Added the secure app model samples (#6)

* Added the secure app model samples

* Incorporated changes regarding the partner service settings.

* Moved the KeyVault address to the configuration file.

* Updated the NuGet packages for the CPV sample. Also, refactored the Key Vault provider to not create new instance of the HttpClient for each time a secret is requested.

.github/ISSUE_TEMPLATE/BUG_REPORT.md

@@ -0,0 +1,28 @@
+---
+name: Bug report
+about: Create a report to help us improve
+
+---
+
+# Steps to reproduce
+
+> What steps can reproduce the defect?
+> Please share the setup, sample project, version of Java etc.
+
+## Expected behavior
+
+> Share the expected output
+
+## Actual behavior
+
+> What is the behavior observed?
+
+## Diagnostic logs
+
+> Please share test platform diagnostics logs.  
+> The logs may contain test assembly paths, kindly review and mask those before sharing.
+
+## Environment
+
+> Please share additional details about your environment.
+> Version

.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md

@@ -0,0 +1,19 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+
+---
+
+# Feature Request
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I am always frustrated when [...]
+
+**Describe the solution you would like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you have considered**
+A clear and concise description of any alternative solutions or features you have considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,7 @@
+# Description
+
+Please add a meaningful description for this change. Ensure the PR has required unit tests.
+
+## Related issue
+
+Kindly link any related issues (e.g. Fixes #xyz).

CODE_OF_CONDUCT.md

@@ -0,0 +1,3 @@
+# Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

CONTRIBUTING.md

@@ -0,0 +1,80 @@
+# Contributing to Partner Center .NET Samples
+
+This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to and actually do, grant us
+the rights to use your contribution. View the [Contributor License Agreement](https://cla.microsoft.com) for more details.
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+
+- [Code of Conduct](#code-of-conduct)
+- [Issues and Bugs](#finding-issues)
+- [Feature Requests](#requesting-features)
+- [Submission Guidelines](#submission-guidelines)
+
+## Code of Conduct
+
+Help us keep this project open and inclusive. Please read and follow our [Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+## Finding Issues
+
+If you find a bug in the source code or a mistake in the documentation, you can help us by
+[submitting an issue](#submitting-an-issue) to the GitHub Repository. Even better, you can
+[submit a Pull Request](#submitting-a-pull-request) with a fix.
+
+## Requesting Features
+
+You can *request* a new feature by [submitting an issue](#submitting-an-issue) to the GitHub
+Repository. If you would like to *implement* a new feature, please submit an issue with
+a proposal for your work first, to be sure that we can use it.
+
+**Small Features** can be crafted and directly [submitted as a Pull Request](#submitting-a-pull-request).
+
+## Submission Guidelines
+
+### Submitting an Issue
+
+Before you submit an issue, search the archive, maybe your question was already answered.
+
+If your issue appears to be a bug and hasn't been reported, open a new issue.
+Help us to maximize the effort we can spend fixing issues and add new
+features, by not reporting duplicate issues.  Providing the following information will increase the
+chances of your issue being dealt with quickly:
+
+- **Overview of the Issue** - if an error is being thrown a non-minified stack trace helps
+- **Version** - what version is affected (e.g. 0.1.2)
+- **Motivation for or Use Case** - explain what are you trying to do and why the current behavior is a bug for you
+- **Browsers and Operating System** - is this a problem with all browsers?
+- **Reproduce the Error** - provide a live example or an unambiguous set of steps
+- **Related Issues** - has a similar issue been reported before?
+- **Suggest a Fix** - if you can't fix the bug yourself, perhaps you can point to what might be
+  causing the problem (line of code or commit)
+
+You can file new issues by providing the above information at the [corresponding repository's issues link](https://github.com/Microsoft/Partner-Center-DotNet-Samples/issues/new).
+
+### Submitting a Pull Request
+
+Before you submit your Pull Request (PR) consider the following guidelines:
+
+- [Search the repository](https://github.com/Microsoft/Partner-Center-DotNet-Samples/pulls) for an open or closed PR
+  that relates to your submission. You don't want to duplicate effort.
+
+- Make your changes in a new git fork:
+
+- Commit your changes using a descriptive commit message
+- Push your fork to GitHub:
+- In GitHub, create a pull request
+- If we suggest changes then:
+  - Make the required updates.
+  - Rebase your fork and force push to your GitHub repository (this will update your Pull Request):
+
+    ```shell
+    git rebase master -i
+    git push -f
+    ```
+
+That is it! Thank you for your contribution!

README.md

@@ -1,14 +1,14 @@
+# Partner Center .NET Samples
 
-# Contributing
+This repository contains samples for the Partner Center .NET SDK.
 
-This project welcomes contributions and suggestions.  Most contributions require you to agree to a
-Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.microsoft.com.
+## Samples List
 
-When you submit a pull request, a CLA-bot will automatically determine whether you need to provide
-a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions
-provided by the bot. You will only need to do this once across all repos using our CLA.
+| Sample Name | Description |
+|-------------|-------------|
+| [SDK Samples](sdk/README.md) | Console application that demonstrates each scenario the Partner Center .NET SDK is capable of performing.|
+| [Secure App Model](secure-app-model/README.md) | A set of projects that demonstrate how a Control Panel Vendor (CPV) and a Cloud Solution Provider (CSP) should implement the Secure App Model. |
 
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+## Reporting Security Issues
+
+Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) at [secure@microsoft.com](mailto:secure@microsoft.com). You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the [MSRC PGP](https://technet.microsoft.com/en-us/security/dn606155) key, can be found in the [Security TechCenter](https://technet.microsoft.com/en-us/security/default).

Source/Partner Center SDK Samples/Settings.StyleCop

@@ -1,15 +0,0 @@
-<StyleCopSettings Version="105">
-  <Parsers>
-    <Parser ParserId="StyleCop.CSharp.CsParser">
-      <ParserSettings>
-        <BooleanProperty Name="AnalyzeDesignerFiles">False</BooleanProperty>
-        <CollectionProperty Name="GeneratedFileFilters">
-          <Value>\.g\.cs$</Value>
-          <Value>\.generated\.cs$</Value>
-          <Value>\.g\.i\.cs$</Value>
-          <Value>TemporaryGeneratedFile_.*\.cs$</Value>
-        </CollectionProperty>
-      </ParserSettings>
-    </Parser>
-  </Parsers>
-</StyleCopSettings>

nuget.config

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<configuration>
-	<packageSources>
-    <add key="NuGet official package source" value="https://nuget.org/api/v2/" />
-    <add key="dependencyVersion" value="Highest" />
-  </packageSources>
-</configuration>

sdk/README.md

@@ -0,0 +1,87 @@
+# SDK Samples
+
+## Overview
+
+Console application that demonstrates each scenario the Partner Center .NET SDK is capable of performing.
+
+## Getting Started
+
+Before you build the application, update the values in the *App.config* file to reflect the Azure AD authentication information you created in [Partner Center authentication](https://docs.microsoft.com/partner-center/develop/partner-center-authentication). Specifically, you should use your integration sandbox account settings during early development or for testing in production.
+
+Under **ScenarioSettings** in the *App.config* file, you can set parameters that will be automatically passed into the scenarios that you run.
+
+To modify the list of scenarios that are run, comment out lines in **MainScenarios** or in an individual **Get Scenarios** method found in the *Program.cs* file.
+
+## Prerequisites
+
+With previous versions of this sample there were configurations for user credentials. Those configurations have been removed, and now you will be prompted to enter the credentials upon execution. This change was made due to the upcoming requirement to use multi-factor authentication (MFA) when access Partner Center and the Partner Center API using app + user authentication. Please note that the approach used by this application to obtain user credentials is just one way this operation can be performed. It is recommended that you review the [Secure App Model](../secure-app-model/README.md) sample for more information.
+
+### Azure Active Directory
+
+Perform the following task to correctly configure the Azure AD application for use with this sample project.
+
+1. Sign in to the [Partner Center](https://partner.microsoft.com/cloud-solution-provider/csp-partner) using credentials that have *Admin Agent* and *Global Admin* privileges
+2. Click on _Dashboard_  at the top of the page, then click on the cog icon in the upper right, and then click the _Partner settings_.
+3. Add a new native application if one does not exist already.
+4. Sign in to the [Azure management portal](https://portal.azure.com) using the same credentials from step 1.
+5. Click on the _Azure Active Directory_ icon in the toolbar.
+6. Click _App registrations_ -> Select _All apps_ from the drop down -> Click on the application created in step 3.
+7. Click _Settings_ and then click _Redirect URIs_
+8. Add **urn:ietf:wg:oauth:2.0:oob** as one of the available Redirect URIs. Be sure to click the _Save_ button to ensure the changes are saved.  
+
+## What to Change
+
+### PartnerServiceSettings
+
+If you are connecting to one of the sovereign clouds you will need to modify the values below. These values should not be modified if you are connecting to the commercial cloud.
+
+- PartnerServiceApiEndpoint
+- AuthenticationAuthorityEndpoint
+- GraphEndpoint
+
+All thees settings are necessary for the sample API calls to properly function.
+
+### AppAuthentication
+
+The following settings must be modified, so that each scenario functions as excepted
+
+- **ApplicationId**: Your Azure Active Directory application identifier, used for authentication
+- **ApplicationSecret**: The application secret, associated with the specified Azure AD application
+- **Domain**: The Azure Active Directory domain where the Azure AD application was created
+
+### UserAuthentication
+
+The following settings must be updated, so that each scenario functions as expected
+
+- **ApplicationId**: Your Azure Active Directory application identifier, used for authentication
+
+Do not change the following configurations
+
+- RedirectUrl
+- ResourceUrl
+
+### ScenarioSettings
+
+Do not change the following setting
+
+- **CustomerDomainSuffix**: The domain suffix used when creating a new customer
+
+The following settings can be updated, if left blank information will need to be inputted when running a scenario where it is necessary
+
+- **CustomerIdToDelete**: The ID of the customer used for deletion.
+- **DefaultCustomerId**: The customer ID to use in customer-related scenarios.
+- **DefaultInvoiceId**: The invoice ID to use in invoice scenarios.
+- **PartnerMpnId**: The partner MPN ID to use in indirect partner scenarios.
+- **DefaultServiceRequestId**: The service request ID to use in service request scenarios.
+- **DefaultSupportTopicId**: The support topic ID to use in service request scenarios.
+- **DefaultOfferId**: The offer ID to use in offer scenarios.
+- **DefaultOrderId**: The order ID to use in order scenarios.
+- **DefaultSubscriptionId**: The subscription ID to use in subscription scenarios.
+
+Each of the following of settings specify the amount of entries per page when retrieving paged content. These settings can be modified if desired
+
+- CustomerPageSize
+- DefaultOfferPageSize
+- InvoicePageSize
+- ServiceRequestPageSize
+- SubscriptionPageSize

sdk/SdkSamples.sln

@@ -1,14 +1,9 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 14
-VisualStudioVersion = 14.0.25420.1
+# Visual Studio 15
+VisualStudioVersion = 15.0.28010.2050
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Partner Center SDK Samples", "Source\Partner Center SDK Samples\Partner Center SDK Samples.csproj", "{AC93E5CC-549C-4F13-9675-A86860918C2B}"
-EndProject
-Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{9445B986-021F-44FE-BA08-92C43301F8AF}"
-	ProjectSection(SolutionItems) = preProject
-		nuget.config = nuget.config
-	EndProjectSection
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SdkSamples", "SdkSamples\SdkSamples.csproj", "{AC93E5CC-549C-4F13-9675-A86860918C2B}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -24,4 +19,7 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {8E53D670-F5E9-41B1-B567-8819B3AD3DCF}
+	EndGlobalSection
 EndGlobal

sdk/SdkSamples/App.config

@@ -8,7 +8,7 @@
   </configSections>
 
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.1" />
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
   </startup>
 
   <!-- Groups settings related to remote endpoints needed to access the partner API service -->
@@ -26,9 +26,6 @@
     <!-- This value must NOT end with a trailing '/'. -->
     <add key="ResourceUrl" value="https://api.partnercenter.microsoft.com" />
     <add key="RedirectUrl" value="http://localhost" />
-    <!-- The active directory user credentials, paste your credentials here. -->
-    <add key="UserName" value="" />
-    <add key="Password" value="" />
   </UserAuthentication>
 
   <AppAuthentication>
@@ -119,7 +116,7 @@
     <!-- The Default Billing Cycle for creating a cart, leave empty to prompt user to enter it -->
     <add key="DefaultBillingCycle" value="" />
     <!-- The Default Customers Agreement csv file, leave empty to prompt user to enter it -->
-    <add key="DefaultCustomerAgreementCsvFileName" value=""/>
+    <add key="DefaultCustomerAgreementCsvFileName" value="" />
   </ScenarioSettings>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
@@ -129,7 +126,7 @@
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="Microsoft.IdentityModel.Clients.ActiveDirectory" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-2.29.0.1078" newVersion="2.29.0.1078" />
+        <bindingRedirect oldVersion="0.0.0.0-4.4.0.0" newVersion="4.4.0.0" />
       </dependentAssembly>
     </assemblyBinding>
   </runtime>

sdk/SdkSamples/Configuration/UserAuthenticationSection.cs

@@ -53,27 +53,5 @@ namespace Microsoft.Store.PartnerCenter.Samples.Configuration
                 return new Uri(this.ConfigurationSection["RedirectUrl"]);
             }
         }
-
-        /// <summary>
-        /// Gets AAD user name.
-        /// </summary>
-        public string UserName
-        {
-            get
-            {
-                return this.ConfigurationSection["UserName"];
-            }
-        }
-
-        /// <summary>
-        /// Gets AAD password.
-        /// </summary>
-        public string Password
-        {
-            get
-            {
-                return this.ConfigurationSection["Password"];
-            }
-        }
     }
 }

sdk/SdkSamples/Context/ScenarioContext.cs

@@ -9,16 +9,20 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
     using System;
     using System.Threading.Tasks;
     using Configuration;
+    using Extensions;
     using Helpers;
     using IdentityModel.Clients.ActiveDirectory;
-    using Store.PartnerCenter;
-    using Store.PartnerCenter.Extensions;
 
     /// <summary>
     /// Scenario context implementation class.
     /// </summary>
     public class ScenarioContext : IScenarioContext
     {
+        /// <summary>
+        /// The redirect URI used when performing app + user authentication.
+        /// </summary>
+        private static readonly Uri redirectUri = new Uri("urn:ietf:wg:oauth:2.0:oob");
+
         /// <summary>
         /// A lazy reference to an user based partner operations.
         /// </summary>
@@ -50,11 +54,11 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
                     this.ConsoleHelper.StartProgress("Authenticating application");
 
                     IPartnerCredentials appCredentials = PartnerCredentials.Instance.GenerateByApplicationCredentials(
-                    this.Configuration.ApplicationAuthentication.ApplicationId,
-                    this.Configuration.ApplicationAuthentication.ApplicationSecret,
-                    this.Configuration.ApplicationAuthentication.Domain,
-                    this.Configuration.PartnerService.AuthenticationAuthorityEndpoint.OriginalString,
-                    this.Configuration.PartnerService.GraphEndpoint.OriginalString);
+                        this.Configuration.ApplicationAuthentication.ApplicationId,
+                        this.Configuration.ApplicationAuthentication.ApplicationSecret,
+                        this.Configuration.ApplicationAuthentication.Domain,
+                        this.Configuration.PartnerService.AuthenticationAuthorityEndpoint.OriginalString,
+                        this.Configuration.PartnerService.GraphEndpoint.OriginalString);
 
                     this.ConsoleHelper.StopProgress();
                     this.ConsoleHelper.Success("Authenticated!");
@@ -69,24 +73,12 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
         /// <summary>
         /// Gets a configuration instance.
         /// </summary>
-        public ConfigurationManager Configuration
-        {
-            get
-            {
-                return ConfigurationManager.Instance;
-            }
-        }
+        public ConfigurationManager Configuration => ConfigurationManager.Instance;
 
         /// <summary>
         /// Gets a console helper instance.
         /// </summary>
-        public ConsoleHelper ConsoleHelper
-        {
-            get
-            {
-                return ConsoleHelper.Instance;
-            }
-        }
+        public ConsoleHelper ConsoleHelper => ConsoleHelper.Instance;
 
         /// <summary>
         /// Gets a partner operations instance which is user based authenticated.
@@ -98,7 +90,8 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
                 if (this.userPartnerOperations == null)
                 {
                     this.ConsoleHelper.StartProgress("Authenticating user");
-                    var aadAuthenticationResult = this.LoginUserToAad();
+
+                    AuthenticationResult aadAuthenticationResult = this.LoginUserToAad();
 
                     // Authenticate by user context with the partner service
                     IPartnerCredentials userCredentials = PartnerCredentials.Instance.GenerateByUserCredentials(
@@ -110,7 +103,7 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
                         {
                             // token has expired, re-Login to Azure Active Directory
                             this.ConsoleHelper.StartProgress("Token expired. Re-authenticating user");
-                            var aadToken = this.LoginUserToAad();
+                            AuthenticationResult aadToken = this.LoginUserToAad();
                             this.ConsoleHelper.StopProgress();
 
                             // give the partner SDK the new add token information
@@ -133,21 +126,19 @@ namespace Microsoft.Store.PartnerCenter.Samples.Context
         /// <returns>The user authentication result.</returns>
         private AuthenticationResult LoginUserToAad()
         {
-            var addAuthority = new UriBuilder(this.Configuration.PartnerService.AuthenticationAuthorityEndpoint)
+            UriBuilder addAuthority = new UriBuilder(this.Configuration.PartnerService.AuthenticationAuthorityEndpoint)
             {
                 Path = this.Configuration.PartnerService.CommonDomain
             };
 
-            UserCredential userCredentials = new UserCredential(
-                this.Configuration.UserAuthentication.UserName,
-                this.Configuration.UserAuthentication.Password);
-
             AuthenticationContext authContext = new AuthenticationContext(addAuthority.Uri.AbsoluteUri);
 
-            return authContext.AcquireToken(
-                this.Configuration.UserAuthentication.ResourceUrl.OriginalString,
-                this.Configuration.UserAuthentication.ApplicationId,
-                userCredentials);
+            return Task.Run(() => authContext.AcquireTokenAsync(
+                Configuration.UserAuthentication.ResourceUrl.OriginalString,
+                Configuration.UserAuthentication.ApplicationId,
+                redirectUri,
+                new PlatformParameters(PromptBehavior.Always),
+                UserIdentifier.AnyUser)).Result;
         }
     }
 }