Azure Marketplace Fulfillment API throws Error 403 (.NET Framework)

409 Views Asked by At

I try to integrate with Azure Marketplace. As a first step I try to implement Resolve API request.

I used a commercial-marketplace-client-dotnet GitHub repository as an example.

Our solution uses .NET Framework stack and I implemented some changes in the GitHub sources. I have migrated class ClientSecretTokenProvider from .NET Core to .NET Framework.

My implementation of ClientSecretTokenProvider is here:

using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Microsoft.Rest;
using System.Net.Http.Headers;
using System.Threading;
using System.Threading.Tasks;

namespace CloudMonix.Infrastructure.AzureMarketplace
{
    public class ClientSecretTokenProvider : ITokenProvider
    {
        // https://learn.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-registration#get-a-token-based-on-the-azure-ad-app

        private const string AuthenticationEndpoint = "https://login.microsoftonline.com/{0}/oauth2/token";
        private const string MarketplaceResourceId = "20e940b3-4c77-4b0b-9a53-9e16a1b010a7";

        private readonly string _tenantId;
        private readonly string _clientId;
        private readonly string _clientSecret;

        public ClientSecretTokenProvider(string tenantId, string clientId, string clientSecret)
        {
            _tenantId = tenantId;
            _clientId = clientId;
            _clientSecret = clientSecret;
        }

        public Task<AuthenticationHeaderValue> GetAuthenticationHeaderAsync(CancellationToken cancellationToken)
        {
            var credential = new ClientCredential(_clientId, _clientSecret);

            var authority = string.Format(AuthenticationEndpoint, _tenantId);
            var scope = $"{MarketplaceResourceId}/.default";

            var context = new AuthenticationContext(authority);
            var token = context.AcquireToken(scope, credential);

            var result = new AuthenticationHeaderValue("Bearer", token.AccessToken);

            return Task.FromResult(result);
        }
    }
}

All other classes (auto-generated client and models) I have added to our solution without any changes.

Also I have registered new Azure Application (and generate Client Secret Key). I provided Application ID and Tennant ID to my offer: enter image description here

I can receive Azure Marketplace Token from the Landing Page request GET parameter. Also I can successfully get AccessToken using ClientSecretTokenProvider class.

But when I use AccessToken to the Fulfillment API (Resolve API request) then I got Error 403.

What I'm missing?

Thanks to advance to any help.

UPDATE 1:

Example of usage MarketplaceSaaSClient class:

public ActionResult Index(string token)
{
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

    if (!string.IsNullOrEmpty(token))
    {
        var tenantId = "<TENANT ID>";
        var clientId = "<APP ID>";
        var clientSecret = "<APP SECRET>";

        var requestId = Guid.NewGuid();
        var correlationId = Guid.NewGuid();

        var client = new MarketplaceSaaSClient(tenantId, clientId, clientSecret);
        var subscription = client.FulfillmentOperations.Resolve(token, requestId, correlationId);
    }

    ViewBag.Title = "Home Page";

    return View();
}
0

There are 0 best solutions below