Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend TokenAcquisitionTokenCredential concept to support Tokens as App #1723

Closed
christopherabrooks opened this issue Apr 28, 2022 · 1 comment
Closed

Extend TokenAcquisitionTokenCredential concept to support Tokens as App #1723

christopherabrooks opened this issue Apr 28, 2022 · 1 comment
Labels
enhancement New feature or request feature request fixed
Milestone
1.25.0

Comments

@christopherabrooks
Copy link

Is your feature request related to a problem? Please describe.
When I call an Azure SDK from a project integrated with Microsoft.Identity.Web, I can use a simple pattern of providing a "token credential" object to the client constructor, and the rest is handled for me (in this case, the TokenAcquisitionTokenCredential. For example:

BlobClient blob = new BlobClient(new Uri(blobUrl), new TokenAcquisitionTokenCredential(_tokenAcquisition));

string blobContent = blob.DownloadContent().Value.Content.ToString();

This works great when I want to call the Azure SDK as the user who called my Web App.

But when I want to call the Azure SDK using the identity of the Web App itself, I don't have such a convenient mechanism available.

Describe the solution you'd like
I propose that we provide an additional "token credential" class that will request tokens using the web app's app identity. This would be almost identitical to the existing TokenAcquisitionTokenCredential class, but would leverage the already existing GetAuthenticationResultForAppAsync() method exposed by the ITokenContext interface.

Describe alternatives you've considered
One alternative approach might be to add a constructor parameter to the existing TokenAcquisitionTokenCredential class that signaled the instance to request tokens as the app.

Additional context
I have submitted a PR that encapsulates this proposal: #1722
@christopherabrooks christopherabrooks mentioned this issue Apr 28, 2022
Merged
@jmprieur jmprieur added the fixed label Apr 28, 2022
@jennyf19
Copy link
Collaborator

jennyf19 commented Jun 4, 2022

Included in 1.25.0 release

@jennyf19 jennyf19 closed this as completed Jun 4, 2022
@jennyf19 jennyf19 added this to the 1.25.0 milestone Jun 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request feature request fixed
Projects
None yet
Milestone
1.25.0
Development

No branches or pull requests
3 participants
@christopherabrooks @jmprieur @jennyf19