Merge pull request #322 from microsoft/feature/caeEnabled

feature/caeEnabled

Author: baywet

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.11.0] - 2024-08-08
+
+- Enabled Continuous Access evaluation by default.
+
 ## [1.10.1] - 2024-08-01
 
 - Cleans up enum serialization to read from attributes for form and text serialization [#284](https://github.com/microsoft/kiota-dotnet/issues/284)

Directory.Build.props

@@ -1,7 +1,7 @@
 <Project>
   <!-- Common default project properties for ALL projects-->
   <PropertyGroup>
-    <VersionPrefix>1.10.1</VersionPrefix>
+    <VersionPrefix>1.11.0</VersionPrefix>
     <VersionSuffix></VersionSuffix>
     <!-- This is overidden in test projects by setting to true-->
     <IsTestProject>false</IsTestProject>

src/authentication/azure/AzureIdentityAccessTokenProvider.cs

@@ -22,6 +22,7 @@ public class AzureIdentityAccessTokenProvider : IAccessTokenProvider, IDisposabl
 
     private readonly TokenCredential _credential;
     private readonly ActivitySource _activitySource;
+    private readonly bool _isCaeEnabled;
     private readonly HashSet<string> _scopes;
     /// <inheritdoc />
     public AllowedHostsValidator AllowedHostsValidator { get; protected set; }
@@ -33,7 +34,8 @@ public class AzureIdentityAccessTokenProvider : IAccessTokenProvider, IDisposabl
     /// <param name="allowedHosts">The list of allowed hosts for which to request access tokens.</param>
     /// <param name="scopes">The scopes to request the access token for.</param>
     /// <param name="observabilityOptions">The observability options to use for the authentication provider.</param>
-    public AzureIdentityAccessTokenProvider(TokenCredential credential, string[]? allowedHosts = null, ObservabilityOptions? observabilityOptions = null, params string[] scopes)
+    /// <param name="isCaeEnabled">Whether to enable Conditional Access Evaluation (CAE) for the token request.</param>
+    public AzureIdentityAccessTokenProvider(TokenCredential credential, string[]? allowedHosts = null, ObservabilityOptions? observabilityOptions = null, bool isCaeEnabled = true, params string[] scopes)
     {
         _credential = credential ?? throw new ArgumentNullException(nameof(credential));
 
@@ -45,6 +47,20 @@ public AzureIdentityAccessTokenProvider(TokenCredential credential, string[]? al
             _scopes = new(scopes, StringComparer.OrdinalIgnoreCase);
 
         _activitySource = new((observabilityOptions ?? new()).TracerInstrumentationName);
+        _isCaeEnabled = isCaeEnabled;
+    }
+    /// <summary>
+    /// The <see cref="AzureIdentityAccessTokenProvider"/> constructor
+    /// </summary>
+    /// <param name="credential">The credential implementation to use to obtain the access token.</param>
+    /// <param name="allowedHosts">The list of allowed hosts for which to request access tokens.</param>
+    /// <param name="scopes">The scopes to request the access token for.</param>
+    /// <param name="observabilityOptions">The observability options to use for the authentication provider.</param>
+    [Obsolete("This constructor is obsolete and will be removed in a future version. Use the constructor that takes an isCaeEnabled parameter instead.")]
+    public AzureIdentityAccessTokenProvider(TokenCredential credential, string[]? allowedHosts, ObservabilityOptions? observabilityOptions, params string[] scopes) :
+    this(credential, allowedHosts, observabilityOptions, true, scopes)
+    {
+
     }
 
     private const string ClaimsKey = "claims";
@@ -96,7 +112,7 @@ public async Task<string> GetAuthorizationTokenAsync(Uri uri, Dictionary<string,
             scopes = [$"{uri.Scheme}://{uri.Host}/.default"];
         span?.SetTag("com.microsoft.kiota.authentication.scopes", string.Join(",", scopes));
 
-        var result = await _credential.GetTokenAsync(new TokenRequestContext(scopes, claims: decodedClaim), cancellationToken).ConfigureAwait(false);
+        var result = await _credential.GetTokenAsync(new TokenRequestContext(scopes, claims: decodedClaim, isCaeEnabled: _isCaeEnabled), cancellationToken).ConfigureAwait(false);
         return result.Token;
     }
 

src/authentication/azure/AzureIdentityAuthenticationProvider.cs

@@ -2,6 +2,7 @@
 //  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
 // ------------------------------------------------------------------------------
 
+using System;
 using Azure.Core;
 using Microsoft.Kiota.Abstractions.Authentication;
 
@@ -17,9 +18,22 @@ public class AzureIdentityAuthenticationProvider : BaseBearerTokenAuthentication
     /// <param name="credential">The credential implementation to use to obtain the access token.</param>
     /// <param name="allowedHosts">The list of allowed hosts for which to request access tokens.</param>
     /// <param name="scopes">The scopes to request the access token for.</param>
+    /// <param name="isCaeEnabled">Whether to enable Conditional Access Evaluation (CAE) for the token request.</param>
     /// <param name="observabilityOptions">The observability options to use for the authentication provider.</param>
-    public AzureIdentityAuthenticationProvider(TokenCredential credential, string[]? allowedHosts = null, ObservabilityOptions? observabilityOptions = null, params string[] scopes)
-        : base(new AzureIdentityAccessTokenProvider(credential, allowedHosts, observabilityOptions, scopes))
+    public AzureIdentityAuthenticationProvider(TokenCredential credential, string[]? allowedHosts = null, ObservabilityOptions? observabilityOptions = null, bool isCaeEnabled = true, params string[] scopes)
+        : base(new AzureIdentityAccessTokenProvider(credential, allowedHosts, observabilityOptions, isCaeEnabled, scopes))
+    {
+    }
+    /// <summary>
+    /// The <see cref="AzureIdentityAuthenticationProvider"/> constructor
+    /// </summary>
+    /// <param name="credential">The credential implementation to use to obtain the access token.</param>
+    /// <param name="allowedHosts">The list of allowed hosts for which to request access tokens.</param>
+    /// <param name="scopes">The scopes to request the access token for.</param>
+    /// <param name="observabilityOptions">The observability options to use for the authentication provider.</param>
+    [Obsolete("This constructor is obsolete and will be removed in a future version. Use the constructor that takes an isCaeEnabled parameter instead.")]
+    public AzureIdentityAuthenticationProvider(TokenCredential credential, string[]? allowedHosts, ObservabilityOptions? observabilityOptions, params string[] scopes)
+        : this(credential, allowedHosts, observabilityOptions, true, scopes)
     {
     }
 }

tests/Directory.Build.props

@@ -0,0 +1,10 @@
+<Project>
+	<Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
+	<PropertyGroup>
+		<TargetFrameworks>net8.0;net462</TargetFrameworks>
+		<IsTestProject>true</IsTestProject>
+		<Nullable>disable</Nullable>
+		<ImplicitUsings>true</ImplicitUsings>
+		<LangVersion>latest</LangVersion>
+	</PropertyGroup>
+</Project>

tests/abstractions/Microsoft.Kiota.Abstractions.Tests.csproj

@@ -1,11 +1,5 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
-    <IsTestProject>true</IsTestProject>
-    <TargetFrameworks>net8.0;net462</TargetFrameworks>
-    <Nullable>disable</Nullable>
-  </PropertyGroup>
-
   <ItemGroup>
     <PackageReference Include="coverlet.msbuild" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>

tests/authentication/azure/Microsoft.Kiota.Authentication.Azure.Tests.csproj

@@ -1,11 +1,5 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
-    <TargetFrameworks>net8.0;net462</TargetFrameworks>
-    <IsTestProject>true</IsTestProject>
-    <Nullable>disable</Nullable>
-  </PropertyGroup>
-
   <ItemGroup>
     <PackageReference Include="coverlet.msbuild" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
@@ -26,7 +20,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\..\..\src\authentication\azure\Microsoft.Kiota.Authentication.Azure.csproj" />
+    <ProjectReference
+      Include="..\..\..\src\authentication\azure\Microsoft.Kiota.Authentication.Azure.csproj" />
   </ItemGroup>
 
-</Project>
+</Project>

tests/bundle/Microsoft.Kiota.Bundle.Tests.csproj

@@ -1,10 +1,5 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
-    <IsTestProject>true</IsTestProject>
-    <TargetFrameworks>net8.0;net462</TargetFrameworks>
-  </PropertyGroup>
-
   <ItemGroup>
     <PackageReference Include="coverlet.msbuild" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
@@ -29,5 +24,5 @@
   <ItemGroup>
     <ProjectReference Include="..\..\src\bundle\Microsoft.Kiota.Bundle.csproj" />
   </ItemGroup>
-	
+
 </Project>

tests/http/httpClient/Microsoft.Kiota.Http.HttpClientLibrary.Tests.csproj

@@ -1,11 +1,5 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
-    <TargetFrameworks>net8.0;net462</TargetFrameworks>
-    <IsTestProject>true</IsTestProject>
-    <Nullable>disable</Nullable>
-  </PropertyGroup>
-
   <ItemGroup>
     <PackageReference Include="coverlet.msbuild" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
@@ -26,7 +20,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\..\..\src\http\httpClient\Microsoft.Kiota.Http.HttpClientLibrary.csproj" />
+    <ProjectReference
+      Include="..\..\..\src\http\httpClient\Microsoft.Kiota.Http.HttpClientLibrary.csproj" />
   </ItemGroup>
 
-</Project>
+</Project>

tests/serialization/form/Microsoft.Kiota.Serialization.Form.Tests.csproj

@@ -1,9 +1,5 @@
 <Project Sdk="Microsoft.NET.Sdk">
-
   <PropertyGroup>
-    <TargetFrameworks>net8.0;net462</TargetFrameworks>
-    <IsTestProject>true</IsTestProject>
-    <ImplicitUsings>true</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>
 
@@ -27,7 +23,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\..\..\src\serialization\form\Microsoft.Kiota.Serialization.Form.csproj" />
+    <ProjectReference
+      Include="..\..\..\src\serialization\form\Microsoft.Kiota.Serialization.Form.csproj" />
   </ItemGroup>
 
-</Project>
+</Project>