azure-cosmos-dotnet-v3/Microsoft.Azure.Cosmos/src/Authorization/CosmosScopeProvider.cs at 0e709adddf27f77b6d8f6639e979fb243cb0b5b2 · Azure/azure-cosmos-dotnet-v3 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------
namespace Microsoft.Azure.Cosmos.Authorization
{
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using global::Azure.Core;

    internal sealed class CosmosScopeProvider : IScopeProvider
    {
        private const string AadInvalidScopeErrorMessage = "AADSTS500011";
        private const string AadDefaultScope = "https://cosmos.azure.com/.default";
        private const string ScopeFormat = "https://{0}/.default";

        private readonly string accountScope;
        private readonly string overrideScope;
        private string currentScope;

        public CosmosScopeProvider(Uri accountEndpoint)
        {
            this.overrideScope = ConfigurationManager.AADScopeOverrideValue(defaultValue: null);
            this.accountScope = string.Format(ScopeFormat, accountEndpoint.Host);
            this.currentScope = this.overrideScope ?? this.accountScope;
        }

        public TokenRequestContext GetTokenRequestContext()
        {
            return new TokenRequestContext(new[] { this.currentScope });
        }

        public bool TryFallback(Exception exception)
        {
            // If override scope is set, never fallback
            if (!string.IsNullOrEmpty(this.overrideScope))
            {
                return false;
            }

            // If already using fallback scope, do not fallback again
            if (this.currentScope == CosmosScopeProvider.AadDefaultScope)
            {
                return false;
            }

#pragma warning disable CDX1003 // DontUseExceptionToString
            if (exception.ToString().Contains(CosmosScopeProvider.AadInvalidScopeErrorMessage) == true)
            {
                this.currentScope = CosmosScopeProvider.AadDefaultScope;
                return true;
            }
#pragma warning restore CDX1003 // DontUseExceptionToString

            return false;
        }

        public void Dispose()
        {
        }
    }
}