Add support for Azure AD auth (#1486)

Azure · Apr 24, 2023 · 4c2b2da · 4c2b2da
1 parent 587714e
commit 4c2b2da
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 12 deletions.
diff --git a/sdk/Sdk/Tasks/ZipDeploy/Http/HttpClientHelpers.cs b/sdk/Sdk/Tasks/ZipDeploy/Http/HttpClientHelpers.cs
@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
 
 using System;
@@ -18,9 +18,14 @@ namespace Microsoft.NET.Sdk.Functions.Http
 {
     internal static class HttpClientHelpers
     {
-        public static async Task<IHttpResponse> PostWithBasicAuthAsync(this IHttpClient client, Uri uri, string username, string password, string contentType, string userAgent, Encoding encoding, Stream messageBody)
+
+        internal static readonly string AzureADUserName = Guid.Empty.ToString();
+        internal static readonly string BearerAuthenticationScheme = "Bearer";
+        internal static readonly string BasicAuthenticationScheme = "Basic";
+
+        public static async Task<IHttpResponse> PostRequestAsync(this IHttpClient client, Uri uri, string username, string password, string contentType, string userAgent, Encoding encoding, Stream messageBody)
         {
-            AddBasicAuthToClient(username, password, client);
+            AddAuthenticationHeader(username, password, client);
             client.DefaultRequestHeaders.Add("User-Agent", userAgent);
 
             StreamContent content = new StreamContent(messageBody ?? new MemoryStream())
@@ -49,9 +54,9 @@ public static async Task<IHttpResponse> PostWithBasicAuthAsync(this IHttpClient
             }
         }
 
-        public static async Task<IHttpResponse> GetWithBasicAuthAsync(this IHttpClient client, Uri uri, string username, string password, string userAgent, CancellationToken cancellationToken)
+        public static async Task<IHttpResponse> GetRequestAsync(this IHttpClient client, Uri uri, string username, string password, string userAgent, CancellationToken cancellationToken)
         {
-            AddBasicAuthToClient(username, password, client);
+            AddAuthenticationHeader(username, password, client);
             client.DefaultRequestHeaders.Add("User-Agent", userAgent);
 
             try
@@ -65,14 +70,21 @@ public static async Task<IHttpResponse> GetWithBasicAuthAsync(this IHttpClient c
             }
         }
 
-        private static void AddBasicAuthToClient(string username, string password, IHttpClient client)
+        private static void AddAuthenticationHeader(string username, string password, IHttpClient client)
         {
             client.DefaultRequestHeaders.Remove("Connection");
 
-            string plainAuth = string.Format("{0}:{1}", username, password);
-            byte[] plainAuthBytes = Encoding.ASCII.GetBytes(plainAuth);
-            string base64 = Convert.ToBase64String(plainAuthBytes);
-            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64);
+            if (!string.Equals(username, AzureADUserName, StringComparison.Ordinal))
+            {
+                string plainAuth = string.Format("{0}:{1}", username, password);
+                byte[] plainAuthBytes = Encoding.ASCII.GetBytes(plainAuth);
+                string base64 = Convert.ToBase64String(plainAuthBytes);
+                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(BasicAuthenticationScheme, base64);
+            }
+            else
+            {
+                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(BearerAuthenticationScheme, password);
+            }
         }
     }
 }
diff --git a/sdk/Sdk/Tasks/ZipDeploy/ZipDeployTask.cs b/sdk/Sdk/Tasks/ZipDeploy/ZipDeployTask.cs
@@ -98,7 +98,7 @@ internal async System.Threading.Tasks.Task<bool> ZipDeployAsync(string zipToPubl
             Uri uri = new Uri($"{zipDeployPublishUrl}?isAsync=true", UriKind.Absolute);
             string userAgent = $"{UserAgentName}/{userAgentVersion}";
             FileStream stream = File.OpenRead(zipToPublishPath);
-            IHttpResponse response = await client.PostWithBasicAuthAsync(uri, userName, password, "application/zip", userAgent, Encoding.UTF8, stream);
+            IHttpResponse response = await client.PostRequestAsync(uri, userName, password, "application/zip", userAgent, Encoding.UTF8, stream);
             if (response.StatusCode != HttpStatusCode.OK && response.StatusCode != HttpStatusCode.Accepted)
             {
                 if (logMessages)

diff --git a/sdk/Sdk/Tasks/ZipDeploy/ZipDeploymentStatus.cs b/sdk/Sdk/Tasks/ZipDeploy/ZipDeploymentStatus.cs
@@ -102,7 +102,7 @@ private static bool TryParseDeploymentStatus(IDictionary<string, object> json, o
             IHttpResponse? response = null;
             await RetryAsync(async () =>
             {
-                response = await _client.GetWithBasicAuthAsync(new Uri(url, UriKind.RelativeOrAbsolute), userName, password, _userAgent, cts.Token);
+                response = await _client.GetRequestAsync(new Uri(url, UriKind.RelativeOrAbsolute), userName, password, _userAgent, cts.Token);
             }, retryCount, retryDelay);
 
             if (response!.StatusCode != HttpStatusCode.OK && response.StatusCode != HttpStatusCode.Accepted)