-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(functions): Tokenprovider updated (#609)
- [ ] ~~New feature~~ - [ ] ~~Bug fix~~ - [x] High impact **Description of work:** The token-provider prevented the team for updating packages due to breaking changes in the packages used by the token-provider. **Testing:** - [ ] ~~Can be tested~~ - [ ] ~~Automatic tests created / updated~~ - [ ] ~~Local tests are passing~~ **Checklist:** - [ ] ~~Considered automated tests~~ - [ ] ~~Considered updating specification / documentation~~ - [ ] ~~Considered work items~~ - [ ] ~~Considered security~~ - [ ] ~~Performed developer testing~~ - [ ] ~~Checklist finalized / ready for review~~
- Loading branch information
Showing
4 changed files
with
28 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
72 changes: 25 additions & 47 deletions
72
...d/function/Fusion.Resources.Functions/Integration/Authentication/FunctionTokenProvider.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,58 +1,36 @@ | ||
using Microsoft.Extensions.Options; | ||
using Microsoft.IdentityModel.Clients.ActiveDirectory; | ||
using System.Threading.Tasks; | ||
using Microsoft.Identity.Client; | ||
|
||
namespace Fusion.Resources.Functions.Integration.Authentication | ||
namespace Fusion.Resources.Functions.Integration.Authentication; | ||
|
||
internal class FunctionTokenProvider : ITokenProvider | ||
{ | ||
private readonly IConfidentialClientApplication _app; | ||
|
||
internal class FunctionTokenProvider : ITokenProvider | ||
public FunctionTokenProvider(IOptions<AuthOptions> optionsAccessor) | ||
{ | ||
private readonly string clientid; | ||
private readonly string authority; | ||
private readonly string secret; | ||
private readonly TokenCache appTokenCache; | ||
|
||
static FunctionTokenProvider() | ||
{ | ||
LoggerCallbackHandler.UseDefaultLogging = false; | ||
} | ||
|
||
ClientCredential Credentials | ||
{ | ||
get | ||
{ | ||
return new ClientCredential(clientid, secret); | ||
} | ||
} | ||
|
||
public FunctionTokenProvider(IOptions<AuthOptions> optionsAccessor) | ||
{ | ||
var options = optionsAccessor.Value; | ||
|
||
authority = $"https://login.microsoftonline.com/{options.TenantId}"; | ||
clientid = options.ClientId; | ||
secret = options.Secret; | ||
|
||
appTokenCache = new TokenCache(); | ||
} | ||
|
||
public async Task<string> GetAppAccessToken() | ||
{ | ||
var authContext = new AuthenticationContext(authority, appTokenCache); | ||
var authenticationResult = await authContext.AcquireTokenAsync(clientid, Credentials); | ||
var options = optionsAccessor.Value; | ||
|
||
return authenticationResult.AccessToken; | ||
} | ||
|
||
public async Task<string> GetAppAccessToken(string resource) | ||
{ | ||
var authContext = new AuthenticationContext(authority, appTokenCache); | ||
var authenticationResult = await authContext.AcquireTokenAsync(resource, Credentials); | ||
_app = ConfidentialClientApplicationBuilder.Create(options.ClientId) | ||
.WithClientSecret(options.Secret) | ||
.WithAuthority(AzureCloudInstance.AzurePublic, options.TenantId) | ||
.Build(); | ||
} | ||
|
||
return authenticationResult.AccessToken; | ||
} | ||
public async Task<string> GetAppAccessToken() | ||
{ | ||
var scopes = new string[] { $"{_app.AppConfig.ClientId}/.default" }; | ||
var clientToken = await _app.AcquireTokenForClient(scopes).ExecuteAsync(); | ||
|
||
return clientToken.AccessToken; | ||
} | ||
|
||
public async Task<string> GetAppAccessToken(string resource) | ||
{ | ||
var scopes = new string[] { $"{resource}/.default" }; | ||
var clientToken = await _app.AcquireTokenForClient(scopes).ExecuteAsync(); | ||
|
||
return clientToken.AccessToken; | ||
} | ||
|
||
} | ||
} |
3 changes: 0 additions & 3 deletions
3
src/backend/function/Fusion.Resources.Functions/ServiceBus/QueueMessageProcessor.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters