceUri,
clientId,
resourceRedirectUri,
promptBehavior,
new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId));
#endif
}
else
{
#if NETSTANDARD
result = authenticationContext.AcquireTokenAsync(
resourceUri,
clientId,
resourceRedirectUri,
new PlatformParameters()).Result;
#else
result = authenticationContext.AcquireToken(
resourceUri,
clientId,
resourceRedirectUri,
promptBehavior);
#endif
}
asAzureContext.Account.Id = result.UserInfo.DisplayableId;
asAzureContext.Account.Tenant = result.TenantId;
asAzureContext.Account.UniqueId = result.UserInfo.UniqueId;
}
else
{
if (accountType == AsAzureAccount.AccountType.User)
{
#if NETSTANDARD
//https://stackoverflow.com/a/39393039/294804
//https://github.com/AzureAD/azure-activedirectory-library-for-dotnet/issues/482
//https://github.com/Azure-Samples/active-directory-dotnet-deviceprofile/blob/5d5499d09c918ae837810d457822474df97600e9/DirSearcherClient/Program.cs#L206-L210
// Note: More robust implementation in UserTokenProvider.Netcore.cs in DoAcquireToken
DeviceCodeResult codeResult = authenticationContext.AcquireDeviceCodeAsync(resourceUri, clientId).Result;
promptAction(codeResult?.Message);
result = authenticationContext.AcquireTokenByDeviceCodeAsync(codeResult).Result;
#else
UserCredential userCredential = new UserCredential(asAzureContext.Account.Id, password);
result = authenticationContext.AcquireToken(resourceUri, clientId, userCredential);
#endif
asAzureContext.Account.Id = result.UserInfo.DisplayableId;
asAzureContext.Account.Tenant = result.TenantId;
asAzureContext.Account.UniqueId = result.UserInfo.UniqueId;
}
else if (accountType == AsAzureAccount.AccountType.ServicePrincipal)
{
if (string.IsNullOrEmpty(asAzureContext.Account.CertificateThumbprint))
{
#if NETSTANDARD
ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, ConversionUtilities.SecureStringToString(password));
result = authenticationContext.AcquireTokenAsync(resourceUri, credential).Result;
#else
ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, password);
result = authenticationContext.AcquireToken(resourceUri, credential);
#endif
}
else
{
DiskDataStore dataStore = new DiskDataStore();
var certificate = dataStore.GetCertificate(asAzureContext.Account.CertificateThumbprint);
if (certificate == null)
{
throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, asAzureContext.Account.CertificateThumbprint));
}
#if NETSTANDARD
result = authenticationContext.AcquireTokenAsync(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate)).Result;
#else
result = authenticationContext.AcquireToken(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate));
#endif
}
}
}
return(result?.AccessToken);
}
public string GetAadAuthenticatedToken(AsAzureContext asAzureContext, SecureString password, PromptBehavior promptBehavior, string clientId, string resourceUri, Uri resourceRedirectUri)
{
var authUriBuilder = new UriBuilder((string)asAzureContext.Environment.Endpoints[AsAzureEnvironment.AsRolloutEndpoints.AdAuthorityBaseUrl]);
authUriBuilder.Path = string.IsNullOrEmpty(asAzureContext.Account.Tenant)
? "common"
: asAzureContext.Account.Tenant;
var authenticationContext = new AuthenticationContext(
authUriBuilder.ToString(),
AsAzureClientSession.TokenCache);
AuthenticationResult result = null;
string accountType = string.IsNullOrEmpty(asAzureContext.Account.Type) ? AsAzureAccount.AccountType.User : asAzureContext.Account.Type;
if (password == null && accountType == AsAzureAccount.AccountType.User)
{
if (asAzureContext.Account.Id != null)
{
result = authenticationContext.AcquireToken(
resourceUri,
clientId,
resourceRedirectUri,
promptBehavior,
new UserIdentifier(asAzureContext.Account.Id, UserIdentifierType.OptionalDisplayableId));
}
else
{
result = authenticationContext.AcquireToken(
resourceUri,
clientId,
resourceRedirectUri,
promptBehavior);
}
asAzureContext.Account.Id = result.UserInfo.DisplayableId;
asAzureContext.Account.Tenant = result.TenantId;
asAzureContext.Account.UniqueId = result.UserInfo.UniqueId;
}
else
{
if (accountType == AsAzureAccount.AccountType.User)
{
UserCredential userCredential = new UserCredential(asAzureContext.Account.Id, password);
result = authenticationContext.AcquireToken(resourceUri, clientId, userCredential);
asAzureContext.Account.Id = result.UserInfo.DisplayableId;
asAzureContext.Account.Tenant = result.TenantId;
asAzureContext.Account.UniqueId = result.UserInfo.UniqueId;
}
else if (accountType == AsAzureAccount.AccountType.ServicePrincipal)
{
if (string.IsNullOrEmpty(asAzureContext.Account.CertificateThumbprint))
{
ClientCredential credential = new ClientCredential(asAzureContext.Account.Id, password);
result = authenticationContext.AcquireToken(resourceUri, credential);
}
else
{
DiskDataStore dataStore = new DiskDataStore();
var certificate = dataStore.GetCertificate(asAzureContext.Account.CertificateThumbprint);
if (certificate == null)
{
throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, asAzureContext.Account.CertificateThumbprint));
}
result = authenticationContext.AcquireToken(resourceUri, new ClientAssertionCertificate(asAzureContext.Account.Id, certificate));
}
}
}
return(result.AccessToken);
}
static ProfileClient()
{
DataStore = new DiskDataStore();
}
