From ec46091e368e9bcf6848dd7941e35ab12a0b48de Mon Sep 17 00:00:00 2001 From: Corey Date: Wed, 25 May 2022 12:08:28 +0100 Subject: [PATCH] currently no consumers of finance api so making is solely MI authentication in the client --- .../EmployerFinanceApiClientConfiguration.cs | 3 --- .../IEmployerFinanceApiClientConfiguration.cs | 3 --- .../SecureHttpClient.cs | 19 +------------------ 3 files changed, 1 insertion(+), 24 deletions(-) diff --git a/src/SFA.DAS.EmployerFinance.Api.Client/EmployerFinanceApiClientConfiguration.cs b/src/SFA.DAS.EmployerFinance.Api.Client/EmployerFinanceApiClientConfiguration.cs index 1472a9590b..fa061280c2 100644 --- a/src/SFA.DAS.EmployerFinance.Api.Client/EmployerFinanceApiClientConfiguration.cs +++ b/src/SFA.DAS.EmployerFinance.Api.Client/EmployerFinanceApiClientConfiguration.cs @@ -3,9 +3,6 @@ public class EmployerFinanceApiClientConfiguration : IEmployerFinanceApiClientConfiguration { public string ApiBaseUrl { get; } - public string ClientId { get; set; } - public string ClientSecret { get; set; } public string IdentifierUri { get; set; } - public string Tenant { get; set; } } } \ No newline at end of file diff --git a/src/SFA.DAS.EmployerFinance.Api.Client/IEmployerFinanceApiClientConfiguration.cs b/src/SFA.DAS.EmployerFinance.Api.Client/IEmployerFinanceApiClientConfiguration.cs index 3b150e366d..d5d12470f6 100644 --- a/src/SFA.DAS.EmployerFinance.Api.Client/IEmployerFinanceApiClientConfiguration.cs +++ b/src/SFA.DAS.EmployerFinance.Api.Client/IEmployerFinanceApiClientConfiguration.cs @@ -3,9 +3,6 @@ public interface IEmployerFinanceApiClientConfiguration { string ApiBaseUrl { get; } - string ClientId { get; } - string ClientSecret { get; } string IdentifierUri { get; } - string Tenant { get; } } } \ No newline at end of file diff --git a/src/SFA.DAS.EmployerFinance.Api.Client/SecureHttpClient.cs b/src/SFA.DAS.EmployerFinance.Api.Client/SecureHttpClient.cs index 117eb4ea98..268946f2f1 100644 --- a/src/SFA.DAS.EmployerFinance.Api.Client/SecureHttpClient.cs +++ b/src/SFA.DAS.EmployerFinance.Api.Client/SecureHttpClient.cs @@ -3,7 +3,6 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.Azure.Services.AppAuthentication; -using Microsoft.IdentityModel.Clients.ActiveDirectory; namespace SFA.DAS.EmployerFinance.Api.Client { @@ -23,9 +22,7 @@ protected SecureHttpClient() public virtual async Task GetAsync(string url, CancellationToken cancellationToken = default) { - var accessToken = IsClientCredentialConfiguration(_configuration.ClientId, _configuration.ClientSecret, _configuration.Tenant) - ? await GetClientCredentialAuthenticationResult(_configuration.ClientId, _configuration.ClientSecret, _configuration.IdentifierUri, _configuration.Tenant) - : await GetManagedIdentityAuthenticationResult(_configuration.IdentifierUri); + var accessToken = await GetManagedIdentityAuthenticationResult(_configuration.IdentifierUri); using (var client = new HttpClient()) { @@ -38,24 +35,10 @@ public virtual async Task GetAsync(string url, CancellationToken cancell } } - private async Task GetClientCredentialAuthenticationResult(string clientId, string clientSecret, string resource, string tenant) - { - var authority = $"https://login.microsoftonline.com/{tenant}"; - var clientCredential = new ClientCredential(clientId, clientSecret); - var context = new AuthenticationContext(authority, true); - var result = await context.AcquireTokenAsync(resource, clientCredential); - return result.AccessToken; - } - private async Task GetManagedIdentityAuthenticationResult(string resource) { var azureServiceTokenProvider = new AzureServiceTokenProvider(); return await azureServiceTokenProvider.GetAccessTokenAsync(resource); } - - private bool IsClientCredentialConfiguration(string clientId, string clientSecret, string tenant) - { - return !string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(clientSecret) && !string.IsNullOrEmpty(tenant); - } } }