updating samples for VSTS exposed as a resource

Author: peakyy

AdalJsSample/README.md

@@ -0,0 +1,45 @@
+# ADAL JS Sample
+
+The [Azure Active Directory Authentication Library (ADAL)](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-libraries) enables client application developers to authenticate cloud users and obtain access tokens for API usage.
+
+## Sample Application
+
+This buildable sample will walk you through the steps to create single page javascript application which uses ADAL to authenticate a user via an interactive prompt and all VSTS known information associated with the signed in identity.
+
+To run this sample you will need:
+* Http-server. You can download [NPM http server](https://www.npmjs.com/package/http-server) if you need one.
+* An Azure Active Directory (AAD) tenant. If you do not have one, follow these [steps to set up an AAD](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-howto-tenant)
+* A user account in your AAD tenant
+* A VSTS account backed by your AAD tenant where your user account has access. If you have an existing VSTS account not connected to your AAD tenant follow these [steps to connect you AAD tenant to your VSTS account](https://www.visualstudio.com/en-us/docs/setup-admin/team-services/manage-organization-access-for-your-account-vs)
+
+## Step 1: Clone or download vsts-auth-samples repository
+
+From a shell or command line: 
+```no-highlight
+git clone https://github.com/Microsoft/vsts-auth-samples.git
+```
+
+## Step 2: Register the sample application with you Azure Active Directory tenant
+
+1. Sign in to the [Azure Portal](https://portal.azure.com).
+2. On the top bar, click on your account and under the Directory list, choose the Active Directory tenant where you wish to register your application.
+3. On the left hand navigation menu, select `Azure Active Directory`.
+4. Click on `App registrations` and select `New application regirstation` from the top bar.
+5. Enter a `name` for you application, ex. "Adal JS sample", choose `Web app/API` for `application type`, and enter `http://localhost:8080` for the `Redirect URI`. Finally click `create` at the bottom of the screen.
+6. Save the `Application ID` from your new application registration. You will need it later in this sample.
+7. Grant Permissions for VSTS. Click `Required permissions` -> `add` -> `1 Select an API` -> type in and select `Microsoft Visual Studio Team Services` -> check the box for `Have full access to...` -> click `Save` -> click `Grant Permissions` -> click `Yes`.
+
+## Step 3: Run the sample
+
+1. Open `index.html` in [Visual Studio Code](https://code.visualstudio.com/download?wt.mc_id=adw-brandcore-editor-slink-downloads&gclid=EAIaIQobChMItJndsOXH1QIVFJR-Ch3uTgMREAAYASABEgLb2vD_BwE) or another text editor or IDE.
+2. Inside `index.html` there is a section of `Input Vars` you can update to run the sample:
+    * `clientId` - (Required) update this with the `application id` you saved from `portal.azure.com`
+    * `replyUri` - (optional) update this if you are hosting `index.html` at an address other than `hottp://localhost:8080`
+    * `vstsApi` - (optional) update this if you would like to the sample to run a different VSTS API
+    * `vstsResourceId` - Do not change this value. It is used to receive VSTS ADAL authentication tokens
+3. Navigate to the ADAL JS sample in cloned repo `vsts-auth-samples/AdalJsSample/` and start your http-server which will serve `index.hmtl` at `http://localhost:8080`.
+4. Navigate to `http://localhost:8080`. Sign in with a user account from your AAD tenant which has access to at least 1 VSTS account. Displayed should be all VSTS known identity infromation about the signed in user account.
+
+
+
+

AdalJsSample/index.html

@@ -0,0 +1,81 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>VSTS Autentication ADAL.JS Sample</title>
+        <meta charset="utf-8" />
+        <style type="text/css">body { font-family: Tahoma; padding: 3em; }</style>
+        <script src="https://secure.aadcdn.microsoftonline-p.com/lib/1.0.11/js/adal.min.js"></script>
+    </head>
+    <body>
+        <p>
+            VSTS Authentication - ADAL.JS Sample
+        </p>
+        <p>
+            <a href="#" onclick="authContext.login(); return false;">Log in</a> |
+            <a href="#" onclick="authContext.logOut(); return false;">Log out</a>
+        </p>
+        <p id="username"></p>
+        <pre id="api_response"></pre>
+
+        <script type="text/javascript">
+            // Set up ADAL
+            var authContext = new AuthenticationContext({
+                clientId: '57c5c51c-2036-433a-befa-ebefc7f10689',//Update with your app regirstion's Application ID
+                postLogoutRedirectUri: 'http://localhost:8080' //Where you return upon signout
+            });
+            // Make an AJAX request to the VSTS REST API and print the response as JSON.
+            var getCurrentUser = function (access_token) {
+                document.getElementById('api_response').textContent = 'Calling API...';
+                var xhr = new XMLHttpRequest();
+                xhr.open('GET', 'https://app.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=1.0', true); //API called with ADAL token
+                xhr.setRequestHeader('Authorization', 'Bearer ' + access_token);
+                xhr.onreadystatechange = function () {
+                    if (xhr.readyState === 4 && xhr.status === 200) {
+                        // Parse Successful Response
+                        document.getElementById('api_response').textContent =
+                            JSON.stringify(JSON.parse(xhr.responseText), null, '  ');
+                    } else {
+                        // Handle Error
+                        document.getElementById('api_response').textContent =
+                            'ERROR:\n\n' + xhr.responseText;
+                    }
+                };
+                xhr.send();
+            }
+            if (authContext.isCallback(window.location.hash)) {
+                // Handle redirect after token requests
+                authContext.handleWindowCallback();
+                var err = authContext.getLoginError();
+                if (err) {
+                    // TODO: Handle errors signing in and getting tokens
+                    document.getElementById('api_response').textContent =
+                        'ERROR:\n\n' + err;
+                }
+            } else {
+                // If logged in, get access token and make an API request
+                var user = authContext.getCachedUser();
+                if (user) {
+                    document.getElementById('username').textContent = 'Signed in as: ' + user.userName;
+                    document.getElementById('api_response').textContent = 'Getting access token...';
+                    
+                    // Get an access token to the Microsoft Graph API
+                    authContext.acquireToken(
+                        '499b84ac-1321-427f-aa17-267ca6975798',
+                        function (error, token) {
+                            if (error || !token) {
+                                // TODO: Handle error obtaining access token
+                                document.getElementById('api_response').textContent =
+                                    'ERROR:\n\n' + error;
+                                return;
+                            }
+                            // Use the access token
+                            getCurrentUser(token);
+                        }
+                    );
+                } else {
+                    document.getElementById('username').textContent = 'Not signed in.';
+                }
+            }
+        </script>
+    </body>
+</html>

ManagedClientConsoleAppSample/Program.cs

@@ -3,6 +3,7 @@
 using System.Linq;
 using System.Net.Http;
 using System.Net.Http.Headers;
+using System.Threading;
 
 namespace ManagedClientConsoleAppSample
 {
@@ -11,10 +12,11 @@ class Program
         //============= Config [Edit these with your settings] =====================
         internal const string vstsCollectionUrl = "https://myaccount.visualstudio.com"; //change to the URL of your VSTS account; NOTE: This must use HTTPS
         // internal const string vstsCollectioUrl = "http://myserver:8080/tfs/DefaultCollection" alternate URL for a TFS collection
+        internal const string clientId = "0fa17cf4-f75c-4185-ab9a-7c5ea47ca073"; //change to your app registration's Application ID
+        internal const string replyUri = "http://localhost:8080"; //change to your app registration's reply URI.
         //==========================================================================
 
-        internal const string VSTSResourceId = "499b84ac-1321-427f-aa17-267ca6975798"; //Static value to target VSTS. Do not change
-        internal const string clientId = "872cd9fa-d31f-45e0-9eab-6e460a02d1f1"; //VS ClientId. Please use this instead of your app's clientId
+        internal const string VSTSResourceId = "499b84ac-1321-427f-aa17-267ca6975798"; //Constant value to target VSTS. Do not change  
 
         public static void Main(string[] args)
         {
@@ -23,7 +25,7 @@ public static void Main(string[] args)
             try
             {
                 //PromptBehavior.RefreshSession will enforce an authn prompt every time. NOTE: Auto will take your windows login state if possible
-                result = ctx.AcquireTokenAsync(VSTSResourceId, clientId, new Uri("urn:ietf:wg:oauth:2.0:oob"), new PlatformParameters(PromptBehavior.Always)).Result;
+                result = ctx.AcquireTokenAsync(VSTSResourceId, clientId, new Uri(replyUri), new PlatformParameters(PromptBehavior.Always)).Result;
                 Console.WriteLine("Token expires on: " + result.ExpiresOn);
 
                 var bearerAuthHeader = new AuthenticationHeaderValue("Bearer", result.AccessToken);
@@ -32,7 +34,7 @@ public static void Main(string[] args)
             catch (UnauthorizedAccessException)
             {
                 // If the token has expired, prompt the user with a login prompt
-                result = ctx.AcquireTokenAsync(VSTSResourceId, clientId, new Uri("urn:ietf:wg:oauth:2.0:oob"), new PlatformParameters(PromptBehavior.Always)).Result;
+                result = ctx.AcquireTokenAsync(VSTSResourceId, clientId, new Uri(replyUri), new PlatformParameters(PromptBehavior.Always)).Result;
             }
             catch (Exception ex)
             {
@@ -78,6 +80,7 @@ private static void ListProjects(AuthenticationHeaderValue authHeader)
                 {
                     Console.WriteLine("\tSuccesful REST call");
                     Console.WriteLine(response.Content.ReadAsStringAsync().Result);
+                    Thread.Sleep(10000);
                 }
                 else if (response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                 {

ManagedClientConsoleAppSample/README.md

@@ -6,25 +6,43 @@ The [Azure Active Directory Authentication Library (ADAL)](https://docs.microsof
 
 This buildable sample will walk you through the steps to create a client-side console application which uses ADAL to authenticate a user via an interactive prompt and return a list of all projects inside a selected VSTS account.
 
+To run this sample you will need:
+* Visual Studio 2017
+* An Azure Active Directory (AAD) tenant. If you do not have one, follow these [steps to set up an AAD](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-howto-tenant)
+* A user account in your AAD tenant
+* A VSTS account backed by your AAD tenant where your user account has access. If you have an existing VSTS account not connected to your AAD tenant follow these [steps to connect you AAD tenant to your VSTS account](https://www.visualstudio.com/en-us/docs/setup-admin/team-services/manage-organization-access-for-your-account-vs)
+
 ## Step 1: Clone or download vsts-auth-samples repository
 
 From a shell or command line: 
 ```no-highlight
 git clone https://github.com/Microsoft/vsts-auth-samples.git
 ```
 
-## Step 2: Install and configure ADAL (optional)
+## Step 2: Register the sample application with you Azure Active Directory tenant
+
+1. Sign in to the [Azure Portal](https://portal.azure.com).
+2. On the top bar, click on your account and under the Directory list, choose the Active Directory tenant where you wish to register your application.
+3. On the left hand navigation menu, select `Azure Active Directory`.
+4. Click on `App registrations` and select `New application regirstation` from the top bar.
+5. Enter a `name` for you application, ex. "Adal native app sample", choose `Native` for `application type`, and enter `http://localhost:8080` for the `Redirect URI`. Finally click `create` at the bottom of the screen.
+6. Save the `Application ID` from your new application registration. You will need it later in this sample.
+7. Grant Permissions for VSTS. Click `Required permissions` -> `add` -> `1 Select an API` -> type in and select `Microsoft Visual Studio Team Services` -> check the box for `Have full access to...` -> click `Save` -> click `Grant Permissions` -> click `Yes`.
+
+## Step 3: Install and configure ADAL (optional)
 
 Package: `Microsoft.Identity.Model.Clients.ActiveDirectory` has already been installed and configured in the sample, but if you are adding to your own project you will need to [install and configure it yourself](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory). 
 
-## Step 3: Run the sample
+## Step 4: Run the sample
 
-1. Navigate to the ADAL C# sample in cloned repo `vsts-auth-samples/ManagedClientConsoleAppSample/`
-2. Use [Nuget package restore](https://docs.microsoft.com/en-us/nuget/consume-packages/package-restore) to ensure you have all dependencies installed
-3. Open the solution file `ManagedClientConsoleAppSample.csproj` in [Visual Studio 2017](https://www.visualstudio.com/downloads/)
+1. Navigate to the ADAL C# sample in cloned repo `vsts-auth-samples/ManagedClientConsoleAppSample/`.
+2. Use [Nuget package restore](https://docs.microsoft.com/en-us/nuget/consume-packages/package-restore) to ensure you have all dependencies installed.
+3. Open the solution file `ManagedClientConsoleAppSample.sln` in [Visual Studio 2017](https://www.visualstudio.com/downloads/).
 4. Open CS file `Program.cs` and there is a section with input values to change at the top of the class:
-    * `vstsCollectionUrl` - Mutable value. This is the url to your VSTS/TFS collection, e.g. http://myaccount.visualstudio.com for VSTS or http://myserver:8080/tfs/DefaultCollection for TFS.
-5. Build and run solution. After running you should see a list of all projects inside of myaccount.
+    * `vstsCollectionUrl` - update this with the url to your VSTS/TFS collection, e.g. http://myaccount.visualstudio.com for VSTS or http://myserver:8080/tfs/DefaultCollection for TFS.
+    * `clientId` - update this with the `application id` you saved from `portal.azure.com`
+    * `replyUri` - we have set this to `http://localhost:8080`, but please update it as necessary for your own app.
+5. Build and run solution. After running you should see an interactive login prompt. Then after authentication and authorization, a list of all projects inside of your account.