Where do the parameters for KeyVaultClient.AuthenticationCallback Delegate come from?

Question

I'm trying to call all the vaults in a subscription. The approach I'm using is this -

Controller

var myClient = new Microsoft.Azure.KeyVault.KeyVaultClient(new KeyVaultClient.AuthenticationCallback(Helper.GetToken));
Microsoft.Azure.KeyVault.KeyVaultCredential test = new KeyVaultCredential(new KeyVaultClient.AuthenticationCallback(Helper.GetToken));

TokenCloudCredentials tokenCredentials = new TokenCloudCredentials("xxx", test.Token);

KeyVaultManagementClient client = new KeyVaultManagementClient(tokenCredentials);
VaultListResponse response = new VaultListResponse();

Helper

public static async Task<string> GetToken(string authority, string resource, string scope)
{

  var clientId = ConfigurationManager.AppSettings["AuthClientId"];
  var clientRedirectURI = ConfigurationManager.AppSettings["AuthClientRedirectURI"];

  var context = new AuthenticationContext(authority, TokenCache.DefaultShared);

  result = await context.AcquireTokenAsync(resource, clientId, new Uri(clientRedirectURI), new PlatformParameters(PromptBehavior.Always)); 
 return result.AccessToken; 
}

For my controller "test.Token" always returns null but I can't help but think it may be from me not passing anything into Helper.Token in test. I know that the Helper.Token essentially matches what the call back wants:

public delegate Task<string> AuthenticationCallback(
string authority,
string resource,
string scope)

But where do I get authority, resource and scope from? Thanks!

Answer 1

AuthenticationCallback is a delegate function and the value of authority/resource/scope is provide by SDK, we need to provide the delegate function to use these values to get the access token.

If you are using a web app, your code will not work ,because you need to provide the client_secret or client_assertion during the oath process . And if you debug your application , you will find the GetToken function will not fire ,because you don’t use that client to perform a query (or other operation). Please refer to below link for how to use Azure Key Vault from a Web Application :

https://docs.microsoft.com/en-us/azure/key-vault/key-vault-use-from-web-application

Please also click here which includes two video tutorials which helps you understand better .