"default azure credential" AAD support (#44)

Co-authored-by: clemensv <clemensv@microsoft.com>

build/dependencies.props

@@ -28,7 +28,7 @@
     <XunitRunnerVisualStudioPackageVersion>2.4.5</XunitRunnerVisualStudioPackageVersion>
     <XunitRunnerMsBuildPackageVersion>2.4.1</XunitRunnerMsBuildPackageVersion>
     <NewtonsoftJsonPackageVersion>13.0.1</NewtonsoftJsonPackageVersion>
-    <MicrosoftAzureRelayPackageVersion>2.0.15596</MicrosoftAzureRelayPackageVersion>
+    <MicrosoftAzureRelayPackageVersion>3.0.0-preview</MicrosoftAzureRelayPackageVersion>
     <McMasterExtensionsCommandLineUtilsPackageVersion>4.0.1</McMasterExtensionsCommandLineUtilsPackageVersion>
     <SerilogExtensionsLoggingFilePackageVersion>3.0.0</SerilogExtensionsLoggingFilePackageVersion>
   </PropertyGroup>

src/Microsoft.Azure.Relay.Bridge/Configuration/CommandLineSettings.cs

@@ -51,7 +51,7 @@ namespace Microsoft.Azure.Relay.Bridge.Configuration
         [Option(CommandOptionType.SingleValue, ShortName = "s", Description = "Azure Relay shared access signature token")]
         public string Signature { get; set; }
 
-        [Option(CommandOptionType.SingleValue, ShortName = "x", Description = "Azure Relay connection string (overridden with -S -K -k -E)")]
+        [Option(CommandOptionType.SingleValue, ShortName = "x", Description = "Azure Relay connection string (overridden with -S -K -k -e)")]
         public string ConnectionString { get; internal set; }
 
         [Option(CommandOptionType.NoValue, ShortName = "v", Description = "Verbose log output")]

src/Microsoft.Azure.Relay.Bridge/Host.cs

@@ -8,7 +8,12 @@ namespace Microsoft.Azure.Relay.Bridge
     using System.IO;
     using System.Reflection;
     using System.Text;
+    using System.Threading;
+    using global::Azure.Core;
+    using global::Azure.Identity;
     using Microsoft.Azure.Relay.Bridge.Configuration;
+    using Microsoft.Identity.Client;
+    using Microsoft.Identity.Client.Platforms.Features.DesktopOs.Kerberos;
     using Newtonsoft.Json;
     using Newtonsoft.Json.Linq;
 
@@ -17,13 +22,35 @@ namespace Microsoft.Azure.Relay.Bridge
         LocalForwardHost hybridConnectionTcpListenerHost;
         RemoteForwardHost hybridConnectionTcpClientHost;
         private Config config;
-        EventTraceActivity hostActivity = BridgeEventSource.NewActivity("Host");           
+        EventTraceActivity hostActivity = BridgeEventSource.NewActivity("Host");
 
         public Host(Config config)
         {
             this.config = config;
         }
 
+        static Host()
+        {
+            DefaultAzureCredentialTokenProvider = GetDefaultAzureCredentialTokenProvider();
+        }
+
+        static TokenProvider GetDefaultAzureCredentialTokenProvider()
+        {
+            return TokenProvider.CreateAzureActiveDirectoryTokenProvider(
+                async (audience, authority, state) =>
+                {
+                    var defaultAzureCredential = new DefaultAzureCredential();
+                    var trc = new TokenRequestContext(new[] { authority });
+                    return (await defaultAzureCredential.GetTokenAsync(trc)).Token;
+                },
+                "https://relay.azure.net/.default");
+        }
+
+        public static TokenProvider DefaultAzureCredentialTokenProvider 
+        {
+            get;
+        }
+
         public void Start()
         {
             hostActivity.DiagnosticsActivity.Start();
@@ -65,7 +92,7 @@ namespace Microsoft.Azure.Relay.Bridge
                     jwriter.Formatting = Formatting.Indented;
                     config.WriteTo(jwriter);
                     jwriter.Flush();
-                }                    
+                }
             }
         }
 

src/Microsoft.Azure.Relay.Bridge/Microsoft.Azure.Relay.Bridge.csproj

@@ -14,6 +14,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Azure.Identity" Version="1.6.1" />
     <PackageReference Include="McMaster.Extensions.CommandLineUtils" Version="$(McMasterExtensionsCommandLineUtilsPackageVersion)" />
     <PackageReference Include="Microsoft.Azure.Relay" Version="$(MicrosoftAzureRelayPackageVersion)" />
     <PackageReference Include="Newtonsoft.Json" Version="$(NewtonsoftJsonPackageVersion)" />

src/Microsoft.Azure.Relay.Bridge/RemoteForwardBridge.cs

@@ -78,7 +78,14 @@ namespace Microsoft.Azure.Relay.Bridge
                 throw new InvalidOperationException();
             }
 
-            this.listener = new HybridConnectionListener(connectionString.ToString());
+            if (connectionString.SharedAccessKeyName == null && connectionString.SharedAccessSignature == null)
+            {
+                this.listener = new HybridConnectionListener(new Uri(connectionString.Endpoint, connectionString.EntityPath), Host.DefaultAzureCredentialTokenProvider);
+            }
+            else
+            {
+                this.listener = new HybridConnectionListener(connectionString.ToString());
+            }
             this.listener.Online += (s, e) => { Online?.Invoke(this, e); };
             this.listener.Offline += (s, e) => { Offline?.Invoke(this, e); };
             this.listener.Connecting += (s, e) => { Connecting?.Invoke(this, e); };

src/Microsoft.Azure.Relay.Bridge/RemoteForwardHost.cs

@@ -32,6 +32,7 @@ namespace Microsoft.Azure.Relay.Bridge
             {
                 BridgeEventSource.Log.RemoteForwardHostStartFailure(activity, exception);
                 this.activity.DiagnosticsActivity.Stop();
+                throw;
             }
         }
 

src/Microsoft.Azure.Relay.Bridge/SocketLocalForwardBridge.cs

@@ -31,7 +31,14 @@ namespace Microsoft.Azure.Relay.Bridge
         {
             PortName = portName;
             this.config = config;
-            this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            if (connectionString.SharedAccessKeyName == null && connectionString.SharedAccessSignature == null)
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(new Uri(connectionString.Endpoint, connectionString.EntityPath), Host.DefaultAzureCredentialTokenProvider);
+            }
+            else
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            }
         }
 
         public event EventHandler NotifyException;

src/Microsoft.Azure.Relay.Bridge/TcpLocalForwardBridge.cs

@@ -30,7 +30,14 @@ namespace Microsoft.Azure.Relay.Bridge
         {
             PortName = portName;
             this.config = config;
-            this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            if (connectionString.SharedAccessKeyName == null && connectionString.SharedAccessSignature == null)
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(new Uri(connectionString.Endpoint, connectionString.EntityPath), Host.DefaultAzureCredentialTokenProvider);
+            }
+            else
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            }
         }
 
         public event EventHandler NotifyException;

src/Microsoft.Azure.Relay.Bridge/UdpLocalForwardBridge.cs

@@ -34,7 +34,14 @@ namespace Microsoft.Azure.Relay.Bridge
         {
             PortName = portName;
             this.config = config;
-            this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            if (connectionString.SharedAccessKeyName == null && connectionString.SharedAccessSignature == null)
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(new Uri(connectionString.Endpoint, connectionString.EntityPath), Host.DefaultAzureCredentialTokenProvider);
+            }
+            else
+            {
+                this.hybridConnectionClient = new HybridConnectionClient(connectionString.ToString());
+            }
         }
 
         public event EventHandler NotifyException;

src/azbridge/Program.cs

@@ -76,13 +76,14 @@ namespace azbridge
                 var globalCxn = config.AzureRelayConnectionString;
                 if ( globalCxn == null &&
                     (config.LocalForward.Any((f)=>f.ConnectionString == null) ||
-                    config.RemoteForward.Any((f) => f.ConnectionString == null)))
+                    config.RemoteForward.Any((f) => f.ConnectionString == null)) &&
+                    config.AzureRelayEndpoint == null)
                 {
-                    Console.WriteLine("Connection string(s) undefined; -x/AzureRelayConnectionString. azbridge -h for help.");
+                    
+                    Console.WriteLine("Connection string(s) undefined; -x/AzureRelayConnectionString and no endpoint defined -e. azbridge -h for help.");
 
                     return 3;
-                }
-
+                } 
                 LogLevel logLevel = LogLevel.Error;
                 if (!settings.Quiet.HasValue || !settings.Quiet.Value)
                 {
@@ -138,7 +139,8 @@ namespace azbridge
                 
                 logger = loggerFactory.CreateLogger("azbridge");
                 DiagnosticListener.AllListeners.Subscribe(new SubscriberObserver(logger));
-                
+
+                Console.WriteLine("Press Ctrl+C to stop.");
                 Host host = new Host(config);
                 host.Start();