private async Task <string> AuthenticationCallbackAsync(string authority, string resource, string scope) { if (_authResult != null) { return(_authResult.AccessToken); } var authContext = new AuthenticationContext(authority, keyVaultTokenCache); AuthenticationResult authResult; switch (_config.AuthType) { case KeyVaultAuthenticationType.ClientCertificate: if (_assertionCert == null) { var cert = CertificateHelper.FindCertificateByThumbprint(_config.CertThumbprint); if (cert == null) { throw new InvalidOperationException( "Test setup error - cannot find a certificate in the My store for KeyVault. This is available for Microsoft employees only."); } _assertionCert = new ClientAssertionCertificate(_config.ClientId, cert); } authResult = await authContext.AcquireTokenAsync(resource, _assertionCert).ConfigureAwait(false); break; case KeyVaultAuthenticationType.ClientSecret: ClientCredential cred = new ClientCredential(_config.ClientId, _config.KeyVaultSecret); authResult = await authContext.AcquireTokenAsync(resource, cred).ConfigureAwait(false); break; case KeyVaultAuthenticationType.UserCredential: authResult = await authContext.AcquireTokenAsync(resource, _config.ClientId, new UserCredential()).ConfigureAwait(false); break; default: throw new ArgumentOutOfRangeException(); } _authResult = authResult; return(authResult?.AccessToken); }
public static async Task <string> GetLabAccessTokenAsync(string authority, string[] scopes, LabAccessAuthenticationType authType, string clientId, string certThumbprint, string clientSecret) { AuthenticationResult authResult; IConfidentialClientApplication confidentialApp; X509Certificate2 cert; switch (authType) { case LabAccessAuthenticationType.ClientCertificate: var clientIdForCertAuth = String.IsNullOrEmpty(clientId) ? LabAccessConfidentialClientId : clientId; var certThumbprintForLab = String.IsNullOrEmpty(clientId) ? LabAccessThumbPrint : certThumbprint; cert = CertificateHelper.FindCertificateByThumbprint(certThumbprintForLab); if (cert == null) { throw new InvalidOperationException( "Test setup error - cannot find a certificate in the My store for KeyVault. This is available for Microsoft employees only."); } confidentialApp = ConfidentialClientApplicationBuilder .Create(clientIdForCertAuth) .WithAuthority(new Uri(authority), true) .WithCertificate(cert) .Build(); s_staticCache.Bind(confidentialApp.AppTokenCache); authResult = await confidentialApp .AcquireTokenForClient(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; case LabAccessAuthenticationType.ClientSecret: var clientIdForSecretAuth = String.IsNullOrEmpty(clientId) ? LabAccessConfidentialClientId : clientId; var clientSecretForLab = String.IsNullOrEmpty(clientId) ? s_secret : clientSecret; confidentialApp = ConfidentialClientApplicationBuilder .Create(clientIdForSecretAuth) .WithAuthority(new Uri(authority), true) .WithClientSecret(clientSecretForLab) .Build(); s_staticCache.Bind(confidentialApp.AppTokenCache); authResult = await confidentialApp .AcquireTokenForClient(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; case LabAccessAuthenticationType.UserCredential: var clientIdForPublicClientAuth = String.IsNullOrEmpty(clientId) ? LabAccessPublicClientId : clientId; var publicApp = PublicClientApplicationBuilder .Create(clientIdForPublicClientAuth) .WithAuthority(new Uri(authority), true) .Build(); s_staticCache.Bind(publicApp.UserTokenCache); authResult = await publicApp .AcquireTokenByIntegratedWindowsAuth(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; default: throw new ArgumentOutOfRangeException(); } return(authResult?.AccessToken); }
private async Task <string> AuthenticationCallbackAsync(string authority, string resource, string scope) { if (_authResult != null) { return(_authResult.AccessToken); } var scopes = new[] { resource + "/.default" }; AuthenticationResult authResult; IConfidentialClientApplication confidentialApp; X509Certificate2 cert; switch (_config.AuthType) { case KeyVaultAuthenticationType.ClientCertificate: cert = CertificateHelper.FindCertificateByThumbprint(_config.CertThumbprint); if (cert == null) { throw new InvalidOperationException( "Test setup error - cannot find a certificate in the My store for KeyVault. This is available for Microsoft employees only."); } confidentialApp = ConfidentialClientApplicationBuilder .Create(KeyVaultConfidentialClientId) .WithAuthority(new Uri(authority), true) .WithCertificate(cert) .Build(); authResult = await confidentialApp .AcquireTokenForClient(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; case KeyVaultAuthenticationType.ClientSecret: confidentialApp = ConfidentialClientApplicationBuilder .Create(KeyVaultConfidentialClientId) .WithAuthority(new Uri(authority), true) .WithClientSecret(_config.KeyVaultSecret) .Build(); authResult = await confidentialApp .AcquireTokenForClient(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; case KeyVaultAuthenticationType.UserCredential: var publicApp = PublicClientApplicationBuilder .Create(KeyVaultPublicClientId) .WithAuthority(new Uri(authority), true) .Build(); authResult = await publicApp .AcquireTokenByIntegratedWindowsAuth(scopes) .ExecuteAsync(CancellationToken.None) .ConfigureAwait(false); break; default: throw new ArgumentOutOfRangeException(); } _authResult = authResult; return(authResult?.AccessToken); }