Added samples for AAD authentication for identity client (Azure#15972)

Author: jbeauregardb

sdk/communication/azure-communication-administration/CHANGELOG.md

@@ -2,6 +2,8 @@
 
 ## 1.0.0b4 (Unreleased)
 
+### Breaking Changes
+
 ##### `PhoneNumberAdministrationClient`
 -  `begin_reserve_phone_numbers` now takes `display_name`, `description`, `phone_plan_ids`, 
 `area_code`, `quantity`, `location_options`, or `continuation_token` keywords as input. 
@@ -13,9 +15,14 @@ Caller must provide one of the following:
  (3) only keyword `continuation_token` to restart a poller from a saved state.
 -  `list_all_orders` renamed to `list_all_reservations`.
 
+### Added
+
+##### `IdentityClient`
+- Added support for Azure Active Directory authentication for the Identity client
+
 ## 1.0.0b3 (2020-11-16)
 
-**Breaking Changes**
+### Breaking Changes
 
 ##### `PhoneNumberSearch` renamed to `PhoneNumberReservation`.
 
@@ -35,7 +42,7 @@ Caller must provide one of the following:
 -  `begin_purchase_reservation` now returns `LROPoller[PurchaseReservationPolling]`.
 - `cancel_search` has been renamed to `cancel_reservation`.
 
-**New Features**
+### Added
 
 ##### `PhoneNumberAdministrationClient`
 - Add long run operation polling method `ReservePhoneNumberPolling`,`PurchaseReservationPolling`,

sdk/communication/azure-communication-administration/README.md

@@ -24,6 +24,25 @@ pip install azure-communication-administration
 
 - Create/revoke scoped user access tokens to access services such as chat, calling, sms. Tokens are issued for a valid Azure Communication identity and can be revoked at any time.
 
+### Initializing Identity Client
+```python
+# You can find your endpoint and access token from your resource in the Azure Portal
+import os
+from azure.communication.administration import CommunicationIdentityClient
+from azure.identity import DefaultAzureCredential
+
+connection_str = os.getenv('AZURE_COMMUNICATION_SERVICE_CONNECTION_STRING')
+endpoint = os.getenv('AZURE_COMMUNICATION_SERVICE_ENDPOINT')
+
+# To use Azure Active Directory Authentication (DefaultAzureCredential) make sure to have
+# AZURE_TENANT_ID, AZURE_CLIENT_ID and AZURE_CLIENT_SECRET as env variables.
+identity_client_managed_identity = CommunicationIdentityClient.(endpoint, DefaultAzureCredential())
+
+#You can also authenticate using your connection string
+identity_client = CommunicationIdentityClient.from_connection_string(connection_str)
+
+```
+
 ## CommunicationPhoneNumberClient
 ### Initializing Phone Number Client
 ```python

sdk/communication/azure-communication-administration/samples/identity_samples.py

@@ -21,34 +21,55 @@ class CommunicationIdentityClientSamples(object):
 
     def __init__(self):
         self.connection_string = os.getenv('AZURE_COMMUNICATION_SERVICE_CONNECTION_STRING')
+        self.endpoint = os.getenv('AZURE_COMMUNICATION_SERVICE_ENDPOINT')
+        self.client_id = os.getenv('AZURE_CLIENT_ID')
+        self.client_secret = os.getenv('AZURE_CLIENT_SECRET')
+        self.tenant_id = os.getnenv('AZURE_TENANT_ID')
 
     def issue_token(self):
         from azure.communication.administration import CommunicationIdentityClient
 
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
         user = identity_client.create_user()
         tokenresponse = identity_client.issue_token(user, scopes=["chat"])
         print(tokenresponse)
 
     def revoke_tokens(self):
         from azure.communication.administration import CommunicationIdentityClient
 
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
         user = identity_client.create_user()
         tokenresponse = identity_client.issue_token(user, scopes=["chat"])
         identity_client.revoke_tokens(user)
         print(tokenresponse)
 
     def create_user(self):
         from azure.communication.administration import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
-        user = identity_client.create_user()
 
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        user = identity_client.create_user()
         print(user.identifier)
 
     def delete_user(self):
         from azure.communication.administration import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
         user = identity_client.create_user()
         identity_client.delete_user(user)
 

sdk/communication/azure-communication-administration/samples/identity_samples_async.py

@@ -24,10 +24,18 @@ class CommunicationIdentityClientSamples(object):
 
     def __init__(self):
         self.connection_string = os.getenv('AZURE_COMMUNICATION_SERVICE_CONNECTION_STRING')
+        self.endpoint = os.getenv('AZURE_COMMUNICATION_SERVICE_ENDPOINT')
+        self.client_id = os.getenv('AZURE_CLIENT_ID')
+        self.client_secret = os.getenv('AZURE_CLIENT_SECRET')
+        self.tenant_id = os.getnenv('AZURE_TENANT_ID')
 
     async def issue_token(self):
         from azure.communication.administration.aio import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
 
         async with identity_client:
             user = await identity_client.create_user()
@@ -37,7 +45,11 @@ async def issue_token(self):
 
     async def revoke_tokens(self):
         from azure.communication.administration.aio import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
 
         async with identity_client:
             user = await identity_client.create_user()
@@ -47,19 +59,26 @@ async def revoke_tokens(self):
 
     async def create_user(self):
         from azure.communication.administration.aio import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
 
         async with identity_client:
             user = await identity_client.create_user()
             print(user.identifier)
 
     async def delete_user(self):
         from azure.communication.administration.aio import CommunicationIdentityClient
-        identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
+        if self.client_id is not None and self.client_secret is not None and self.tenant_id is not None:
+            from azure.identity import DefaultAzureCredential
+            identity_client = CommunicationIdentityClient(self.endpoint, DefaultAzureCredential())
+        else:
+            identity_client = CommunicationIdentityClient.from_connection_string(self.connection_string)
 
         async with identity_client:
             user = await identity_client.create_user()
-
             await identity_client.delete_user(user)
 
 async def main():