From 2cda73386487016c34e05582dd94ffc4f09c0cdb Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Wed, 30 May 2018 15:23:27 -0700 Subject: [PATCH 1/6] Documentation updates --- README.md | 2 +- .../AzureServiceTokenProvider.cs | 4 ++-- .../AzureServiceTokenProviderFactory.cs | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 64a17d8b7b8f..22873f997f45 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ For a full list of packages available for download in this repository, please se ### Prerequisites: Install VS 2017 (Professional or higher) + VS2017 Update 1 (https://www.visualstudio.com/). - To know more about VS 2017 and it's project system (https://docs.microsoft.com/en-us/visualstudio/#pivot=workloads&panel=windows) + To know more about VS 2017 and its project system (https://docs.microsoft.com/en-us/visualstudio/#pivot=workloads&panel=windows) ### Directory Restructure Directory structure has been simplified and consolidated in fewer directories diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProvider.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProvider.cs index e6fa9494fddd..9237b574e3af 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProvider.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProvider.cs @@ -25,7 +25,7 @@ public class AzureServiceTokenProvider // List of potential token providers. private readonly List _potentialAccessTokenProviders; - // Ensures only one threads gets the token from the actual source. It is then cached, so other threads can get it from the cache. + // Ensures only one thread gets the token from the actual source. It is then cached, so other threads can get it from the cache. private static readonly SemaphoreSlim Semaphore = new SemaphoreSlim(1, 1); /// @@ -190,7 +190,7 @@ private async Task GetAccessTokenAsyncImpl(string authority, string reso } finally { - // Whichever way the try block exists, the semaphone must be released. + // Whichever way the try block exits, the semaphore must be released. Semaphore.Release(); } diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderFactory.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderFactory.cs index 33469bd6f329..8c78597d80b0 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderFactory.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderFactory.cs @@ -42,9 +42,9 @@ internal static NonInteractiveAzureServiceTokenProviderBase Create(string connec string runAs = connectionSettings[RunAs]; - // If RunAs=Developer if (string.Equals(runAs, Developer, StringComparison.OrdinalIgnoreCase)) { + // If RunAs=Developer ValidateAttribute(connectionSettings, DeveloperTool, connectionString); // And Dev Tool equals AzureCLI or VisualStudio @@ -71,7 +71,7 @@ internal static NonInteractiveAzureServiceTokenProviderBase Create(string connec } else if (string.Equals(runAs, App, StringComparison.OrdinalIgnoreCase)) { - // If AuthenticateAs=App + // If RunAs=App // If AppId key is present, use certificate or Client Secret based token provider if (connectionSettings.ContainsKey(AppId)) { From afb12f7d47531228631d3678ba5c5cc413d142f0 Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Wed, 30 May 2018 16:13:41 -0700 Subject: [PATCH 2/6] Updating MsiAccessTokenProvider to use IDMS endpoint for authentication --- .../TokenProviders/MsiAccessTokenProvider.cs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/MsiAccessTokenProvider.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/MsiAccessTokenProvider.cs index cbf37479ae8d..8e4205a441e5 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/MsiAccessTokenProvider.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/MsiAccessTokenProvider.cs @@ -19,8 +19,8 @@ internal class MsiAccessTokenProvider : NonInteractiveAzureServiceTokenProviderB // HttpClient is intended to be instantiated once and re-used throughout the life of an application. private static readonly HttpClient DefaultHttpClient = new HttpClient(); - // Default Azure VM MSI endpoint - private const string AzureVmMsiEndpoint = "http://localhost:50342/oauth2/token"; + // Azure Instance Metadata Service (IDMS) endpoint + private const string AzureVmIdmsEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token"; internal MsiAccessTokenProvider() { @@ -41,12 +41,10 @@ public override async Task GetTokenAsync(string resource, string authori string msiSecret = Environment.GetEnvironmentVariable("MSI_SECRET"); var isAppServicesMsiAvailable = !string.IsNullOrWhiteSpace(msiEndpoint) && !string.IsNullOrWhiteSpace(msiSecret); - string authorityParameter = string.IsNullOrEmpty(authority) ? string.Empty : $"&authority={authority}"; - // Craft request as per the MSI protocol var requestUrl = isAppServicesMsiAvailable ? $"{msiEndpoint}?resource={resource}&api-version=2017-09-01" - : $"{AzureVmMsiEndpoint}?resource={resource}{authorityParameter}"; + : $"{AzureVmIdmsEndpoint}?resource={resource}&api-version=2018-02-01"; // Use the httpClient specified in the constructor. If it was not specified in the constructor, use the default httpclient. HttpClient httpClient = _httpClient ?? DefaultHttpClient; @@ -61,7 +59,7 @@ public override async Task GetTokenAsync(string resource, string authori { request.Headers.Add("Metadata", "true"); } - + HttpResponseMessage response = await httpClient.SendAsync(request).ConfigureAwait(false); // If the response is successful, it should have JSON response with an access_token field From 980b335c575cec3e78c70804c34b919964cfff76 Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Tue, 5 Jun 2018 15:22:19 -0700 Subject: [PATCH 3/6] Adding Serializable attribute to AzureServiceTokenProviderException --- .../AzureServiceTokenProviderException.cs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderException.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderException.cs index bbfa5392168b..5e1eac8aec10 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderException.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/AzureServiceTokenProviderException.cs @@ -8,6 +8,9 @@ namespace Microsoft.Azure.Services.AppAuthentication /// /// Instance of this exception is thrown if access token cannot be acquired. /// +#if FullNetFx + [Serializable] +#endif public class AzureServiceTokenProviderException : Exception { internal const string MsiEndpointNotListening = "Unable to connect to the Managed Service Identity (MSI) endpoint. Please check that you are running on an Azure resource that has MSI setup."; @@ -37,7 +40,7 @@ public class AzureServiceTokenProviderException : Exception /// Authority for which token was expected. /// Reason why token could not be acquired. internal AzureServiceTokenProviderException(string connectionString, string resource, string authority, string message) : - base($"Parameters: Connectionstring: {connectionString ?? "[No connection string specified]"}, " + + base($"Parameters: Connection String: {connectionString ?? "[No connection string specified]"}, " + $"Resource: {resource}, Authority: {authority ?? "[No authority specified]"}. Exception Message: {message}") { } From dece2a3324924e6858f006e31359a8d376ef7b9e Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Thu, 7 Jun 2018 15:20:49 -0700 Subject: [PATCH 4/6] Bumping NuGet package version --- .../Microsoft.Azure.Services.AppAuthentication.csproj | 2 +- .../Properties/AssemblyInfo.cs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj index 5f0add070d5c..2e68bc9c3148 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj @@ -2,7 +2,7 @@ Microsoft.Azure.Services.AppAuthentication Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure. - 1.0.1 + 1.0.2 Microsoft.Azure.Services.AppAuthentication Azure Authentication AppAuthentication diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs index 5a09b1d3ecc4..b61d27fdac29 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs @@ -4,8 +4,8 @@ [assembly: AssemblyTitle("Microsoft.Azure.Services.AppAuthentication")] [assembly: AssemblyDescription("Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.")] -[assembly: AssemblyVersion("1.0.1.0")] -[assembly: AssemblyFileVersion("1.0.1.0")] +[assembly: AssemblyVersion("1.0.2.0")] +[assembly: AssemblyFileVersion("1.0.2.0")] [assembly: AssemblyCompany("Microsoft Corporation")] [assembly: AssemblyProduct("Microsoft Azure")] [assembly: AssemblyCopyright("Copyright (c) Microsoft Corporation. All rights reserved.")] From 64966da0588bec8c979c746bf499d16424ee73cd Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Thu, 7 Jun 2018 15:30:41 -0700 Subject: [PATCH 5/6] Adding release notes for 1.0.2 to project file --- .../Microsoft.Azure.Services.AppAuthentication.csproj | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj index 2e68bc9c3148..b69835a05a4e 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj @@ -9,7 +9,8 @@ From a7e8f1d31979ca209da4a4f52a7865e57563c986 Mon Sep 17 00:00:00 2001 From: Nick Brown Date: Tue, 12 Jun 2018 10:56:24 -0700 Subject: [PATCH 6/6] Bumping NuGet package version --- .../Microsoft.Azure.Services.AppAuthentication.csproj | 2 +- .../Properties/AssemblyInfo.cs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj index b69835a05a4e..eac5581978f5 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj @@ -2,7 +2,7 @@ Microsoft.Azure.Services.AppAuthentication Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure. - 1.0.2 + 1.0.3 Microsoft.Azure.Services.AppAuthentication Azure Authentication AppAuthentication diff --git a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs index b61d27fdac29..a8a0a8e22d82 100644 --- a/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs +++ b/src/SdkCommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs @@ -4,8 +4,8 @@ [assembly: AssemblyTitle("Microsoft.Azure.Services.AppAuthentication")] [assembly: AssemblyDescription("Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.")] -[assembly: AssemblyVersion("1.0.2.0")] -[assembly: AssemblyFileVersion("1.0.2.0")] +[assembly: AssemblyVersion("1.0.3.0")] +[assembly: AssemblyFileVersion("1.0.3.0")] [assembly: AssemblyCompany("Microsoft Corporation")] [assembly: AssemblyProduct("Microsoft Azure")] [assembly: AssemblyCopyright("Copyright (c) Microsoft Corporation. All rights reserved.")]