Azure · praries880 · Dec 13, 2018 · Nov 30, 2018 · Dec 4, 2018 · Dec 6, 2018
diff --git a/authorization/msi-auth-token-provider-jar/pom.xml b/authorization/msi-auth-token-provider-jar/pom.xml
@@ -0,0 +1,122 @@
+<!--
+ Copyright (c) Microsoft Corporation. All rights reserved.
+ Licensed under the MIT License. See License.txt in the project root for
+ license information.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>com.microsoft.azure.msi_auth_token_provider</groupId>
+
+  <artifactId>azure-authentication-msi-token-provider</artifactId>
+  <packaging>jar</packaging>
+  <version>1.0.0-Beta-1</version>
+
+  <name>Azure Java Client MSI Authorization Token Provoider Library</name>
+  <description>This package contains the MSI token provider classes for Azure.</description>
+  <url>https://github.com/Azure/azure-sdk-for-java</url>
+
+  <licenses>
+    <license>
+      <name>The MIT License (MIT)</name>
+      <url>http://opensource.org/licenses/MIT</url>
+      <distribution>repo</distribution>
+    </license>
+  </licenses>
+
+      <scm>
+        <url>scm:git:https://github.com/Azure/azure-sdk-for-java</url>
+        <connection>scm:git:git@github.com:Azure/azure-sdk-for-java.git</connection>
+        <tag>HEAD</tag>
+    </scm>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <legal><![CDATA[[INFO] Any downloads listed may be third party software.  Microsoft grants you no rights for third party software.]]></legal>
+  </properties>
+
+  <developers>
+    <developer>
+      <id>microsoft</id>
+      <name>Microsoft</name>
+    </developer>
+  </developers>
+
+  <dependencies>
+      <dependency>
+          <groupId>junit</groupId>
+          <artifactId>junit</artifactId>
+          <scope>test</scope>
+          <version>4.12</version>
+      </dependency>
+  </dependencies>
+  <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>3.1.0</version>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+                            <addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
+                        </manifest>
+                    </archive>
+                </configuration>
+            </plugin>
+            <plugin>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <descriptorRefs>
+                        <descriptorRef>jar-with-dependencies</descriptorRef>
+                    </descriptorRefs>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>build-helper-maven-plugin</artifactId>
+                <version>3.0.0</version>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.1</version>
+                <configuration>
+                    <source>8</source>
+                    <target>8</target>
+                    <debug>true</debug>
+                    <optimize>true</optimize>
+                    <compilerArguments>
+                        <AaddGeneratedAnnotation>true</AaddGeneratedAnnotation>
+                        <Adebug>true</Adebug>
+                    </compilerArguments>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+                <version>2.8</version>
+                <configuration>
+                    <excludePackageNames>*.implementation.*;*.utils.*;com.microsoft.schemas._2003._10.serialization;*.blob.core.search</excludePackageNames>
+                    <bottom>
+                        <![CDATA[<code>
+                            /**
+                            <br />* Copyright (c) Microsoft Corporation. All rights reserved.
+                            <br />* Licensed under the MIT License. See License.txt in the project root for
+                            <br />* license information.
+                            <br />*/
+                        </code>]]>
+                    </bottom>
+                </configuration>
+            </plugin>
+        </plugins>
+  </build>
+</project>
diff --git a/authorization/msi-auth-token-provider-jar/readme.md b/authorization/msi-auth-token-provider-jar/readme.md
@@ -0,0 +1,68 @@
+# What is this?
+
+The "msi-auth-token-provider" jar is a library that enables :
+* Azure VMs and container instances and
+* Web Apps (funcitons included)
+Retrieve authentication tokens for syatem/user assigned [managed identities](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview).
+
+This is a light weight library that does not have many dependencies. 
+
+# Usage
+## Dependency
+Take a dependency on the jar in you pom file like follows
+```xml
+  <dependencies>
+      <dependency>
+          <groupId>com.microsoft.azure.msi_auth_token_provider</groupId>
+          <artifactId>azure-authentication-msi-token-provider</artifactId>
+          <version>1.0.0-beta</version>
+      </dependency>
+  </dependencies>
+```
+
+## Getting the token
+
+Add the folowing import statement to get in all the classes in the jar
+
+```java
+import com.microsoft.azure.msiAuthTokenProvider.*;
+```
+
+### Getting a token for system assigned identity
+Use the following code to get the auth token for System assigned identity :
+
+``` java
+...
+    MSICredentials credsProvider = MSICredentials.getMSICredentials();
+    MSIToken token = credsProvider.getToken(null);
+    String tokenValue = token.accessToken();
+...
+```
+
+### Getting a token for user assigned identity
+
+#### Using the client Id for the user assigned identity :
+Use the following code to get the auth token for an User assigned identity :
+```java
+...
+    MSICredentials credsProvider = MSICredentials.getMSICredentials();
+    credsProvider.updateClientId(clientId);
+    MSIToken token = credsProvider.getToken(null);
+    String tokenValue = token.accessToken();
+...            
+```
+
+Where `clientId` is retrieved from the User Assigned Identity (This is currently only supported from within the portal).
+
+#### Using the object Id for the user assigned identity :
+Use the following code to get the auth token for an User assigned identity :
+```java
+...
+    MSICredentials credsProvider = MSICredentials.getMSICredentials();
+    credsProvider.updateObjectId(objectId);
+    MSIToken token = credsProvider.getToken(null);
+    String tokenValue = token.accessToken();
+...            
+```
+
+Where `objectId` is retrieved from the User Assigned Identity (This is currently only supported from within the portal).
diff --git a/...r/src/main/java/com/microsoft/azure/msiAuthTokenProvider/AzureMSICredentialException.java b/...r/src/main/java/com/microsoft/azure/msiAuthTokenProvider/AzureMSICredentialException.java
@@ -0,0 +1,15 @@
+package com.microsoft.azure.msiAuthTokenProvider;
+
+public class AzureMSICredentialException extends Exception{
+    AzureMSICredentialException(String message) {
+        super(message);
+    }
+
+    AzureMSICredentialException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    AzureMSICredentialException(Throwable cause) {
+        super(cause);
+    }
+}
diff --git a/...src/main/java/com/microsoft/azure/msiAuthTokenProvider/MSIConfigurationForAppService.java b/...src/main/java/com/microsoft/azure/msiAuthTokenProvider/MSIConfigurationForAppService.java
@@ -0,0 +1,163 @@
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ */
+package com.microsoft.azure.msiAuthTokenProvider;
+
+/**
+ * Defines the configuration to be used for retrieving access token from
+ * within an app-service with system assigned MSI enabled.
+ */
+public class MSIConfigurationForAppService {
+    private final String managementEndpoint;
+    private String resource;
+    private String msiEndpoint;
+    private String msiSecret;
+    private String clientId;
+    private String objectId;
+
+    /**
+     * Creates MSIConfigurationForAppService.
+     *
+     * @param managementEndpoint azure management endpoint
+     */
+    public MSIConfigurationForAppService(String managementEndpoint) {
+        this.managementEndpoint = managementEndpoint;
+    }
+
+    /**
+     * Creates MSIConfigurationForAppService.
+     */
+    public MSIConfigurationForAppService() {
+        this(MSICredentials.DEFAULT_AZURE_MANAGEMENT_ENDPOINT);
+    }
+
+    /**
+     * @return the azure management Endpoint.
+     */
+    public String managementEndpoint() {
+        return this.managementEndpoint;
+    }
+
+    /**
+     * @return the audience identifying who will consume the token.
+     */
+    public String resource() {
+        if (this.resource == null) {
+            this.resource = this.managementEndpoint;
+        }
+        return this.resource;
+    }
+
+    /**
+     * @return the endpoint from which token needs to be retrieved.
+     */
+    public String msiEndpoint() {
+        if (this.msiEndpoint == null) {
+            this.msiEndpoint = System.getenv("MSI_ENDPOINT");
+        }
+        return this.msiEndpoint;
+    }
+
+    /**
+     * @return the secret to use to retrieve the token.
+     */
+    public String msiSecret() {
+        if (this.msiSecret == null) {
+            this.msiSecret = System.getenv("MSI_SECRET");
+        }
+        return this.msiSecret;
+    }
+
+    /**
+     * @return the object id
+     */
+    public String msiObjectId() {
+        return this.objectId;
+    }
+
+    /**
+     * @return the client id
+     */
+    public String msiClientId() {
+        return this.clientId;
+    }
+
+    /**
+     * Specifies the token audience.
+     *
+     * @param resource the audience of the token.
+     *
+     * @return MSIConfigurationForAppService
+     */
+    public MSIConfigurationForAppService withResource(String resource) {
+        this.resource = resource;
+        return this;
+    }
+
+    /**
+     * Specifies the endpoint from which token needs to retrieved.
+     *
+     * @param msiEndpoint the token endpoint.
+     *
+     * @return MSIConfigurationForAppService
+     */
+    public MSIConfigurationForAppService withMsiEndpoint(String msiEndpoint) {
+        this.msiEndpoint = msiEndpoint;
+        return this;
+    }
+
+    /**
+     * Specify the client Id (to be used or user assigned identities)
+     * @param clientId the client ID fot eh user assigned identity
+     * @return MSIConfigurationForAppService
+     */
+    public MSIConfigurationForAppService withClientId(String clientId) {
+        this.clientId = clientId;
+        return this;
+    }
+
+    /**
+     * Specify the object Id (to be used or user assigned identities)
+     * @param objectId the object ID fot eh user assigned identity
+     * @return MSIConfigurationForAppService
+     */
+    public MSIConfigurationForAppService withObjectId(String objectId) {
+        this.objectId = objectId;
+        return this;
+    }
+
+    /**
+     * Specifies secret to use to retrieve the token.
+     *
+     * @param msiSecret the secret.
+     *
+     * @return MSIConfigurationForAppService
+     */
+    public MSIConfigurationForAppService withMsiSecret(String msiSecret) {
+        this.msiSecret = msiSecret;
+        return this;
+    }
+
+    @Override
+    public MSIConfigurationForAppService clone() {
+        MSIConfigurationForAppService copy = new MSIConfigurationForAppService(this.managementEndpoint);
+        if (this.resource() != null) {
+            copy.withResource(this.resource());
+        }
+        if (this.msiEndpoint() != null) {
+            copy.withMsiEndpoint(this.msiEndpoint());
+        }
+        if (this.msiSecret() != null) {
+            copy.withMsiSecret(this.msiSecret());
+        }
+        if (this.msiClientId() != null) {
+            copy.withClientId(this.msiClientId());
+        }
+        if (this.msiObjectId() != null) {
+            copy.withObjectId(this.msiObjectId());
+        }
+        return copy;
+    }
+}