I try to integrate with Azure Marketplace. As a first step I try to implement Resolve API request.
I used a commercial-marketplace-client-dotnet GitHub repository as an example.
Our solution uses .NET Framework stack and I implemented some changes in the GitHub sources.
I have migrated class ClientSecretTokenProvider from .NET Core to .NET Framework.
My implementation of ClientSecretTokenProvider is here:
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Microsoft.Rest;
using System.Net.Http.Headers;
using System.Threading;
using System.Threading.Tasks;
namespace CloudMonix.Infrastructure.AzureMarketplace
{
public class ClientSecretTokenProvider : ITokenProvider
{
// https://learn.microsoft.com/en-us/azure/marketplace/partner-center-portal/pc-saas-registration#get-a-token-based-on-the-azure-ad-app
private const string AuthenticationEndpoint = "https://login.microsoftonline.com/{0}/oauth2/token";
private const string MarketplaceResourceId = "20e940b3-4c77-4b0b-9a53-9e16a1b010a7";
private readonly string _tenantId;
private readonly string _clientId;
private readonly string _clientSecret;
public ClientSecretTokenProvider(string tenantId, string clientId, string clientSecret)
{
_tenantId = tenantId;
_clientId = clientId;
_clientSecret = clientSecret;
}
public Task<AuthenticationHeaderValue> GetAuthenticationHeaderAsync(CancellationToken cancellationToken)
{
var credential = new ClientCredential(_clientId, _clientSecret);
var authority = string.Format(AuthenticationEndpoint, _tenantId);
var scope = $"{MarketplaceResourceId}/.default";
var context = new AuthenticationContext(authority);
var token = context.AcquireToken(scope, credential);
var result = new AuthenticationHeaderValue("Bearer", token.AccessToken);
return Task.FromResult(result);
}
}
}
All other classes (auto-generated client and models) I have added to our solution without any changes.
Also I have registered new Azure Application (and generate Client Secret Key). I provided Application ID and Tennant ID to my offer:
I can receive Azure Marketplace Token from the Landing Page request GET parameter.
Also I can successfully get AccessToken using ClientSecretTokenProvider class.
But when I use AccessToken to the Fulfillment API (Resolve API request) then I got Error 403.
What I'm missing?
Thanks to advance to any help.
UPDATE 1:
Example of usage MarketplaceSaaSClient class:
public ActionResult Index(string token)
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
if (!string.IsNullOrEmpty(token))
{
var tenantId = "<TENANT ID>";
var clientId = "<APP ID>";
var clientSecret = "<APP SECRET>";
var requestId = Guid.NewGuid();
var correlationId = Guid.NewGuid();
var client = new MarketplaceSaaSClient(tenantId, clientId, clientSecret);
var subscription = client.FulfillmentOperations.Resolve(token, requestId, correlationId);
}
ViewBag.Title = "Home Page";
return View();
}