Table of Contents

Class OnBehalfOfAuthenticationProvider

Namespace
PnP.Core.Auth
Assembly
PnP.Core.Auth.dll

Authentication Provider based on the OnBehalfOf flow

public sealed class OnBehalfOfAuthenticationProvider : OAuthAuthenticationProvider, IAuthenticationProvider
Inheritance
OnBehalfOfAuthenticationProvider
Implements
Inherited Members

Remarks

You can find further details about the On-Behalf-Of flow here: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow

Constructors

OnBehalfOfAuthenticationProvider(ILogger<OAuthAuthenticationProvider>, IMsalHttpClientFactory)

Public constructor leveraging DI to initialize the ILogger and IMsalHttpClientFactory interfaces

public OnBehalfOfAuthenticationProvider(ILogger<OAuthAuthenticationProvider> logger, IMsalHttpClientFactory msalHttpClientFactory)

Parameters

logger ILogger<OAuthAuthenticationProvider>

The instance of the logger service provided by DI

msalHttpClientFactory IMsalHttpClientFactory

The instance of the Msal Http Client Factory service provided by DI

OnBehalfOfAuthenticationProvider(string, string, PnPCoreAuthenticationOnBehalfOfOptions, Func<string>, bool)

Public constructor for external consumers of the library

public OnBehalfOfAuthenticationProvider(string clientId, string tenantId, PnPCoreAuthenticationOnBehalfOfOptions options, Func<string> userTokenProvider, bool useSharedCache = false)

Parameters

clientId string

The Client ID for the Authentication Provider

tenantId string

The Tenant ID for the Authentication Provider

options PnPCoreAuthenticationOnBehalfOfOptions

Options for the authentication provider

userTokenProvider Func<string>

A function providing the consumer user access token to use for the On-Behalf-Of flow

useSharedCache bool

Share the cache between all ClientApplication objects. The cache becomes static. Defaults to false

OnBehalfOfAuthenticationProvider(string, string, StoreName, StoreLocation, string, Func<string>, bool)

Public constructor for external consumers of the library

public OnBehalfOfAuthenticationProvider(string clientId, string tenantId, StoreName storeName, StoreLocation storeLocation, string thumbprint, Func<string> userTokenProvider, bool useSharedCache = false)

Parameters

clientId string

The Client ID for the Authentication Provider

tenantId string

The Tenant ID for the Authentication Provider

storeName StoreName

The Store Name to get the X.509 certificate from

storeLocation StoreLocation

The Store Location to get the X.509 certificate from

thumbprint string

The Thumbprint of the X.509 certificate

userTokenProvider Func<string>

A function providing the consumer user access token to use for the On-Behalf-Of flow

useSharedCache bool

Share the cache between all ClientApplication objects. The cache becomes static. Defaults to false

OnBehalfOfAuthenticationProvider(string, string, X509Certificate2, Func<string>, bool)

Public constructor for external consumers of the library

public OnBehalfOfAuthenticationProvider(string clientId, string tenantId, X509Certificate2 certificate, Func<string> userTokenProvider, bool useSharedCache = false)

Parameters

clientId string

The Client ID for the Authentication Provider

tenantId string

The Tenant ID for the Authentication Provider

certificate X509Certificate2

The X.509 certificate to use for authentication

userTokenProvider Func<string>

A function providing the consumer user access token to use for the On-Behalf-Of flow

useSharedCache bool

Share the cache between all ClientApplication objects. The cache becomes static. Defaults to false

OnBehalfOfAuthenticationProvider(string, string, SecureString, Func<string>, bool)

Public constructor for external consumers of the library

public OnBehalfOfAuthenticationProvider(string clientId, string tenantId, SecureString clientSecret, Func<string> userTokenProvider, bool useSharedCache = false)

Parameters

clientId string

The Client ID for the Authentication Provider

tenantId string

The Tenant ID for the Authentication Provider

clientSecret SecureString

The Client Secret of the app

userTokenProvider Func<string>

A function providing the consumer user access token to use for the On-Behalf-Of flow

useSharedCache bool

Share the cache between all ClientApplication objects. The cache becomes static. Defaults to false

Properties

Certificate

The X.509 Certificate to use for app authentication

public X509Certificate2 Certificate { get; set; }

Property Value

X509Certificate2

ClientSecret

The ClientSecret to authenticate the app with ClientId

public SecureString ClientSecret { get; set; }

Property Value

SecureString

UseSharedCache

Share the cache between all ClientApplication objects. The cache becomes static. Defaults to false.

public bool UseSharedCache { get; set; }

Property Value

bool

UserTokenProvider

A function providing the consumer user access token to use for the On-Behalf-Of flow

public Func<string> UserTokenProvider { get; set; }

Property Value

Func<string>

Methods

AuthenticateRequestAsync(Uri, HttpRequestMessage)

Authenticates the specified request message.

public override Task AuthenticateRequestAsync(Uri resource, HttpRequestMessage request)

Parameters

resource Uri

Request uri

request HttpRequestMessage

The HttpRequestMessage to authenticate.

Returns

Task

The task to await.

GetAccessTokenAsync(Uri)

Gets an access token for the requested resource

public override Task<string> GetAccessTokenAsync(Uri resource)

Parameters

resource Uri

Resource to request an access token for

Returns

Task<string>

An access token

GetAccessTokenAsync(Uri, string[])

Gets an access token for the requested resource and scope

public override Task<string> GetAccessTokenAsync(Uri resource, string[] scopes)

Parameters

resource Uri

Resource to request an access token for (unused)

scopes string[]

Scopes to request

Returns

Task<string>

An access token