| | | 1 | | // Copyright (c) Microsoft Corporation. All rights reserved. |
| | | 2 | | // Licensed under the MIT License. |
| | | 3 | | |
| | | 4 | | using System; |
| | | 5 | | using System.Threading; |
| | | 6 | | using System.Threading.Tasks; |
| | | 7 | | using Azure.Core; |
| | | 8 | | using Azure.Messaging.EventHubs.Authorization; |
| | | 9 | | using Microsoft.Azure.Amqp; |
| | | 10 | | |
| | | 11 | | namespace Azure.Messaging.EventHubs.Amqp |
| | | 12 | | { |
| | | 13 | | /// <summary> |
| | | 14 | | /// Performs the actions needed to generate <see cref="CbsToken" /> instances for |
| | | 15 | | /// authorization within an AMQP scope. |
| | | 16 | | /// </summary> |
| | | 17 | | /// |
| | | 18 | | /// <seealso cref="Microsoft.Azure.Amqp.ICbsTokenProvider" /> |
| | | 19 | | /// |
| | | 20 | | internal sealed class CbsTokenProvider : ICbsTokenProvider |
| | | 21 | | { |
| | | 22 | | /// <summary>The type to consider a token if it is based on an Event Hubs shared access signature.</summary> |
| | | 23 | | private const string SharedAccessSignatureTokenType = "servicebus.windows.net:sastoken"; |
| | | 24 | | |
| | | 25 | | /// <summary>The type to consider a token if not based on a shared access signature.</summary> |
| | | 26 | | private const string JsonWebTokenType = "jwt"; |
| | | 27 | | |
| | | 28 | | /// <summary>The type to consider a token generated from the associated <see cref="Credential" />.</summary> |
| | | 29 | | private readonly string TokenType; |
| | | 30 | | |
| | | 31 | | /// <summary>The credential used to generate access tokens.</summary> |
| | | 32 | | private readonly EventHubTokenCredential Credential; |
| | | 33 | | |
| | | 34 | | /// <summary>The cancellation token to consider when making requests.</summary> |
| | | 35 | | private readonly CancellationToken CancellationToken; |
| | | 36 | | |
| | | 37 | | /// <summary> |
| | | 38 | | /// Initializes a new instance of the <see cref="CbsTokenProvider"/> class. |
| | | 39 | | /// </summary> |
| | | 40 | | /// |
| | | 41 | | /// <param name="credential">The credential to use for access token generation.</param> |
| | | 42 | | /// <param name="cancellationToken">The cancellation token to consider when making requests.</param> |
| | | 43 | | /// |
| | 246 | 44 | | public CbsTokenProvider(EventHubTokenCredential credential, |
| | 246 | 45 | | CancellationToken cancellationToken) |
| | | 46 | | { |
| | 246 | 47 | | Argument.AssertNotNull(credential, nameof(credential)); |
| | | 48 | | |
| | 244 | 49 | | Credential = credential; |
| | 244 | 50 | | CancellationToken = cancellationToken; |
| | | 51 | | |
| | 244 | 52 | | TokenType = (credential.IsSharedAccessSignatureCredential) |
| | 244 | 53 | | ? SharedAccessSignatureTokenType |
| | 244 | 54 | | : JsonWebTokenType; |
| | 244 | 55 | | } |
| | | 56 | | |
| | | 57 | | /// <summary> |
| | | 58 | | /// Asynchronously requests a CBS token to be used for authorization within an AMQP |
| | | 59 | | /// scope. |
| | | 60 | | /// </summary> |
| | | 61 | | /// |
| | | 62 | | /// <param name="namespaceAddress">The address of the namespace to be authorized.</param> |
| | | 63 | | /// <param name="appliesTo">The resource to which the token should apply.</param> |
| | | 64 | | /// <param name="requiredClaims">The set of claims that are required for authorization.</param> |
| | | 65 | | /// <returns>The token to use for authorization.</returns> |
| | | 66 | | /// |
| | | 67 | | public async Task<CbsToken> GetTokenAsync(Uri namespaceAddress, |
| | | 68 | | string appliesTo, |
| | | 69 | | string[] requiredClaims) |
| | | 70 | | { |
| | 6 | 71 | | AccessToken token = await Credential.GetTokenUsingDefaultScopeAsync(CancellationToken).ConfigureAwait(false) |
| | 6 | 72 | | return new CbsToken(token.Token, TokenType, token.ExpiresOn.UtcDateTime); |
| | 6 | 73 | | } |
| | | 74 | | } |
| | | 75 | | } |