Change GetSignedAssertion public API (#2854)

* Change GetSignedAssertion public API

* update

* PR comments

* Add Async suffix

---------

Co-authored-by: jennyf19 <jeferrie@microsoft.com>

Author: bgavrilMS

src/Microsoft.Identity.Web.Certificate/SignedAssertionFilePathCredentialsLoader.cs

@@ -36,7 +36,7 @@ public async Task LoadIfNeededAsync(CredentialDescription credentialDescription,
                 {
                     // Given that managed identity can be not available locally, we need to try to get a
                     // signed assertion, and if it fails, move to the next credentials
-                    _= await signedAssertion!.GetSignedAssertion(CancellationToken.None);
+                    _= await signedAssertion!.GetSignedAssertionAsync(null);
                     credentialDescription.CachedValue = signedAssertion;
                 }
                 catch (Exception)

src/Microsoft.Identity.Web.Certificate/SignedAssertionFromManagedIdentityCredentialLoader.cs

@@ -25,7 +25,7 @@ public async Task LoadIfNeededAsync(CredentialDescription credentialDescription,
                 {
                     // Given that managed identity can be not available locally, we need to try to get a
                     // signed assertion, and if it fails, move to the next credentials
-                    _= await managedIdentityClientAssertion!.GetSignedAssertion(CancellationToken.None);
+                    _= await managedIdentityClientAssertion!.GetSignedAssertionAsync(null);
                     credentialDescription.CachedValue = managedIdentityClientAssertion;
                 }
                 catch (AuthenticationFailedException)

src/Microsoft.Identity.Web.Certificateless/AzureIdentityForKubernetesClientAssertion.cs

@@ -6,6 +6,7 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
+using Microsoft.Identity.Client;
 using Microsoft.IdentityModel.JsonWebTokens;
 
 namespace Microsoft.Identity.Web
@@ -65,7 +66,7 @@ public AzureIdentityForKubernetesClientAssertion(string? filePath, ILogger? logg
         /// Get the signed assertion from a file.
         /// </summary>
         /// <returns>The signed assertion.</returns>
-        protected override Task<ClientAssertion> GetClientAssertion(CancellationToken cancellationToken)
+        protected override Task<ClientAssertion> GetClientAssertionAsync(AssertionRequestOptions? assertionRequestOptions)
         {
             if (_filePath != null && !File.Exists(_filePath))
             {

src/Microsoft.Identity.Web.Certificateless/ClientAssertionProviderBase.cs

@@ -4,6 +4,7 @@
 using System;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Identity.Client;
 
 namespace Microsoft.Identity.Web
 {
@@ -16,9 +17,9 @@ public abstract class ClientAssertionProviderBase
         /// <summary>
         /// Gets the Client assertion
         /// </summary>
-        /// <param name="cancellationToken"></param>
+        /// <param name="assertionRequestOptions"></param>
         /// <returns></returns>
-        protected abstract Task<ClientAssertion> GetClientAssertion(CancellationToken cancellationToken);
+        protected abstract Task<ClientAssertion> GetClientAssertionAsync(AssertionRequestOptions? assertionRequestOptions);
 
         /// <summary>
         /// Client assertion.
@@ -28,13 +29,13 @@ public abstract class ClientAssertionProviderBase
         /// <summary>
         /// Get the signed assertion (and refreshes it if needed).
         /// </summary>
-        /// <param name="cancellationToken">Cancellation token.</param>
+        /// <param name="assertionRequestOptions">Input object which is populated by the SDK.</param>
         /// <returns>The signed assertion.</returns>
-        public async Task<string> GetSignedAssertion(CancellationToken cancellationToken)
+        public async Task<string> GetSignedAssertionAsync(AssertionRequestOptions? assertionRequestOptions)
         {
             if (_clientAssertion == null || (Expiry != null && DateTimeOffset.Now > Expiry))
             {
-                _clientAssertion = await GetClientAssertion(cancellationToken).ConfigureAwait(false);
+                _clientAssertion = await GetClientAssertionAsync(assertionRequestOptions).ConfigureAwait(false);
             }
 
             return _clientAssertion.SignedAssertion;

src/Microsoft.Identity.Web.Certificateless/ManagedIdentityClientAssertion.cs

@@ -5,6 +5,7 @@
 using System.Threading.Tasks;
 using Azure.Core;
 using Azure.Identity;
+using Microsoft.Identity.Client;
 using Microsoft.Identity.Web.Certificateless;
 
 namespace Microsoft.Identity.Web
@@ -54,11 +55,11 @@ public ManagedIdentityClientAssertion(string? managedIdentityClientId, string? t
         /// acquired with managed identity (certificateless).
         /// </summary>
         /// <returns>The signed assertion.</returns>
-        protected override async Task<ClientAssertion> GetClientAssertion(CancellationToken cancellationToken)
+        protected override async Task<ClientAssertion> GetClientAssertionAsync(AssertionRequestOptions? assertionRequestOptions)
         {
             var result = await _credential.GetTokenAsync(
                 new TokenRequestContext([_tokenExchangeUrl], null),
-                cancellationToken).ConfigureAwait(false);
+                assertionRequestOptions?.CancellationToken ?? default).ConfigureAwait(false);
             return new ClientAssertion(result.Token, result.ExpiresOn);
         }
     }

src/Microsoft.Identity.Web.TokenAcquisition/ConfidentialClientApplicationBuilderExtension.cs

@@ -58,23 +58,23 @@ public static async Task<ConfidentialClientApplicationBuilder> WithClientCredent
                             else
                             {
                                 Logger.UsingManagedIdentity(logger);
-                                return builder.WithClientAssertion((credential.CachedValue as ManagedIdentityClientAssertion)!.GetSignedAssertion);
+                                return builder.WithClientAssertion((credential.CachedValue as ManagedIdentityClientAssertion)!.GetSignedAssertionAsync);
                             }
                         }
                         if (credential.SourceType == CredentialSource.SignedAssertionFilePath)
                         {
                             if (!credential.Skip)
                             {
                                 Logger.UsingPodIdentityFile(logger, credential.SignedAssertionFileDiskPath ?? "not found");
-                                return builder.WithClientAssertion((credential.CachedValue as AzureIdentityForKubernetesClientAssertion)!.GetSignedAssertion);
+                                return builder.WithClientAssertion((credential.CachedValue as AzureIdentityForKubernetesClientAssertion)!.GetSignedAssertionAsync);
                             }
                         }
                         if (credential.SourceType == CredentialSource.SignedAssertionFromVault)
                         {
                             if (!credential.Skip)
                             {
                                 Logger.UsingSignedAssertionFromVault(logger, credential.KeyVaultUrl ?? "undefined");
-                                return builder.WithClientAssertion((credential.CachedValue as ClientAssertionProviderBase)!.GetSignedAssertion);
+                                return builder.WithClientAssertion((credential.CachedValue as ClientAssertionProviderBase)!.GetSignedAssertionAsync);
                             }
                         }
                     }

tests/Microsoft.Identity.Web.Test/AzureIdentityForKubernetesClientAssertionTests.cs

@@ -30,7 +30,7 @@ public async Task GetAksClientAssertion_WhenSpecifiedSignedAssertionFileExists_R
             AzureIdentityForKubernetesClientAssertion azureIdentityForKubernetesClientAssertion = new AzureIdentityForKubernetesClientAssertion(_filePath);
 
             // Act
-            string signedAssertion = await azureIdentityForKubernetesClientAssertion.GetSignedAssertion(CancellationToken.None);
+            string signedAssertion = await azureIdentityForKubernetesClientAssertion.GetSignedAssertionAsync(null);
 
             // Assert
             Assert.NotNull(signedAssertion);
@@ -45,7 +45,7 @@ public async Task GetAksClientAssertion_WhenEnvironmentVariablePointsToSignedAss
             AzureIdentityForKubernetesClientAssertion azureIdentityForKubernetesClientAssertion = new AzureIdentityForKubernetesClientAssertion();
 
             // Act
-            string signedAssertion = await azureIdentityForKubernetesClientAssertion.GetSignedAssertion(CancellationToken.None);
+            string signedAssertion = await azureIdentityForKubernetesClientAssertion.GetSignedAssertionAsync(null);
 
             // Assert
             Assert.NotNull(signedAssertion);
@@ -62,7 +62,7 @@ public async Task GetAksClientAssertion_WhenSignedAssertionFileDoesNotExist_Thro
             AzureIdentityForKubernetesClientAssertion azureIdentityForKubernetesClientAssertion = new AzureIdentityForKubernetesClientAssertion(filePath);
 
             // Act & Assert
-            var ex = await Assert.ThrowsAsync<FileNotFoundException>(() => azureIdentityForKubernetesClientAssertion.GetSignedAssertion(CancellationToken.None));
+            var ex = await Assert.ThrowsAsync<FileNotFoundException>(() => azureIdentityForKubernetesClientAssertion.GetSignedAssertionAsync(null));
             Assert.Contains(filePath, ex.Message, System.StringComparison.OrdinalIgnoreCase);
         }
     }

tests/Microsoft.Identity.Web.Test/ClientAssertionTests.cs

@@ -5,6 +5,7 @@
 using System.Globalization;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Identity.Client;
 using Xunit;
 
 namespace Microsoft.Identity.Web.Test
@@ -13,7 +14,7 @@ public class TestClientAssertion : ClientAssertionProviderBase
     {
         private int _n = 0;
 
-        protected override Task<ClientAssertion> GetClientAssertion(CancellationToken cancellationToken)
+        protected override Task<ClientAssertion> GetClientAssertionAsync(AssertionRequestOptions? assertionRequestOptions)
         {
             _n++;
             return Task.FromResult(new ClientAssertion(
@@ -28,16 +29,17 @@ public class ClientAssertionTests
         public async Task TestClientAssertion()
         {
             TestClientAssertion clientAssertionDescription = new TestClientAssertion();
+            AssertionRequestOptions options = new AssertionRequestOptions();
 
-            string assertion = await clientAssertionDescription.GetSignedAssertion(CancellationToken.None).ConfigureAwait(false);
+            string assertion = await clientAssertionDescription.GetSignedAssertionAsync(options).ConfigureAwait(false);
 
             Assert.Equal("1", assertion);
-            assertion = await clientAssertionDescription.GetSignedAssertion(CancellationToken.None).ConfigureAwait(false);
+            assertion = await clientAssertionDescription.GetSignedAssertionAsync(options).ConfigureAwait(false);
             Assert.Equal("1", assertion);
 
             Assert.NotNull(clientAssertionDescription.Expiry);
             await Task.Delay(clientAssertionDescription.Expiry.Value - DateTimeOffset.Now + TimeSpan.FromMilliseconds(100)).ConfigureAwait(false);
-            assertion = await clientAssertionDescription.GetSignedAssertion(CancellationToken.None).ConfigureAwait(false);
+            assertion = await clientAssertionDescription.GetSignedAssertionAsync(options).ConfigureAwait(false);
             Assert.Equal("2", assertion);
         }