The library ships as following packages:
- AAD.fs: F# abstractions with
Async
public interfaces - AAD.fs.tasks: F# abstractions with
Task
public interfaces - AAD.Suave: Suave-specific wrappers
- AAD.Giraffe: Giraffe-specific wrappers
- Use Suave or Giraffe package and
PartProtector
abstraction, alternatively build on the base AAD.fsResourceOwner
primitives - Use
Noop.PartProtector
to bypass the verification of demands (for example to implement feature switch)
- Use
AsyncRequestor
orTaskRequestor
from AAD.fs package or Identity platform SDK library directly.
The build requires at least .NET Core SDK 8 installed. When building for the first time restore the local tools, in this directory run:
dotnet tool restore
, thendotnet fsi build.fsx
or try./build.fsx --list
to see the available targets.
The test scenario implements authorization using Azure Application Roles. The sample application can be found in your Azure Active Directory once provisioned:
- Search Enterprise Applications for user and group role assignments
- See Applications for the manfest of the registered application and the information about associated URI and the service principal.
- Make sure you are logged in:
az login
- Only once: Register the application and service principals:
dotnet fsi build.fsx -t registerSample
dotnet fsi build.fsx -t integration
The build script is implemented using FAKE.
The registrated application and principals are kept in your Azure subscription and information about them - in your dotnet user-secrets
,
when you no longer need them, you can delete them with dotnet fsi build.fsx -t unregisterSample
.
Note: Integration tests demonstrate a couple approaches in requestor error handling:
- Async-based implementation uses custom result type to avoid throwing exceptions
- Task-based implementation depends on the consumer code to handle the exceptions
Either approach can be used with either version of the requestor.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.