CreateProvider(IOAuthClientConfig config)
{
var authority = config.GetAuthorityUrl(true);
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
yield return(KeyValuePair.Create(config.Resource ?? Http.Resource.Platform,
(config, new AzureServiceTokenProvider(
"RunAs=Developer; DeveloperTool=VisualStudio", authority))));
}
yield return(KeyValuePair.Create(config.Resource ?? Http.Resource.Platform,
(config, new AzureServiceTokenProvider(
"RunAs=Developer; DeveloperTool=AzureCli", authority))));
}
/// <summary>
/// Helper to create provider
/// </summary>
/// <returns></returns>
private static KeyValuePair <string, (IOAuthClientConfig, AzureServiceTokenProvider)> CreateProvider(
IOAuthClientConfig config, ILogger logger)
{
var cs = $"RunAs=App;AppId={config.ClientId}";
if (!string.IsNullOrEmpty(config.TenantId))
{
cs += $";TenantId={config.TenantId}";
}
var provider = new AzureServiceTokenProvider(cs, config.GetAuthorityUrl(true));
logger.Information("Managed service identity {clientId} in {tenant} registered.",
config.ClientId, config.TenantId);
return(KeyValuePair.Create(config.Resource ?? Http.Resource.Platform, (config, provider)));
}
/// <summary>
/// Create public client
/// </summary>
/// <param name="user"></param>
/// <param name="config"></param>
/// <param name="redirectUri"></param>
/// <returns></returns>
private MsalConfidentialClientDecorator CreateConfidentialClientApplication(
ClaimsPrincipal user, IOAuthClientConfig config, string redirectUri = null)
{
var builder = ConfidentialClientApplicationBuilder.Create(config.ClientId);
if (redirectUri != null)
{
builder = builder.WithRedirectUri(redirectUri);
}
builder = builder
.WithClientSecret(config.ClientSecret)
.WithTenantId(config.TenantId)
// .WithHttpClientFactory(...)
.WithAuthority($"{config.GetAuthorityUrl()}/")
;
return(new MsalConfidentialClientDecorator(builder.Build(), _cache, config.ClientId,
user.GetObjectId()));
}
/// <summary>
/// Refresh access token
/// </summary>
/// <returns></returns>
private async Task <TokenResponse> RefreshUserAccessTokenAsync(string refreshToken,
IOAuthClientConfig config)
{
var client = Http.CreateClient("token_client");
var response = await client.RequestRefreshTokenAsync(new RefreshTokenRequest {
Address = config.GetAuthorityUrl(),
ClientId = config.ClientId,
ClientSecret = config.ClientSecret,
RefreshToken = refreshToken
});
if (!response.IsError)
{
await StoreTokenAsync(response.AccessToken, response.ExpiresIn,
response.RefreshToken);
}
else
{
_logger.Error("Error refreshing access token. Error = {error}",
response.Error);
}
return(response);
}
/// <summary>
/// Get domain
/// </summary>
/// <param name="config"></param>
/// <returns></returns>
public static string GetDomain(this IOAuthClientConfig config)
{
return(new Uri(config.GetAuthorityUrl()).DnsSafeHost);
}