From 0e09887e30dfbe3dd28230e3f3028e0b3ee1e312 Mon Sep 17 00:00:00 2001
From: sruthikeerthi <73967733+sruke@users.noreply.github.com>
Date: Thu, 20 Jun 2024 16:43:55 -0700
Subject: [PATCH] Introduces IAuthorizationHeaderProviderExtension (#129)

* Introduce IAuthorizationHeaderProviderExtension

* Update IAuthorizationHeaderProvider

* Update changelog

* Update ClientSemVer to 6x

---------

Co-authored-by: Sruthi Keerthi Rangavajhula (from Dev Box) <srangavajhul@microsoft.com>
---
 Directory.Build.props                         |  2 +-
 changelog.md                                  |  5 +++++
 .../CompatibilitySuppressions.xml             | 22 ++++++++++++++++++-
 .../IAuthorizationHeaderProvider.cs           | 21 +++++++++++++++++-
 4 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/Directory.Build.props b/Directory.Build.props
index 3111e2e..cb71356 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -1,7 +1,7 @@
 <Project>
 	<PropertyGroup>
 		<!--This should be passed from the VSTS build-->
-		<ClientSemVer Condition="'$(ClientSemVer)' == ''">5.2.0-local</ClientSemVer>
+		<ClientSemVer Condition="'$(ClientSemVer)' == ''">6.0.0-local</ClientSemVer>
 		<!--This will generate AssemblyVersion, AssemblyFileVersion and AssemblyInformationVersion-->
 		<Version>$(ClientSemVer)</Version>
 
diff --git a/changelog.md b/changelog.md
index 7862608..fc0a6ef 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,3 +1,8 @@
+6.0.0
+========
+## Breaking changes:
+- Updates the 'IAuthorizationHeaderProvider' interface to include a new method 'GetAuthorizationHeaderAsync'. See issue [#130](https://github.com/AzureAD/microsoft-identity-abstractions-for-dotnet/issues/130) for details.
+
 5.3.0
 ========
 
diff --git a/src/Microsoft.Identity.Abstractions/CompatibilitySuppressions.xml b/src/Microsoft.Identity.Abstractions/CompatibilitySuppressions.xml
index 9cc9bb2..2fd629e 100644
--- a/src/Microsoft.Identity.Abstractions/CompatibilitySuppressions.xml
+++ b/src/Microsoft.Identity.Abstractions/CompatibilitySuppressions.xml
@@ -1,7 +1,20 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!-- https://learn.microsoft.com/en-us/dotnet/fundamentals/package-validation/diagnostic-ids -->
 <Suppressions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-
+  <Suppression>
+    <DiagnosticId>CP0006</DiagnosticId>
+    <Target>M:Microsoft.Identity.Abstractions.IAuthorizationHeaderProvider.CreateAuthorizationHeaderAsync(System.Collections.Generic.IEnumerable{System.String},Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions,System.Security.Claims.ClaimsPrincipal,System.Threading.CancellationToken)</Target>
+    <Left>lib/net462/Microsoft.Identity.Abstractions.dll</Left>
+    <Right>lib/net462/Microsoft.Identity.Abstractions.dll</Right>
+    <IsBaselineSuppression>true</IsBaselineSuppression>
+  </Suppression>
+  <Suppression>
+    <DiagnosticId>CP0006</DiagnosticId>
+    <Target>M:Microsoft.Identity.Abstractions.IAuthorizationHeaderProvider.CreateAuthorizationHeaderAsync(System.Collections.Generic.IEnumerable{System.String},Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions,System.Security.Claims.ClaimsPrincipal,System.Threading.CancellationToken)</Target>
+    <Left>lib/netstandard2.0/Microsoft.Identity.Abstractions.dll</Left>
+    <Right>lib/netstandard2.0/Microsoft.Identity.Abstractions.dll</Right>
+    <IsBaselineSuppression>true</IsBaselineSuppression>
+  </Suppression>
   <Suppression>
     <DiagnosticId>CP0006</DiagnosticId>
     <Target>M:Microsoft.Identity.Abstractions.IDownstreamApi.PatchForAppAsync``1(System.String,``0,System.Action{Microsoft.Identity.Abstractions.DownstreamApiOptionsReadOnlyHttpMethod},System.Threading.CancellationToken)</Target>
@@ -26,4 +39,11 @@
     <Left>lib/netstandard2.0/Microsoft.Identity.Abstractions.dll</Left>
     <Right>lib/netstandard2.1/Microsoft.Identity.Abstractions.dll</Right>
   </Suppression>
+  <Suppression>
+    <DiagnosticId>CP0006</DiagnosticId>
+    <Target>M:Microsoft.Identity.Abstractions.IAuthorizationHeaderProvider.CreateAuthorizationHeaderAsync(System.Collections.Generic.IEnumerable{System.String},Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions,System.Security.Claims.ClaimsPrincipal,System.Threading.CancellationToken)</Target>
+    <Left>lib/netstandard2.1/Microsoft.Identity.Abstractions.dll</Left>
+    <Right>lib/netstandard2.1/Microsoft.Identity.Abstractions.dll</Right>
+    <IsBaselineSuppression>true</IsBaselineSuppression>
+  </Suppression>
 </Suppressions>
\ No newline at end of file
diff --git a/src/Microsoft.Identity.Abstractions/DownstreamApi/IAuthorizationHeaderProvider.cs b/src/Microsoft.Identity.Abstractions/DownstreamApi/IAuthorizationHeaderProvider.cs
index 84bcb33..e42b040 100644
--- a/src/Microsoft.Identity.Abstractions/DownstreamApi/IAuthorizationHeaderProvider.cs
+++ b/src/Microsoft.Identity.Abstractions/DownstreamApi/IAuthorizationHeaderProvider.cs
@@ -21,7 +21,7 @@ public interface IAuthorizationHeaderProvider
         /// protocols like Pop), and token acquisition options.</param>
         /// <param name="claimsPrincipal">Inbound authentication elements. In a web API, this is usually the result of the
         /// validation of a token. In a web app, this would be information about the signed-in user. This is not useful in
-        /// daemon applications. In Microsoft.Identity.Web you rarely need to provide this parameter as it's infered from the
+        /// daemon applications. In Microsoft.Identity.Web you rarely need to provide this parameter as it's inferred from the
         /// context.</param>
         /// <param name="cancellationToken">Cancellation token.</param>
         /// <returns>A string containing the authorization header, that is protocol and tokens
@@ -49,5 +49,24 @@ Task<string> CreateAuthorizationHeaderForAppAsync(
             string scopes,
             AuthorizationHeaderProviderOptions? downstreamApiOptions = null,
             CancellationToken cancellationToken = default);
+
+        /// <summary>
+        /// Creates an authorization header for calling a protected web API on behalf of a user or the application.
+        /// </summary>
+        /// <param name="scopes">The scopes for which to request the authorization header. 
+        /// Provide a single scope if the header needs to be created on behalf of an application.</param>
+        /// <param name="options">The <see cref="AuthorizationHeaderProviderOptions"/> containing information about the API
+        /// to be called and token acquisition settings. If not provided, the header will be for a bearer token.</param>
+        /// <param name="claimsPrincipal">Inbound authentication elements. In a web API, this is usually the result of the
+        /// validation of a token. In a web app, this would be information about the signed-in user. This is not useful in
+        /// daemon applications. In Microsoft.Identity.Web you rarely need to provide this parameter as it's inferred from the
+        /// context.</param>
+        /// <param name="cancellationToken">A token to cancel the operation.</param>
+        /// <returns>A string containing the authorization header, such as "Bearer token" or "PoP token".</returns>
+        Task<string> CreateAuthorizationHeaderAsync(
+            IEnumerable<string> scopes,
+            AuthorizationHeaderProviderOptions? options = null,
+            ClaimsPrincipal? claimsPrincipal = null,
+            CancellationToken cancellationToken = default);
     }
 }