Adding Azure AD login

Author: normesta

articles/storage/blobs/data-lake-storage-directory-file-acl-dotnet.md

@@ -43,7 +43,11 @@ using Azure;
 
 ## Connect to the account
 
-To use the snippets in this article, you'll need to create a [DataLakeServiceClient](https://docs.microsoft.com/dotnet/api/azure.storage.files.datalake.datalakeserviceclient) instance that represents the storage account. The easiest way to get one is to use an account key. 
+To use the snippets in this article, you'll need to create a [DataLakeServiceClient](https://docs.microsoft.com/dotnet/api/azure.storage.files.datalake.datalakeserviceclient) instance that represents the storage account. 
+
+### Connect by using an account key
+
+This is the easiest way to connect to an account. 
 
 This example creates an instance of the [DataLakeServiceClient](https://docs.microsoft.com/dotnet/api/azure.storage.files.datalake.datalakeserviceclient?) by using an account key.
 
@@ -61,6 +65,29 @@ public void GetDataLakeServiceClient(ref DataLakeServiceClient dataLakeServiceCl
 }
 ```
 
+### Connect by using Azure Active Directory (AD)
+
+First, you'll have to configure a service principal and register your application with an Azure AD tenant. see [Acquire a token from Azure AD for authorizing requests from a client application](../common/storage-auth-aad-app.md).
+
+Then, you can use the [Azure identity client library for .NET](https://github.com/Azure/azure-sdk-for-net/tree/master/sdk/identity/Azure.Identity) to authenticate your application. 
+
+This example uses a client ID, a client secret, and a tenant ID but there are other ways to do this. See the  [Azure identity client library for .NET](https://github.com/Azure/azure-sdk-for-net/tree/master/sdk/identity/Azure.Identity) for more examples.
+
+```cs
+public void GetDataLakeServiceClient(ref DataLakeServiceClient dataLakeServiceClient, 
+    String accountName, String clientID, string clientSecret, string tenantID)
+{
+
+    TokenCredential credential = new ClientSecretCredential(
+        tenantID, clientID, clientSecret, new TokenCredentialOptions());
+
+    string dfsUri = "https://" + accountName + ".dfs.core.windows.net";
+
+    dataLakeServiceClient = new DataLakeServiceClient(new Uri(dfsUri), credential);
+}
+
+```
+
 ## Create a file system
 
 A file system acts as a container for your files. You can create one by calling the [DataLakeServiceClient.CreateFileSystem](https://docs.microsoft.com/dotnet/api/azure.storage.files.datalake.datalakeserviceclient.createfilesystemasync) method.

articles/storage/blobs/data-lake-storage-directory-file-acl-java.md

@@ -49,17 +49,13 @@ import com.azure.storage.file.datalake.models.PathPermissions;
 import com.azure.storage.file.datalake.models.RolePermissions;
 ```
 
-If you plan to authenticate your client application by using Azure AD, then add these imports statements to your code file.
+## Connect to the account 
 
-```java
-import com.azure.identity.ClientSecretCredential;
-import com.azure.identity.ClientSecretCredentialBuilder;
-import com.azure.core.credential.TokenCredential;
-````
+To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. 
 
-## Connect to the account 
+### Connect by using an account key
 
-To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. The easiest way to get one is to use an account key. 
+This is the easiest way to connect to an account. 
 
 This example creates an instance of the **DataLakeServiceClient** by using an account key.
 
@@ -78,8 +74,33 @@ static public DataLakeServiceClient GetDataLakeServiceClient
 
     return builder.buildClient();
 }      
+```
+
+### Connect by using Azure Active Directory (Azure AD)
+
+First, you'll have to configure a service principal and register your application with an Azure AD tenant. see [Acquire a token from Azure AD for authorizing requests from a client application](../common/storage-auth-aad-app.md).
+
+Then, you can use the [Azure identity client library for Java](https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/identity/azure-identity) to authenticate your application. 
 
+This example uses a client ID, a client secret, and a tenant ID but there are other ways to do this. See the [Azure identity client library for Java](https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/identity/azure-identity)) for more examples.
+
+```java
+static public DataLakeServiceClient GetDataLakeServiceClient
+    (String accountName, String clientId, String ClientSecret, String tenantID){
+
+    String endpoint = "https://" + accountName + ".dfs.core.windows.net";
+        
+    ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
+    .clientId(clientId)
+    .clientSecret(ClientSecret)
+    .tenantId(tenantID)
+    .build();
+           
+    DataLakeServiceClientBuilder builder = new DataLakeServiceClientBuilder();
+    return builder.credential(clientSecretCredential).endpoint(endpoint).buildClient();
+ } 
 ```
+
 ## Create a file system
 
 A file system acts as a container for your files. You can create one by calling the **DataLakeServiceClient.createFileSystem** method.

articles/storage/blobs/data-lake-storage-directory-file-acl-javascript.md

@@ -42,7 +42,11 @@ const AzureStorageDataLake = require("@azure/storage-file-datalake");
 
 ## Connect to the account 
 
-To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. The easiest way to get one is to use an account key. 
+To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. 
+
+### Connect by using an account key
+
+This is the easiest way to connect to an account. 
 
 This example creates an instance of the **DataLakeServiceClient** by using an account key.
 
@@ -63,6 +67,26 @@ function GetDataLakeServiceClient(accountName, accountKey) {
 > [!NOTE]
 > This method of authorization works only for Node.js applications. If you plan to run your code in a browser, you can authorize by using Azure Active Directory (AD). For guidance on how to do that, see the [Azure Storage File Data Lake client library for JavaScript](https://www.npmjs.com/package/@azure/storage-file-datalake) readme file. 
 
+### Connect by using Azure Active Directory (AD)
+
+First, you'll have to configure a service principal and register your application with an Azure AD tenant. see [Acquire a token from Azure AD for authorizing requests from a client application](../common/storage-auth-aad-app.md).
+
+Then, you can use the [Azure identity client library for JS](https://www.npmjs.com/package/@azure/identity) to authenticate your application. 
+
+This example uses a client ID, a client secret, and a tenant ID but there are other ways to do this. See the [Azure identity client library for JS](https://www.npmjs.com/package/@azure/identity) for more examples.
+
+```javascript
+function GetDataLakeServiceClientAD(accountName, clientID, clientSecret, tenantID) {
+
+  const credential = new ClientSecretCredential(tenantID, clientID, clientSecret);
+  
+  const datalakeServiceClient = new DataLakeServiceClient(
+      `https://${accountName}.dfs.core.windows.net`, credential);
+
+  return datalakeServiceClient;             
+}
+```
+
 ## Create a file system
 
 A file system acts as a container for your files. You can create one by getting a **FileSystemClient** instance, and then calling the **FileSystemClient.Create** method.

articles/storage/blobs/data-lake-storage-directory-file-acl-python.md

@@ -44,7 +44,11 @@ from azure.storage.filedatalake._models import ContentSettings
 
 ## Connect to the account
 
-To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. The easiest way to get one is to use an account key. 
+To use the snippets in this article, you'll need to create a **DataLakeServiceClient** instance that represents the storage account. 
+
+### Connect by using an account key
+
+This is the easiest way to connect to an account. 
 
 This example uses an account key to create a **DataLakeServiceClient** instance that represents the storage account. 
 
@@ -63,6 +67,29 @@ except Exception as e:
 
 - Replace the `storage_account_key` placeholder value with your storage account access key.
 
+### Connect by using Azure Active Directory (AD)
+
+First, you'll have to configure a service principal and register your application with an Azure AD tenant. see [Acquire a token from Azure AD for authorizing requests from a client application](../common/storage-auth-aad-app.md).
+
+Then, you can use the [Azure identity client library for Python](https://pypi.org/project/azure-identity/) to authenticate your application. 
+
+This example uses a client ID, a client secret, and a tenant ID but there are other ways to do this. See the [Azure identity client library for Python](https://pypi.org/project/azure-identity/) for more examples.
+
+```python
+def initialize_storage_account_ad(storage_account_name, client_id, client_secret, tenant_id):
+    
+    try:  
+        global service_client
+
+        credential = ClientSecretCredential(tenant_id, client_id, client_secret)
+
+        service_client = DataLakeServiceClient(account_url="{}://{}.dfs.core.windows.net".format(
+            "https", storage_account_name), credential=credential)
+    
+    except Exception as e:
+        print(e)
+```
+
 ## Create a file system
 
 A file system acts as a container for your files. You can create one by calling the **FileSystemDataLakeServiceClient.create_file_system** method.