-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathProgram.cs
44 lines (38 loc) · 1.87 KB
/
Program.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
using System.Globalization;
using Azure.Core;
using Azure.Identity;
var tokenCredential = new AzureCliCredential();
var app = WebApplication.CreateBuilder(args).Build();
// Can be consumed by ManagedIdentityCredential by specifying IDENTITY_ENDPOINT and IMDS_ENDPOINT environment variables to this action URL
// See https://github.com/Azure/azure-sdk-for-net/blob/Azure.Identity_1.8.0/sdk/identity/Azure.Identity/src/AzureArcManagedIdentitySource.cs
app.MapGet("/token", async (HttpContext context, string resource) =>
{
var token = await tokenCredential.GetTokenAsync(new TokenRequestContext([resource]));
context.Response.Headers.ContentType = "application/json";
return new Dictionary<string, string>
{
["access_token"] = token.Token,
["expiresOn"] = token.ExpiresOn.ToString("O", CultureInfo.InvariantCulture),
["expires_on"] = token.ExpiresOn.ToUnixTimeSeconds().ToString(CultureInfo.InvariantCulture),
["tokenType"] = "Bearer",
["resource"] = resource
};
});
// Can be consumed by "az login --identity" by specifying MSI_ENDPOINT environment variable to this action URL
// https://github.com/Azure/msrestazure-for-python/blob/master/msrestazure/azure_active_directory.py#L474
app.MapPost("/token", async (HttpContext context, HttpRequest request) =>
{
var form = await request.ReadFormAsync();
var resource = form["resource"].ToString();
var token = await tokenCredential.GetTokenAsync(new TokenRequestContext(new[] { resource }));
context.Response.Headers.ContentType = "application/json";
return new Dictionary<string, string>
{
["access_token"] = token.Token,
["expiresOn"] = token.ExpiresOn.ToString("O", CultureInfo.InvariantCulture),
["expires_on"] = token.ExpiresOn.ToUnixTimeSeconds().ToString(),
["token_type"] = "Bearer",
["resource"] = resource
};
});
app.Run();