-
Notifications
You must be signed in to change notification settings - Fork 5.2k
Add sample for auxiliary header #35097
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
4c1b92d
Add sample for auxiliary header
HarveyLink 3bb8060
Fix for comments
HarveyLink 89afcce
Update Sample4_MultiTenant.md
HarveyLink aca0ab4
Update for comments
HarveyLink 59933e0
Update Sample4_MultiTenant.md
HarveyLink ab16423
Update sdk/resourcemanager/Azure.ResourceManager/tests/Samples/Sample…
HarveyLink d13feb4
Update Sample4_MultiTenant.md
HarveyLink File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
62 changes: 62 additions & 0 deletions
62
sdk/resourcemanager/Azure.ResourceManager/samples/Sample4_MultiTenant.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| Example: Authenticate across tenants | ||
| -------------------------------------- | ||
| For this example, you need the following namespaces: | ||
| ```C# Snippet:MultiTenant_Namespaces | ||
| using System; | ||
| using System.Threading.Tasks; | ||
| using Azure.Core; | ||
| using Azure.Identity; | ||
| ``` | ||
|
|
||
| In order to test for multi-tenant, you will need to setup a service principal for another tenant. | ||
| 1. Enable multi tenant on your SPN. | ||
| 2. Add the redirect URL under the web (not single page application), e.g. https://www.microsoft.com | ||
| 3. Using following link to add SPN to tenant2: | ||
| https://login.microsoftonline.com/<Tenant2_ID>/oauth2/authorize?client_id=<Client_ID>&response_type=code&redirect_uri=https%3A%2F%2Fwww.microsoft.com%2F | ||
| 4. Give enough permission for the SPN in both tenants/subscriptions. | ||
| 5. Set related environment variables to your machine. | ||
|
|
||
| ***Create a pipeline policy*** | ||
|
|
||
| ```C# Snippet:Sample_Header_Policy | ||
| public class AuxiliaryPoilcy : HttpPipelineSynchronousPolicy | ||
| { | ||
| private static string AUTHORIZATION_AUXILIARY_HEADER = "x-ms-authorization-auxiliary"; | ||
| string _token; | ||
|
|
||
| public AuxiliaryPoilcy(string token) | ||
| { | ||
| _token = token; | ||
| } | ||
|
|
||
| public override void OnSendingRequest(HttpMessage message) | ||
| { | ||
| string token = "Bearer " + _token; | ||
| if (!message.Request.Headers.TryGetValue(AUTHORIZATION_AUXILIARY_HEADER, out _)) | ||
| { | ||
| message.Request.Headers.Add(AUTHORIZATION_AUXILIARY_HEADER, token); | ||
| } | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| ***Authenticate the client and add token to the header*** | ||
|
|
||
| ```C# Snippet:Enable_Cross_Tenant_Authentication | ||
| string clientId = Environment.GetEnvironmentVariable("CLIENT_ID"); | ||
| string clientSecret = Environment.GetEnvironmentVariable("CLIENT_SECRET"); | ||
| string tenantId01 = Environment.GetEnvironmentVariable("TENANT_ID_01"); | ||
| string tenantId02 = Environment.GetEnvironmentVariable("TENANT_ID_02"); | ||
| string subscriptionId01 = Environment.GetEnvironmentVariable("SUBSCRIPTION_ID_01"); | ||
|
|
||
| // Prepare client and policy for tenant01 | ||
| ClientSecretCredential credForTenant01 = new ClientSecretCredential(tenantId01, clientId, clientSecret); | ||
| ClientSecretCredential credForTenant02 = new ClientSecretCredential(tenantId02, clientId, clientSecret); | ||
|
|
||
| string token = (await credForTenant02.GetTokenAsync(new Azure.Core.TokenRequestContext( | ||
| new[] { "https://management.azure.com/.default" }))).Token; | ||
| ArmClientOptions options = new ArmClientOptions(); | ||
| AuxiliaryPoilcy headerPolicy = new AuxiliaryPoilcy(token); | ||
| options.AddPolicy(headerPolicy, HttpPipelinePosition.PerCall); | ||
| ArmClient client = new ArmClient(credForTenant01, subscriptionId01, options); | ||
| ``` | ||
27 changes: 27 additions & 0 deletions
27
sdk/resourcemanager/Azure.ResourceManager/tests/Samples/AuxiliaryPoilcy.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| using Azure.Core; | ||
| using Azure.Core.Pipeline; | ||
|
|
||
| namespace Azure.ResourceManager.Tests.Samples | ||
| { | ||
| #region Snippet:Sample_Header_Policy | ||
| public class AuxiliaryPoilcy : HttpPipelineSynchronousPolicy | ||
|
HarveyLink marked this conversation as resolved.
Outdated
|
||
| { | ||
| private static string AUTHORIZATION_AUXILIARY_HEADER = "x-ms-authorization-auxiliary"; | ||
| string _token; | ||
|
|
||
| public AuxiliaryPoilcy(string token) | ||
| { | ||
| _token = token; | ||
| } | ||
|
|
||
| public override void OnSendingRequest(HttpMessage message) | ||
| { | ||
| string token = "Bearer " + _token; | ||
| if (!message.Request.Headers.TryGetValue(AUTHORIZATION_AUXILIARY_HEADER, out _)) | ||
|
HarveyLink marked this conversation as resolved.
|
||
| { | ||
| message.Request.Headers.Add(AUTHORIZATION_AUXILIARY_HEADER, token); | ||
| } | ||
| } | ||
| } | ||
| #endregion | ||
| } | ||
37 changes: 37 additions & 0 deletions
37
sdk/resourcemanager/Azure.ResourceManager/tests/Samples/Sample4_MultiTenant.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| #region Snippet:MultiTenant_Namespaces | ||
| using System; | ||
| using System.Threading.Tasks; | ||
| using Azure.Core; | ||
| using Azure.Identity; | ||
| #endregion | ||
| using NUnit.Framework; | ||
|
|
||
| namespace Azure.ResourceManager.Tests.Samples | ||
| { | ||
| public class Sample4_MultiTenant | ||
| { | ||
| [Test] | ||
| [Ignore("Only verifying that the sample builds")] | ||
| public async Task EnableCrossTenantAuthentication() | ||
| { | ||
| #region Snippet:Enable_Cross_Tenant_Authentication | ||
| string clientId = Environment.GetEnvironmentVariable("CLIENT_ID"); | ||
| string clientSecret = Environment.GetEnvironmentVariable("CLIENT_SECRET"); | ||
| string tenantId01 = Environment.GetEnvironmentVariable("TENANT_ID_01"); | ||
| string tenantId02 = Environment.GetEnvironmentVariable("TENANT_ID_02"); | ||
| string subscriptionId01 = Environment.GetEnvironmentVariable("SUBSCRIPTION_ID_01"); | ||
|
|
||
| // Prepare client and policy for tenant01 | ||
| ClientSecretCredential credForTenant01 = new ClientSecretCredential(tenantId01, clientId, clientSecret); | ||
| ClientSecretCredential credForTenant02 = new ClientSecretCredential(tenantId02, clientId, clientSecret); | ||
|
HarveyLink marked this conversation as resolved.
Outdated
|
||
|
|
||
| string token = (await credForTenant02.GetTokenAsync(new Azure.Core.TokenRequestContext( | ||
|
HarveyLink marked this conversation as resolved.
Outdated
|
||
| new[] { "https://management.azure.com/.default" }))).Token; | ||
|
HarveyLink marked this conversation as resolved.
Outdated
|
||
| ArmClientOptions options = new ArmClientOptions(); | ||
| AuxiliaryPoilcy headerPolicy = new AuxiliaryPoilcy(token); | ||
| options.AddPolicy(headerPolicy, HttpPipelinePosition.PerCall); | ||
| ArmClient client = new ArmClient(credForTenant01, subscriptionId01, options); | ||
| #endregion | ||
| } | ||
| } | ||
| } | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.