dnxcore50 build for cmdlet base projects

Author: markcowl

src/CLU/Microsoft.WindowsAzure.Commands.Common.sln renamed to src/CLU/CLUCoreCLR.sln

@@ -5,6 +5,8 @@ VisualStudioVersion = 14.0.23107.0
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Microsoft.WindowsAzure.Commands.Common", "Microsoft.WindowsAzure.Commands.Common\Microsoft.WindowsAzure.Commands.Common.xproj", "{5F567ACA-595E-436D-83DB-A21E08F82DF6}"
 EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Commands.Common.Authentication", "Commands.Common.Authentication\Commands.Common.Authentication.xproj", "{4CE82310-D016-497D-93A0-0323A3E62064}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -15,6 +17,10 @@ Global
 		{5F567ACA-595E-436D-83DB-A21E08F82DF6}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{5F567ACA-595E-436D-83DB-A21E08F82DF6}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{5F567ACA-595E-436D-83DB-A21E08F82DF6}.Release|Any CPU.Build.0 = Release|Any CPU
+		{4CE82310-D016-497D-93A0-0323A3E62064}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{4CE82310-D016-497D-93A0-0323A3E62064}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{4CE82310-D016-497D-93A0-0323A3E62064}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{4CE82310-D016-497D-93A0-0323A3E62064}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

src/CLU/Commands.Common.Authentication/Authentication/AadAuthenticationException.cs

@@ -0,0 +1,94 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System;
+
+namespace Microsoft.Azure.Common.Authentication
+{
+    /// <summary>
+    /// Base class representing an exception that occurs when
+    /// authenticating against Azure Active Directory
+    /// </summary>
+    //[Serializable]
+    public abstract class AadAuthenticationException : Exception
+    {
+        protected AadAuthenticationException()
+        {
+        }
+
+        protected AadAuthenticationException(string message) : base(message)
+        {
+        }
+
+        protected AadAuthenticationException(string message, Exception innerException) : base(message, innerException)
+        {
+        }
+    }
+
+    /// <summary>
+    /// Exception that gets thrown when the user explicitly
+    /// cancels an authentication operation.
+    /// </summary>
+    //[Serializable]
+    public class AadAuthenticationCanceledException : AadAuthenticationException
+    {
+        public AadAuthenticationCanceledException(string message, Exception innerException) : base(message, innerException)
+        {
+        }
+    }
+
+    /// <summary>
+    /// Exception that gets thrown when the ADAL library
+    /// is unable to authenticate without a popup dialog.
+    /// </summary>
+    //[Serializable]
+    public class AadAuthenticationFailedWithoutPopupException : AadAuthenticationException
+    {
+        public AadAuthenticationFailedWithoutPopupException(string message, Exception innerException)
+            : base(message, innerException)
+        {
+        }
+    }
+
+    /// <summary>
+    /// Exception that gets thrown if an authentication operation
+    /// fails on the server.
+    /// </summary>
+    //[Serializable]
+    public class AadAuthenticationFailedException : AadAuthenticationException
+    {
+        public AadAuthenticationFailedException(string message, Exception innerException) : base(message, innerException)
+        {
+        }
+    }
+
+    /// <summary>
+    /// Exception thrown if a refresh token has expired.
+    /// </summary>
+    //[Serializable]
+    public class AadAuthenticationCantRenewException : AadAuthenticationException
+    {
+        public AadAuthenticationCantRenewException()
+        {
+        }
+
+        public AadAuthenticationCantRenewException(string message) : base(message)
+        {
+        }
+
+        public AadAuthenticationCantRenewException(string message, Exception innerException) : base(message, innerException)
+        {
+        }
+    }
+}

src/CLU/Commands.Common.Authentication/Authentication/AccessTokenCredential.cs

@@ -0,0 +1,51 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Rest;
+using System;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace Microsoft.Azure.Common.Authentication
+{
+    public class AccessTokenCredential : ServiceClientCredentials
+    {
+        private readonly Guid subscriptionId;
+        private readonly IAccessToken token;
+
+        public AccessTokenCredential(Guid subscriptionId, IAccessToken token)
+        {
+            this.subscriptionId = subscriptionId;
+            this.token = token;
+            this.TenantID = token.TenantId;
+        }
+        
+        public override Task ProcessHttpRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
+        {
+            token.AuthorizeRequest((tokenType, tokenValue) => {
+                request.Headers.Authorization = new AuthenticationHeaderValue(tokenType, tokenValue);
+            });
+            return base.ProcessHttpRequestAsync(request, cancellationToken);
+        }
+
+        public string SubscriptionId
+        {
+            get { return subscriptionId.ToString(); }
+        }
+
+        public string TenantID { get; set; }
+    }
+}

src/CLU/Commands.Common.Authentication/Authentication/AdalConfiguration.cs

@@ -0,0 +1,63 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.IdentityModel.Clients.ActiveDirectory;
+using System;
+
+namespace Microsoft.Azure.Common.Authentication
+{
+    /// <summary>
+    /// Class storing the configuration information needed
+    /// for ADAL to request token from the right AD tenant
+    /// depending on environment.
+    /// </summary>
+    public class AdalConfiguration
+    {
+        //
+        // These constants define the default values to use for AD authentication
+        // against RDFE
+        //
+        public const string PowerShellClientId = "1950a258-227b-4e31-a9cf-717495945fc2";          
+
+        public static readonly Uri PowerShellRedirectUri = new Uri("urn:ietf:wg:oauth:2.0:oob");
+
+        // ID for site to pass to enable EBD (email-based differentiation)
+        // This gets passed in the call to get the azure branding on the
+        // login window. Also adding popup flag to handle overly large login windows.
+        public const string EnableEbdMagicCookie = "site_id=501358&display=popup";
+
+        public string AdEndpoint { get;set; }
+
+        public bool ValidateAuthority { get; set; }
+
+        public string AdDomain { get; set; }
+
+        public string ClientId { get; set; }
+
+        public Uri ClientRedirectUri { get; set; }
+
+        public string ResourceClientUri { get; set; }
+
+        public TokenCache TokenCache { get; set; }
+
+        public AdalConfiguration()
+        {
+            ClientId = PowerShellClientId;
+            ClientRedirectUri = PowerShellRedirectUri;
+            ValidateAuthority = true;
+            AdEndpoint = string.Empty;
+            ResourceClientUri = "https://management.core.windows.net/";
+        }
+    }
+}

src/CLU/Commands.Common.Authentication/Authentication/AdalTokenProvider.cs

@@ -0,0 +1,71 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Common.Authentication.Models;
+using Microsoft.Azure.Common.Authentication.Properties;
+using System;
+
+namespace Microsoft.Azure.Common.Authentication
+{
+    /// <summary>
+    /// A token provider that uses ADAL to retrieve
+    /// tokens from Azure Active Directory
+    /// </summary>
+    public class AdalTokenProvider : ITokenProvider
+    {
+        private readonly ITokenProvider userTokenProvider;
+        private readonly ITokenProvider servicePrincipalTokenProvider;
+
+        public AdalTokenProvider()
+        {
+            this.userTokenProvider = new UserTokenProvider();
+            this.servicePrincipalTokenProvider = new ServicePrincipalTokenProvider();
+        }
+
+        public IAccessToken GetAccessToken(
+            AdalConfiguration config, 
+            ShowDialog promptBehavior, 
+            string userId, 
+            string password,
+            AzureAccount.AccountType credentialType)
+        {
+            switch (credentialType)
+            {
+                case AzureAccount.AccountType.User:
+                    return userTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType);
+                case AzureAccount.AccountType.ServicePrincipal:
+                    return servicePrincipalTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType);
+                default:
+                    throw new ArgumentException(Resources.UnknownCredentialType, "credentialType");
+            }
+        }
+
+        public IAccessToken GetAccessTokenWithCertificate(
+            AdalConfiguration config, 
+            string clientId, 
+            string certificate, 
+            string certificatePassword,
+            AzureAccount.AccountType credentialType)
+        {
+            switch (credentialType)
+            {
+                case AzureAccount.AccountType.ServicePrincipal:
+                    return servicePrincipalTokenProvider.GetAccessTokenWithCertificate(
+                        config, clientId, certificate, certificatePassword, credentialType);
+                default:
+                    throw new ArgumentException(string.Format(Resources.UnsupportedCredentialType, credentialType), "credentialType");
+            }
+        }
+    }
+}

src/CLU/Commands.Common.Authentication/Authentication/CertificateApplicationCredentialProvider.cs

@@ -0,0 +1,69 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System;
+using Microsoft.IdentityModel.Clients.ActiveDirectory;
+using Microsoft.Rest.Azure.Authentication;
+using System.Security;
+using System.Security.Cryptography.X509Certificates;
+using System.Threading.Tasks;
+
+namespace Microsoft.Azure.Common.Authentication
+{
+    /// <summary>
+    /// Interface to the certificate store for authentication
+    /// </summary>
+    internal sealed class CertificateApplicationCredentialProvider : IApplicationAuthenticationProvider
+    {
+        private string _certificateThumbprint;
+        private string _certificatePassword;
+        private Func<string, byte[]> _certificateMap;
+
+        /// <summary>
+        /// Create a certificate provider
+        /// </summary>
+        /// <param name="certificateThumbprint"></param>
+        /// <param name="certificatePassword"></param>
+        /// <param name="certificateMap"></param>
+        public CertificateApplicationCredentialProvider(string certificateThumbprint, string certificatePassword, Func<string, byte[]> certificateMap )
+        {
+            this._certificateThumbprint = certificateThumbprint;
+            this._certificatePassword = certificatePassword;
+            _certificateMap = certificateMap;
+        }
+        
+        /// <summary>
+        /// Authenticate using certificate thumbprint from the datastore 
+        /// </summary>
+        /// <param name="clientId">The active directory client id for the application.</param>
+        /// <param name="audience">The intended audience for authentication</param>
+        /// <param name="context">The AD AuthenticationContext to use</param>
+        /// <returns></returns>
+        public async Task<AuthenticationResult> AuthenticateAsync(
+            string clientId, 
+            string audience, 
+            AuthenticationContext context)
+        {
+            var task = new Task<byte[]>(() =>
+            {
+                return  _certificateMap(this._certificateThumbprint);
+            });
+            task.Start();
+            var certificate = await task.ConfigureAwait(false);
+            return await context.AcquireTokenAsync(
+                audience,
+                new ClientAssertionCertificate(clientId, certificate, this._certificatePassword));
+        }
+    }
+}