rithala/ConfidentialClientApplicationProvider.cs

## ConfidentialClientApplicationProvider.cs
using Azure.Security.KeyVault.Certificates;
using Azure.Security.KeyVault.Secrets;
using Microsoft.Identity.Client;
using System;
using System.Linq;
using System.Security.Cryptography.X509Certificates;

namespace Sii.CloudSync.Core.Infrastructure.Configuration.AzureAD
{
    internal class ConfidentialClientApplicationProvider : IDisposable
    {
        private X509Certificate2 _certificate;
        private readonly AzureADOptions _options;
        private readonly CertificateClient _certificateClient;
        private readonly SecretClient _secretClient;

        public ConfidentialClientApplicationProvider(
            AzureADOptions options,
            CertificateClient certificateClient,
            SecretClient secretClient)
        {
            _options = options;
            _certificateClient = certificateClient;
            _secretClient = secretClient;
        }

        public IConfidentialClientApplication Get()
        {
            _certificate = GetCertificate();

            return ConfidentialClientApplicationBuilder
                           .Create(_options.AZURE_CLIENT_ID)
                           .WithTenantId(_options.AZURE_TENANT_ID)
                           .WithCertificate(_certificate)
                           .Build();
        }

        private X509Certificate2 GetCertificate()
        {
            var certificate = _certificateClient.GetCertificate(_options.AZURE_CERT_NAME);
            var secretKey = certificate.Value.SecretId.Segments.Reverse().ToArray();
            var privateKey = _secretClient.GetSecret(secretKey[1], secretKey[0]);

            var certBytes = Convert.FromBase64String(privateKey.Value.Value);
            return new X509Certificate2(certBytes);
        }

        public void Dispose()
        {
            if (_certificate != null)
            {
                _certificate.Dispose();
            }
        }
    }
}
	using Azure.Security.KeyVault.Certificates;
	using Azure.Security.KeyVault.Secrets;
	using Microsoft.Identity.Client;
	using System;
	using System.Linq;
	using System.Security.Cryptography.X509Certificates;

	namespace Sii.CloudSync.Core.Infrastructure.Configuration.AzureAD
	{
	internal class ConfidentialClientApplicationProvider : IDisposable
	{
	private X509Certificate2 _certificate;
	private readonly AzureADOptions _options;
	private readonly CertificateClient _certificateClient;
	private readonly SecretClient _secretClient;

	public ConfidentialClientApplicationProvider(
	AzureADOptions options,
	CertificateClient certificateClient,
	SecretClient secretClient)
	{
	_options = options;
	_certificateClient = certificateClient;
	_secretClient = secretClient;
	}

	public IConfidentialClientApplication Get()
	{
	_certificate = GetCertificate();

	return ConfidentialClientApplicationBuilder
	.Create(_options.AZURE_CLIENT_ID)
	.WithTenantId(_options.AZURE_TENANT_ID)
	.WithCertificate(_certificate)
	.Build();
	}

	private X509Certificate2 GetCertificate()
	{
	var certificate = _certificateClient.GetCertificate(_options.AZURE_CERT_NAME);
	var secretKey = certificate.Value.SecretId.Segments.Reverse().ToArray();
	var privateKey = _secretClient.GetSecret(secretKey[1], secretKey[0]);

	var certBytes = Convert.FromBase64String(privateKey.Value.Value);
	return new X509Certificate2(certBytes);
	}

	public void Dispose()
	{
	if (_certificate != null)
	{
	_certificate.Dispose();
	}
	}
	}
	}