Add instance parameter to Release/7.0 branch (#2410)

* Fix string for default Project Description (#2373)

* Fix string for default Project Description

* Add back check for Startup.cs, for .NET Framework projects

* Add instance parameter

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/DeveloperCredentials/DeveloperCredentialsReader.cs

@@ -8,7 +8,7 @@ namespace Microsoft.DotNet.MSIdentity.DeveloperCredentials
 {
     public class DeveloperCredentialsReader
     {
-        public TokenCredential GetDeveloperCredentials(string? username, string? currentApplicationTenantId, IConsoleLogger consoleLogger)
+        public TokenCredential GetDeveloperCredentials(string? username, string? currentApplicationTenantId, string? instance, IConsoleLogger consoleLogger)
         {
 #if AzureSDK
             * Tried but does not work if another tenant than the home tenant id is specified
@@ -30,6 +30,7 @@ public TokenCredential GetDeveloperCredentials(string? username, string? current
             TokenCredential tokenCredential = new MsalTokenCredential(
                 currentApplicationTenantId,
                 username,
+                instance,
                 consoleLogger);
             return tokenCredential;
         }

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/DeveloperCredentials/MsalTokenCredential.cs

@@ -25,12 +25,13 @@ public class MsalTokenCredential : TokenCredential
         public MsalTokenCredential(
             string? tenantId,
             string? username,
+            string? instance,
             IConsoleLogger consoleLogger)
         {
             _consoleLogger = consoleLogger;
             TenantId = tenantId ?? "organizations"; // MSA-passthrough
             Username = username;
-            Instance = "https://login.microsoftonline.com";
+            Instance = instance ?? "https://login.microsoftonline.com"; // default instance
         }
 
         private IPublicClientApplication? App { get; set; }
@@ -71,6 +72,7 @@ private async Task<IPublicClientApplication> GetOrCreateApp()
                      .Build();
 
                 App = PublicClientApplicationBuilder.Create(clientId)
+                  .WithAuthority(Instance, TenantId)
                   .WithRedirectUri(RedirectUri)
                   .Build();
 

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/MicrosoftIdentityPlatform/MicrosoftIdentityPlatformApplicationManager.cs

@@ -12,7 +12,6 @@
 using Microsoft.DotNet.MSIdentity.Properties;
 using Microsoft.DotNet.MSIdentity.Shared;
 using Microsoft.DotNet.MSIdentity.Tool;
-using Microsoft.DotNet.Scaffolding.Shared;
 using Microsoft.Graph;
 
 namespace Microsoft.DotNet.MSIdentity.MicrosoftIdentityPlatformApplication

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/Properties/Resources.resx

@@ -269,7 +269,8 @@
     <value>Failed to provision Client Application for Blazor WASM hosted project</value>
   </data>
   <data name="FailedToRetrieveADObjectsError" xml:space="preserve">
-    <value>Failed to retrieve all Azure AD/AD B2C objects(apps/service principals</value>
+    <value>Failed to retrieve all Azure AD/AD B2C objects (apps/service principals), exception: {0}</value>
+    <comment>0 = error message</comment>
   </data>
   <data name="FailedToRetrieveApplicationParameters" xml:space="preserve">
     <value>Failed to retrieve application parameters.</value>
@@ -347,4 +348,4 @@
   <data name="UpdatingProjectPackages" xml:space="preserve">
     <value>Updating project packages ...</value>
   </data>
-</root>
+</root>

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/Tool/AppProvisioningTool.cs

@@ -235,6 +235,7 @@ internal static TokenCredential GetTokenCredential(ProvisioningToolOptions provi
             return developerCredentialsReader.GetDeveloperCredentials(
                 provisioningToolOptions.Username,
                 currentApplicationTenantId ?? provisioningToolOptions.TenantId,
+                provisioningToolOptions.Instance,
                 consoleLogger);
         }
 

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/Tool/GraphObjectRetriever.cs

@@ -1,7 +1,6 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
@@ -66,17 +65,17 @@ public GraphObjectRetriever(GraphServiceClient graphServiceClient, IConsoleLogge
                                 nextPage = null;
                             }
                         }
-                        catch (ServiceException)
+                        catch (ServiceException se)
                         {
                             nextPage = null;
-                            _consoleLogger.LogFailureAndExit(Resources.FailedToRetrieveADObjectsError);
+                            _consoleLogger.LogFailureAndExit(string.Format(Resources.FailedToRetrieveADObjectsError, se.Message));
                         }
                     }
                 }
             }
-            catch (ServiceException)
+            catch (ServiceException se)
             {
-                _consoleLogger.LogFailureAndExit(Resources.FailedToRetrieveADObjectsError);
+                _consoleLogger.LogFailureAndExit(string.Format(Resources.FailedToRetrieveADObjectsError, se.Message));
             }
 
             return graphObjectsList;

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/Tool/MsAADTool.cs

@@ -30,7 +30,7 @@ public MsAADTool(string commandName, ProvisioningToolOptions provisioningToolOpt
             ProvisioningToolOptions = provisioningToolOptions;
             CommandName = commandName;
             ConsoleLogger = new ConsoleLogger(CommandName, ProvisioningToolOptions.Json);
-            TokenCredential = new MsalTokenCredential(ProvisioningToolOptions.TenantId, ProvisioningToolOptions.Username, ConsoleLogger);
+            TokenCredential = new MsalTokenCredential(ProvisioningToolOptions.TenantId, ProvisioningToolOptions.Username, ProvisioningToolOptions.Instance, ConsoleLogger);
             GraphServiceClient = new GraphServiceClient(new TokenCredentialAuthenticationProvider(TokenCredential));
             AzureManagementAPI = new AzureManagementAuthenticationProvider(TokenCredential);
             GraphObjectRetriever = new GraphObjectRetriever(GraphServiceClient, ConsoleLogger);
@@ -91,13 +91,9 @@ internal async Task<string> PrintApplicationsList()
 
         internal async Task<IList<Application>> GetApplicationsAsync()
         {
-            var graphObjectsList = await GraphObjectRetriever.GetGraphObjects();
-            if (graphObjectsList is null)
-            {
-                ConsoleLogger.LogFailureAndExit(Resources.FailedToRetrieveADObjectsError);
-            }
-
             IList<Application> applicationList = new List<Application>();
+
+            var graphObjectsList = await GraphObjectRetriever.GetGraphObjects(); // Will exit early if call fails
             foreach (var graphObj in graphObjectsList!)
             {
                 if (graphObj is Application app)

src/MSIdentityScaffolding/Microsoft.DotNet.MSIdentity/Tool/ProvisioningToolOptions.cs

@@ -101,6 +101,12 @@ public string ProjectTypeIdentifier
         /// </summary>
         public string? TenantId { get; set; }
 
+        /// <summary>
+        /// URL that indicates a directory that MSAL can request tokens from.
+        /// e.g. https://login.microsoftonline.com/, https://login.microsoftonline.us/
+        /// </summary>
+        public string? Instance { get; set; }
+
         /// <summary>
         /// Required for the creation of a B2C application.
         /// Represents the sign-up/sign-in user flow.

tools/dotnet-msidentity/Program.cs

@@ -180,15 +180,15 @@ internal static Command ListAADAppsCommand() =>
                 name: Commands.LIST_AAD_APPS_COMMAND,
                 description: "Lists AAD Applications for a given tenant/username.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption()
             };
 
         internal static Command ListServicePrincipalsCommand() =>
             new Command(
                 name: Commands.LIST_SERVICE_PRINCIPALS_COMMAND,
                 description: "Lists AAD Service Principals.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption()
             };
 
         internal static Command ListTenantsCommand() =>
@@ -204,7 +204,7 @@ internal static Command CreateClientSecretCommand() =>
                 name: Commands.ADD_CLIENT_SECRET,
                 description: "Create client secret for an Azure AD or AD B2C app registration.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption(), ClientIdOption(), ProjectFilePathOption(), UpdateUserSecretsOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption(), ClientIdOption(), ProjectFilePathOption(), UpdateUserSecretsOption()
             };
 
         internal static Command RegisterApplicationCommand() =>
@@ -213,7 +213,7 @@ internal static Command RegisterApplicationCommand() =>
                 description: "Register an Azure AD or Azure AD B2C app registration in Azure and update the project." +
                              "\n\t- Updates the appsettings.json file.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption(), ClientIdOption(), ClientSecretOption(), HostedAppIdUriOption(), ApiClientIdOption(), SusiPolicyIdOption(), ProjectFilePathOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption(), ClientIdOption(), ClientSecretOption(), HostedAppIdUriOption(), ApiClientIdOption(), SusiPolicyIdOption(), ProjectFilePathOption()
             };
 
         internal static Command UpdateProjectCommand() =>
@@ -224,23 +224,23 @@ internal static Command UpdateProjectCommand() =>
                              "\n\t- Updates the Startup.cs file." +
                              "\n\t- Updates the user secrets.\n")
             {
-                TenantOption(), UsernameOption(), ClientIdOption(), JsonOption(), ProjectFilePathOption(), ConfigUpdateOption(), CodeUpdateOption(), PackagesUpdateOption(), CallsGraphOption(), CallsDownstreamApiOption(), UpdateUserSecretsOption(), RedirectUriOption(), SusiPolicyIdOption()
+                TenantOption(), UsernameOption(), InstanceOption(), ClientIdOption(), JsonOption(), ProjectFilePathOption(), ConfigUpdateOption(), CodeUpdateOption(), PackagesUpdateOption(), CallsGraphOption(), CallsDownstreamApiOption(), UpdateUserSecretsOption(), RedirectUriOption(), SusiPolicyIdOption()
             };
 
         internal static Command UpdateAppRegistrationCommand() =>
             new Command(
                 name: Commands.UPDATE_APP_REGISTRATION_COMMAND,
                 description: "Update an Azure AD/AD B2C app registration in Azure.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption(), HostedAppIdUriOption(), ClientIdOption(), RedirectUriOption(), EnableIdTokenOption(), EnableAccessToken(), ClientProjectOption(), ApiScopesOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption(), HostedAppIdUriOption(), ClientIdOption(), RedirectUriOption(), EnableIdTokenOption(), EnableAccessToken(), ClientProjectOption(), ApiScopesOption()
             };
 
         internal static Command CreateAppRegistrationCommand() =>
             new Command(
                 name: Commands.CREATE_APP_REGISTRATION_COMMAND,
                 description: "Create an Azure AD/AD B2C app registration in Azure.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption(), AppDisplayName(), ProjectFilePathOption(), ProjectType(), ClientProjectOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption(), AppDisplayName(), ProjectFilePathOption(), ProjectType(), ClientProjectOption()
             };
 
         internal static Command UnregisterApplicationCommand() =>
@@ -250,7 +250,7 @@ internal static Command UnregisterApplicationCommand() =>
                 description: "Unregister an Azure AD or Azure AD B2C app registration in Azure." +
                              "\n\t- Updates the appsettings.json file.\n")
             {
-                TenantOption(), UsernameOption(), JsonOption(), HostedAppIdUriOption(), ProjectFilePathOption(), ClientIdOption()
+                TenantOption(), UsernameOption(), InstanceOption(), JsonOption(), HostedAppIdUriOption(), ProjectFilePathOption(), ClientIdOption()
             };
 
         private static Option JsonOption() =>
@@ -435,5 +435,15 @@ private static Option UsernameOption() =>
             {
                 IsRequired = false
             };
+
+
+        private static Option InstanceOption() =>
+            new Option<string>(
+                aliases: new[] { "-i", "--instance" },
+                description: "Instance where the Azure AD or Azure AD B2C tenant is located.\n" +
+                "If not specified, will default to https://login.microsoftonline.com/")
+            {
+                IsRequired = false
+            };
     }
 }