{"id":19099876,"url":"https://github.com/kdcllc/AppAuthentication","last_synced_at":"2025-04-18T17:32:17.070Z","repository":{"id":96458480,"uuid":"277937163","full_name":"kdcllc/AppAuthentication","owner":"kdcllc","description":"DotNetCore CLI tool for Local Docker Containers Access to Azure Resources via Microsoft Managed Identity","archived":false,"fork":false,"pushed_at":"2023-03-23T01:10:27.000Z","size":26008,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-08-10T09:05:46.325Z","etag":null,"topics":["appauthentication","azure","azure-storage","azure-vault","docker","docker-compose","kdcllc","kubernetes","local-testing","managed-service-identity"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kdcllc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-07T22:44:19.000Z","updated_at":"2023-07-13T06:51:56.000Z","dependencies_parsed_at":null,"dependency_job_id":"24fa8473-5e29-4300-aeb4-f25e555b3a3c","html_url":"https://github.com/kdcllc/AppAuthentication","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdcllc%2FAppAuthentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdcllc%2FAppAuthentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdcllc%2FAppAuthentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdcllc%2FAppAuthentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kdcllc","download_url":"https://codeload.github.com/kdcllc/AppAuthentication/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223783108,"owners_count":17201903,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appauthentication","azure","azure-storage","azure-vault","docker","docker-compose","kdcllc","kubernetes","local-testing","managed-service-identity"],"created_at":"2024-11-09T03:52:20.466Z","updated_at":"2024-11-09T03:52:37.744Z","avatar_url":"https://github.com/kdcllc.png","language":"C#","funding_links":["https://www.buymeacoffee.com/vyve0og"],"categories":["others"],"sub_categories":[],"readme":"# AppAuthentication DotNetCore Cli Tool\n\n[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)](https://raw.githubusercontent.com/kdcllc/AppAuthentication/master/LICENSE)\n[![Build status](https://ci.appveyor.com/api/projects/status/1on0k26sok307feq?svg=true)](https://ci.appveyor.com/project/kdcllc/appauthentication)\n[![NuGet](https://img.shields.io/nuget/v/appauthentication.svg)](https://www.nuget.org/packages?q=appauthentication)\n![Nuget](https://img.shields.io/nuget/dt/appauthentication)\n[![feedz.io](https://img.shields.io/badge/endpoint.svg?url=https://f.feedz.io/kdcllc/kdcllc/shield/AppAuthentication/latest)](https://f.feedz.io/kdcllc/kdcllc/packages/AppAuthentication/latest/download)\n\n_Note: Pre-release packages are distributed via [feedz.io](https://f.feedz.io/kdcllc/kdcllc/nuget/index.json)._\n\nThe primary goal for this dotnet cli tool was to provide a seamless development experience for `local Docker Container` that requires access to Azure Resources such as Azure Key Vault, Azure Blob Storage, Azure Database etc.\n\nBy default when Visual Studio.NET or VSCode is run, the token provides are utilized to provide underline libraries with tokens for authentication. In contrast that doesn't exist for local Docker Container.\n\nOnce the tool is run, User specific Environments are set for the following variables:\n\n- `MSI_ENDPOINT` and `MSI_SECRET`\n- `IDENTITY_ENDPOINT` and `IDENTITY_HEADER`\n\nThese values allow for simulation of Azure App Service MSI Managed Identity calls.\n\n## Hire me\n\nPlease send [email](mailto:kingdavidconsulting@gmail.com) if you consider to **hire me**.\n\n[![buymeacoffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/vyve0og)\n\n## Give a Star! :star:\n\nIt supports the following authentication libraries:\n\n1. [`Microsoft.Azure.Services.AppAuthentication`](https://docs.microsoft.com/en-us/dotnet/api/overview/azure/service-to-service-authentication)\n2. [`Azure.Identity` a new standard library](https://azuresdkdocs.blob.core.windows.net/$web/dotnet/Azure.Identity/1.6.1/index.html)\n\nThe tool was tested on:\n\n- On Windows 11 Machine with Azure Cli and Visual Studio.NET Token Providers.\n\n- On Linux with Azure Cli only. Install Azure Cli `curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash`\n\n![appauthentication debug in docker](./img/appauthentication-docker-debug.gif)\n\n## Install\n\n```bash\n    dotnet tool install --global appauthentication\n```\n\n## Usage local Docker with Azure CLI\n\n1. In the terminal login to the Azure subscription:\n\n   ```bash\n       az login\n       az account list\n       az account set –subscription “YourSubscriptionName”\n   ```\n\n2. Next before starting any terminals or Development IDE please run this tool in command prompt\n\n  ```bash\n      appauthentication run\n  ```\n\n3. Verify that User Environment Variables are created `Get-ChildItem Env:` :\n\n```bash\n    IDENTITY_ENDPOINT              http://host.docker.internal:5050/oauth2/token\n    IDENTITY_HEADER                199aef00-4bd2-441f-9139-9574d001fc89\n    MSI_ENDPOINT                   http://host.docker.internal:5050/oauth2/token\n    MSI_SECRET                     199aef00-4bd2-441f-9139-9574d001fc89\n```\n\n4. If the variables are displayed that you are ready for running the containers\n\n## `Docker-Compose.yaml` to pass User Environment into container\n\n1. Update `Docker-Compose.yml` to something like this;\n\n```yml\nversion: \"3.4\"\n\n# docker-compose -f \"docker-compose.yaml\" up -d --build\n# docker-compose -f \"docker-compose.yaml\" up -d --no-recreate\nservices:\n  bet.web:\n    image: app:WorkerSample\n    build:\n      context: .\n      dockerfile: src/WorkerSample/Dockerfile\n    environment:\n      - DOTNETCORE_ENVIRONMENT=Development\n      - MSI_ENDPOINT=${MSI_ENDPOINT}\n      - MSI_SECRET=${MSI_SECRET}\n      - IDENTITY_ENDPOINT=${IDENTITY_ENDPOINT}\n      - IDENTITY_HEADER=${IDENTITY_HEADER}\n```\n\nPlease see sample project [`WorkerSample`](./src/WorkerSample)\n\n## `appauthentication` Tools possible switches\n\n- --authority:https://login.microsoftonline.com/{tenantId} or -a:https://login.microsoftonline.com/{tenantId}\n- --verbose:debug\n- --token-provider:AzureCli (default) or -t:AzureCli\n- --token-provider:VisualStudio or -t:VisualStudio\n- --environment:Production or -e:Development (used with Azure Vault values to be loaded into tooling)\n- --resource:{scope} or -r:{scope}\n- --port:1010 or -p:2323 (default: 5050)\n- --config:file or -c:appsettings.config\n- --fix or -f\n- --local or -l (default Docker) - local overrides Visual Studio.NET token profiles with this tooling\n\n## Testing `appauthentication` from cli command\n\n```bash\n    dotnet run -- run --verbose:debug --local\n```\n\n## Running on Linux\n\nSince linux doesn't support idea of `User` environment variables, the values must be supplied manually in the process before running other commands:\n\n```bash\n    export MSI_ENDPOINT='http://localhost:5050/oauth2/token' \\\n    export MSI_SECRET='199aef00-4bd2-441f-9139-9574d001fc89'     \\\n    export IDENTITY_ENDPOINT='http://localhost:5050/oauth2/token' \\\n    export IDENTITY_HEADER='199aef00-4bd2-441f-9139-9574d001fc89'    \n```\n\nIn addition, setting network parameter worked when testing with docker on linux `https://docs.docker.com/network/network-tutorial-host/#procedure`.\n\n```bash\n    docker run --rm -it -e IDENTITY_ENDPOINT='http://localhost:5050/oauth2/token' -e IDENTITY_HEADER='35e4ce9a-8447-45bb-bdd0-7b91e24cb624' --network host mcr.microsoft.com/dotnet/sdk:7.0\n```\n## Reference\n\n- To learn how to use this tool in real life example refer to [K8.DotNetCore.Workshop](https://github.com/kdcllc/K8.DotNetCore.Workshop)\n\n- [How to authenticate .NET apps to Azure services using the .NET Azure SDK](https://docs.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line)\n- [How to find your Azure Active Directory tenant ID](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-to-find-tenant)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkdcllc%2FAppAuthentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkdcllc%2FAppAuthentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkdcllc%2FAppAuthentication/lists"}