Trying to build a .NET core 1.1 console app with AAD using Microsoft.IdentityModel.Clients.ActiveDirectory (3.13.8).
I'm trying to use AcquireTokenAsync to auth like this
var authParam = new PlatformParameters(PromptBehavior.Auto);
var result = context.AcquireTokenAsync("https://management.core.windows.net/", clientId, new Uri("https://localhost/"), authParam);
result.Wait();
However I Intellisense underlines PromptBehavior and tells me that The name 'PromptBehavior' does not exist in the current context. I also cannot build due to this error.
Not sure how to proceed.
PromptBehavior, and the flows which use it, are not defined for .NET Core, only for full .NET: https://learn.microsoft.com/en-us/active-directory/adal/microsoft.identitymodel.clients.activedirectory.promptbehavior
Related
When I am using same development keys and private rsa key in sample app provided by docusign then that is working. But when using same keys in my application is shows below error while creating envelope.
Sample app has docusign.esign.dll 4.1.1 and in my case its docusign.esign.dll 5.0.0.
Anything I am missing while calling CreateEnvelope or is there any configuration issue?
I can't see the code you used to obtain accessToken, but you should ensure that you provided the correct information and the same environment (account-d vs. account.docusign.com).
Also, you create a new Configuration() object called config, but then use _configuration in the code I can use. This is a bit odd. I wonder if you set the BaseUrl correctly for the _configuration object you did use.
Also, you need to pass the config object when to the API so that it is used.
Is there a way to set the default application version in azure batch account using java sdk?
The sample script that they have in the git does not show how to set the default version(https://github.com/Azure-Samples/batch-java-manage-batch-accounts/blob/master/src/main/java/com/microsoft/azure/management/batch/samples/ManageBatchAccount.java).
Also I was trying to dig in the interface(https://github.com/Azure/azure-libraries-for-java/blob/master/azure-mgmt-batch/src/main/java/com/microsoft/azure/management/batch/Application.java) to get some clues but couldn't see anything that supports updating the default version.
UPDATE:
I was able to get the version update working following #brklein suggestion:
BatchApplication batchApplication = batchAccount.applications().get(applicationName)
ApplicationTokenCredentials credentials = new ApplicationTokenCredentials(applicationId, tenantId, appSecret, AzureEnvironment.AZURE)
BatchManager batchManager = BatchManager.authenticate(credentials, subscriptionId)
ApplicationsInner applicationsInner = batchManager.inner().applications()
ApplicationUpdateParameters parameters = new ApplicationUpdateParameters(defaultVersion: DEFAULT_APP_VERSION)
applicationsInner.update(resourceGroupName, batchAccountName, batchApplication.id(), parameters)
It does not appear that default version is being surface at the client layer of the SDK.
To get around this you should be able to call the implementation methods manually, which have the full functionality of the REST API (as they are auto-generated).
To do this create either CreateApplicationParameters or ApplicationUpdateParameters and set the defaultVersion property. Then you can call the implementations create or update methods manually (https://github.com/Azure/azure-libraries-for-java/blob/78e8ff2940eba34bc63f8e7be6807a377500f5c7/azure-mgmt-batch/src/main/java/com/microsoft/azure/management/batch/implementation/ApplicationsInner.java#L474).
Getting Keyword not supported: 'authentication' error while trying to connect an azure DB through 'Active Directory Integrated' option in .NET core 2.1 project.
Note: I am using EF core to connect the Data source.
TL;DR
As called out by #Aamir Mulla in the comments, this has officially been added since Version 2.0.0
UPDATE - 16/08/2019
Active Directory Password Authentication has now been added for .NET Core in Microsoft.Data.SqlClient 1.0.19221.1-Preview
Unfortunately, the authentication keyword is not yet fully supported in .NET Core. Here is an issue which discusses this.
But .NET Core 2.2 has added some support for this use case as mentioned in this comment. The basic idea is to get the access token by any means (ADAL, REST, etc.) and set SqlConnection.AccessToken to it.
As for using this with EF Core, there's a good discussion about this in this github issue and in particular the comment by mgolois provides a simple implementation to the solution that cbriaball mentions in the thread.
Here is the same for reference
Note that this sample is using the Microsoft.Azure.Services.AppAuthentication library
// DB Context Class
public class SampleDbContext : DbContext
{
public SampleDbContext(DbContextOptions<TeamsDbContext> options) : base(options)
{
var conn = (System.Data.SqlClient.SqlConnection)this.Database.GetDbConnection();
conn.AccessToken = (new AzureServiceTokenProvider()).GetAccessTokenAsync("https://database.windows.net/").Result;
}
}
// Startup.cs
services.AddDbContext<SampleDbContext>(options =>
{
options.UseSqlServer(<Connection String>);
});
The connection string would be something like this
Server=tcp:<server_name>.database.windows.net,1433;Database=<db_name>;
If you're still having the issue, make sure you have
Microsoft.Data.SqlClient package installed, not System.Data.SqlClient. They both contain SqlConnection class, switching the package for the first one fixed the issue for me.
As of today 7/18/2022 , I am still getting the issue from Azure when trying to use it through ManagedIdentity.
The microsoft doc at https://learn.microsoft.com/en-us/azure/app-service/tutorial-connect-msi-sql-database?tabs=windowsclient%2Cefcore%2Cdotnetcore
to use managed identity we need to use the connection string in this format!
"Server=tcp:.database.windows.net;Authentication=Active Directory Default; Database=;"
But looks like Azure is not liking it!
However, adding the access token helped!
var connectionString =
"Server=tcp:yourazuresqlservername.database.windows.net; Database=yourazuresqldbname;";
var con = new SqlConnection(connectionString);
//And then
con.AccessToken = (new AzureServiceTokenProvider()).GetAccessTokenAsync("https://database.windows.net/").Result;
con.Open();
//Do sql tasks
con.Close();
I am building an asp.net webforms site that can connect to our tfs hosted on Microsoft (http://companyname.visualstudio.com) and get data from it. When I run the project with Cassini it runs fine as it gets the authentication from the browser. But I want to do this from code behind.
I have tried various setups like
var tfs = new TfsTeamProjectCollection(CollectionUri, new UICredentialsProvider());
[which is now deprecated as method and should not be used]
or
var tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(CollectionUri);
or even with
var tfs = new TfsTeamProjectCollection(CollectionUri, new NetworkCredential("windowsliveid","password"));
I have no domain since it is a Windows Liveid
and then
tfs.EnsureAuthenticated();
Also I get the uri through
var CollectionUri = new Uri("https://companyname.visualstudio.com/DefaultCollection/");
Any ideas on how to properly authenticate. I would love to either prompt the auth window or give username and password directly.
------------------------------ SOLVED !!! ---------------------------------
Here is the solution to it after some googling following Martin Woodward's very helpful suggestion.
First alternate credentials have to be activated through the TFS account. Then the code can be changed into this which works fine :)
Just remember that you need to have the latest version of VS 2012 (at least update1) for the code to work. Else you can't reference BasicAuthCredential.
var nc = new NetworkCredential("username", "password");
var bc = new BasicAuthCredential(nc);
var tfsc = new TfsClientCredentials(bc) {AllowInteractive = false};
var tfs = new TfsTeamProjectCollection(CollectionUri, tfsc);
tfs.Authenticate();
And here are the referenced dlls.
using Microsoft.TeamFoundation.Build.Client;
using Microsoft.TeamFoundation.Client;
using Microsoft.TeamFoundation.VersionControl.Client;
using Microsoft.TeamFoundation.WorkItemTracking.Client;
Take a look at service credentials, or try enabling alternate credentials on your account which will then allow you to authenticate using http basic auth.
You probably want service credentials for what it sounds like you are doing though.
I am relatively new to IoC containers so I apologize in advance for my ignorance.
My application is a asp.net 4.0 MVC app that uses the Entity Framework with a Repository layer on top of that. It is a multi tenant application so the connection string that is used varies by the logged in client.
The connection string is determined by a 'key' that gets passed in as part of the route which indicates the client. This route data is only present on the first request of the user's session.
The route looks kind of like this: http://{host}/login/dev/
where 'dev' indicates we are using the dev database.
Currently the IoC container is registering all dependencies in the global.asax Application_Start event handler and I have the 'key' hardcoded as follows:
var cnString = CommonServices.GetDBConnection("dev");
container.RegisterType<IRequestMgmtRecipientRepository, RequestMgmtRecipientRepository>(
new InjectionConstructor(cnString));
Is there a way with Unity to dynamically register the repository based on the logged in client using the route data that is supplied initially?
Note: I am not manually resolving the repositories. They are getting constructed by the container when the controllers get instantiated.
I am stumped.
Thanks!
Quick assumption, you can use the host to identify your tenant.
the following article has a slightly different approach http://www.agileatwork.com/bolt-on-multi-tenancy-in-asp-net-mvc-with-unity-and-nhibernate-part-ii-commingled-data/, its using NH, but it is usable.
based on the above this hacked code may work (not tried/complied the following, not much of a unity user, more of a windsor person :) )
Container.RegisterType<IRequestMgmtRecipientRepository, RequestMgmtRecipientRepository>(new InjectionFactory(c =>
{
//the following you can get via a static class
//HttpContext.Current.Request.Url.Host, if i remember correctly
var context = c.Resolve<HttpContextBase>();
var host = context.Request.Headers["Host"] ?? context.Request.Url.Host;
var connStr = CommonServices.GetDBConnection("dev_" + host); //assumed
return new RequestMgmtRecipientRepository(connStr);
}));
Scenario 2 (i do not think this was the case)
if the client identifies the Tenant (not the host, ie http: //host1), this suggests you would already need access to a database to access the client information? in this case the database which holds client information, will also need to have enough information to identify the tenant.
the issue with senario 2 will arise around anon uses, which tenant is being accessed.
assuming senario 2, then the InjectionFactory should still work.
hope this helps