Creating .Net Applications to Manage Windows Azure

I have been working on a tool for our Composite Windows Azure Webrole at Composite A/S that makes the deployment process easier. In this post I show a few code snippets of how to talk with the Windows Azure Management Api without client certificates but using the WAAD Oauth2 Protocol and Authorization Header.

The clickonce application I am working on can be seen here.

Caption: The Application where the user can log in using Oauth2 to his Windows Azure Subscription.

The purpose of this post is to show just how to communicate with the Windows Azure Management API without client certificates and I will go more in details about the application in another post later. To make it all work I am using two Nuget Packages from Microsoft.

Caption: The two nuget packages you need is Microsoft.IdentityModel.Clients.ActiveDirectory and Microsoft.WindowsAzure.Management.Libraries -Pre

At this point we need to add a little code our self to be able to use the Bearier Token to authenticate our requests as the management libraries only have CertificateCredentials at this point. I created a TokenCloudCredentials:

In the application the flow at this point is Select a Subscription, then A Cloud Service and then Deploy our webrole to the staging slot of the service if its empty. (Prototyping and dont want to deploy over a old deployment by accedent at this point).

The SignInToAzure looks like this where the SubscriptionClient is just a copy from the Azure Powershell Tools

So when the user is signed in I take out all the subscriptions and use them to populate the view for selecting later.

Caption: The Select Cloud Service View

Caption: The Select Subscription View

Last step, when the user have to select his cloud service its first ensured he have enfact choosen a subscription, then we use the subscription information to get a token for his WAAD tenant and create a view for him to select what service he want to use.

Now that the user have select both subscription and service, we can deploy a package on his behalf.

In the last code snippet we use the fact that we can deploy a package from any windows azure blob stoage as long it has a Signed Access Signature given such its public avalible. Our build server will then publish our prebuild packages and based on the settings picked by the user it will pick the correct package for his needs and he will not have to configure anything him self or deploy the package. More about this later, for now this post was only to illustrate how easy it have become to talk to Windows Azure without client certificates.

I only have one question at the end that I havent been able to answer my self. Notice the client id and uri used ? Where to I obtain those for my application. At this point I am using the once from the Powershell Tools. 

comments powered by Disqus