/// <summary>
/// Creates an unauthenticated client using ADAL for authentication.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// Authentication requires the following to be initialized:
/// - ActiveDirectoryAppId
/// - ActiveDirectoryReturnUrl
/// To bypass using the Discovery Service for service endpoint lookup ActiveDirectoryServiceResource must also be set.
/// </param>
/// <param name="userId">The ID of the user to authenticate.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
public static IOneDriveClient GetClient(
BusinessAppConfig appConfig,
string userId = null,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
if (string.IsNullOrEmpty(appConfig.ActiveDirectoryReturnUrl))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "ActiveDirectoryReturnUrl is required for authenticating a business client.",
});
}
appConfig.ActiveDirectoryAuthenticationServiceUrl = BusinessClientExtensions.GetAuthenticationServiceUrl();
return(BusinessClientExtensions.GetClientInternal(
appConfig,
new AdalServiceInfoProvider()
{
UserSignInName = userId
},
credentialCache,
httpProvider));
}
/// <summary>
/// Creates an unauthenticated client using the ADAL app-only authentication flow.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// </param>
/// <param name="serviceEndpointBaseUrl">
/// The endpoint base URL for the service before. For example, "https://resource-my.sharepoint.com/"
/// or "https://resource-my.sharepoint.com/personal/site_id".
/// </param>
/// <param name="tenantId">The ID of the tenant to authenticate.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
internal static IOneDriveClient GetWebClientUsingAppOnlyAuthentication(
BusinessAppConfig appConfig,
string serviceEndpointBaseUrl,
string tenantId,
AdalCredentialCache credentialCache,
IHttpProvider httpProvider)
{
if (appConfig.ActiveDirectoryClientCertificate == null)
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "ActiveDirectoryClientCertificate is required for app-only authentication."
});
}
if (string.IsNullOrEmpty(serviceEndpointBaseUrl))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "Service endpoint base URL is required for app-only authentication."
});
}
if (string.IsNullOrEmpty(appConfig.ActiveDirectoryServiceResource))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "ActiveDirectoryServiceResource is required for app-only authentication."
});
}
if (string.IsNullOrEmpty(tenantId))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "Tenant ID is required for app-only authentication."
});
}
appConfig.ActiveDirectoryAuthenticationServiceUrl = BusinessClientExtensions.GetAuthenticationServiceUrl(tenantId);
appConfig.ActiveDirectoryServiceEndpointUrl = string.Format(
Constants.Authentication.OneDriveBusinessBaseUrlFormatString,
serviceEndpointBaseUrl.TrimEnd('/'),
"v2.0");
return(BusinessClientExtensions.GetClientInternal(
appConfig,
new AdalAppOnlyServiceInfoProvider(),
credentialCache,
httpProvider));
}
/// <summary>
/// Creates an authenticated client using the ADAL authentication by code flow.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// Web client authentication by code requires the following to be initialized:
/// - ActiveDirectoryAppId
/// - ActiveDirectoryClientCertificate or ActiveDirectoryClientSecret
/// - ActiveDirectoryReturnUrl
/// - ActiveDirectoryServiceResource
/// </param>
/// <param name="code">The authorization code to redeem for an authentication token.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
public static async Task <IOneDriveClient> GetAuthenticatedWebClientUsingAuthenticationByCodeAsync(
BusinessAppConfig appConfig,
string code,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
var client = BusinessClientExtensions.GetClientUsingAuthenticationByCode(
appConfig,
code,
credentialCache,
httpProvider);
await client.AuthenticateAsync();
return(client);
}
/// <summary>
/// Creates an unauthenticated client using ADAL for authentication.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// Authentication requires the following to be initialized:
/// - ActiveDirectoryAppId
/// - ActiveDirectoryReturnUrl
/// To bypass using the Discovery Service for service endpoint lookup ActiveDirectoryServiceResource must also be set.
/// </param>
/// <param name="userId">The ID of the user to authenticate.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
public static async Task <IOneDriveClient> GetAuthenticatedClientAsync(
BusinessAppConfig appConfig,
string userId = null,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
var client = BusinessClientExtensions.GetClient(
appConfig,
userId,
credentialCache,
httpProvider);
await client.AuthenticateAsync();
return(client);
}
/// <summary>
/// Creates an authenticated client from a refresh token using ADAL for authentication.
/// </summary>
/// <param name="appConfig">
/// The <see cref="AppConfig"/> for the application configuration.
/// Authentication requires the following to be initialized:
/// - ActiveDirectoryAppId
/// - ActiveDirectoryClientCertificate or ActiveDirectoryClientSecret
/// - ActiveDirectoryServiceResource
/// </param>
/// <param name="refreshToken">The refresh token to redeem for an access token.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
public static Task <IOneDriveClient> GetSilentlyAuthenticatedWebClientAsync(
BusinessAppConfig appConfig,
string refreshToken,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
if (appConfig.ActiveDirectoryClientCertificate == null && string.IsNullOrEmpty(appConfig.ActiveDirectoryClientSecret))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "Client certificate or client secret is required for authenticating a business web client.",
});
}
return(BusinessClientExtensions.GetSilentlyAuthenticatedClientAsync(appConfig, refreshToken, credentialCache, httpProvider));
}
/// <summary>
/// Creates an authenticated client using the ADAL app-only authentication flow.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// Web client app-only authentication requires the following to be initialized:
/// - ActiveDirectoryAppId
/// - ActiveDirectoryClientCertificate
/// - ActiveDirectoryReturnUrl
/// - ActiveDirectoryServiceResource
/// </param>
/// <param name="serviceEndpointBaseUrl">
/// The endpoint base URL for the service before. For example, "https://resource-my.sharepoint.com/"
/// or "https://resource-my.sharepoint.com/personal/site_id/".
/// </param>
/// <param name="tenantId">The ID of the tenant to authenticate.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
public static async Task <IOneDriveClient> GetAuthenticatedWebClientUsingAppOnlyAuthenticationAsync(
BusinessAppConfig appConfig,
string serviceEndpointBaseUrl,
string tenantId,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
var client = BusinessClientExtensions.GetWebClientUsingAppOnlyAuthentication(
appConfig,
serviceEndpointBaseUrl,
tenantId,
credentialCache,
httpProvider);
await client.AuthenticateAsync();
return(client);
}
/// <summary>
/// Creates an authenticated client using the ADAL authentication by code flow.
/// </summary>
/// <param name="appConfig">
/// The <see cref="BusinessAppConfig"/> for the application configuration.
/// </param>
/// <param name="code">The authorization code to redeem for an authentication token.</param>
/// <param name="credentialCache">The cache instance for storing user credentials.</param>
/// <param name="httpProvider">The <see cref="IHttpProvider"/> for sending HTTP requests.</param>
/// <returns>The <see cref="IOneDriveClient"/> for the session.</returns>
internal static IOneDriveClient GetClientUsingAuthenticationByCode(
BusinessAppConfig appConfig,
string code,
AdalCredentialCache credentialCache = null,
IHttpProvider httpProvider = null)
{
if (string.IsNullOrEmpty(appConfig.ActiveDirectoryServiceResource))
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "Service resource ID is required for authentication by code.",
});
}
appConfig.ActiveDirectoryAuthenticationServiceUrl = BusinessClientExtensions.GetAuthenticationServiceUrl();
return(BusinessClientExtensions.GetClientInternal(
appConfig,
new AdalAuthenticationByCodeServiceInfoProvider(code),
credentialCache,
httpProvider));
}
