private AuthenticationResultEx GetResultFromBrokerResponse(Bundle bundleResult)
        {
            if (bundleResult == null)
            {
                throw new AdalException("bundleResult in broker response is null");
            }

            int    errCode = bundleResult.GetInt(AccountManager.KeyErrorCode);
            string msg     = bundleResult.GetString(AccountManager.KeyErrorMessage);

            if (!string.IsNullOrEmpty(msg))
            {
                throw new AdalException(errCode.ToString(CultureInfo.InvariantCulture), msg);
            }
            else
            {
                bool initialRequest = bundleResult.ContainsKey(BrokerConstants.AccountInitialRequest);
                if (initialRequest)
                {
                    // Initial request from app to Authenticator needs to launch
                    // prompt. null resultEx means initial request
                    return(null);
                }

                // IDtoken is not present in the current broker user model
                UserInfo             userinfo = GetUserInfoFromBrokerResult(bundleResult);
                AuthenticationResult result   =
                    new AuthenticationResult("Bearer", bundleResult.GetString(AccountManager.KeyAuthtoken),
                                             ConvertFromTimeT(bundleResult.GetLong("account.expiredate", 0)))
                {
                    UserInfo = userinfo
                };

                result.UpdateTenantAndUserInfo(bundleResult.GetString(BrokerConstants.AccountUserInfoTenantId), null,
                                               userinfo);

                return(new AuthenticationResultEx
                {
                    Result = result,
                    RefreshToken = null,
                    ResourceInResponse = null,
                });
            }
        }
Beispiel #2
0
        public AuthenticationResultEx GetResult(DateTimeOffset expiresOn, DateTimeOffset extendedExpiresOn)
        {
            AuthenticationResultEx resultEx;

            if (this.AccessToken != null)
            {
                var result = new AuthenticationResult(this.TokenType, this.AccessToken, expiresOn, extendedExpiresOn);

                IdToken idToken = IdToken.Parse(this.IdTokenString);
                if (idToken != null)
                {
                    string tenantId      = idToken.TenantId;
                    string uniqueId      = null;
                    string displayableId = null;

                    if (!string.IsNullOrWhiteSpace(idToken.ObjectId))
                    {
                        uniqueId = idToken.ObjectId;
                    }
                    else if (!string.IsNullOrWhiteSpace(idToken.Subject))
                    {
                        uniqueId = idToken.Subject;
                    }

                    if (!string.IsNullOrWhiteSpace(idToken.UPN))
                    {
                        displayableId = idToken.UPN;
                    }
                    else if (!string.IsNullOrWhiteSpace(idToken.Email))
                    {
                        displayableId = idToken.Email;
                    }

                    string         givenName             = idToken.GivenName;
                    string         familyName            = idToken.FamilyName;
                    string         identityProvider      = idToken.IdentityProvider ?? idToken.Issuer;
                    DateTimeOffset?passwordExpiresOffest = null;
                    if (idToken.PasswordExpiration > 0)
                    {
                        passwordExpiresOffest = DateTime.UtcNow + TimeSpan.FromSeconds(idToken.PasswordExpiration);
                    }

                    Uri changePasswordUri = null;
                    if (!string.IsNullOrEmpty(idToken.PasswordChangeUrl))
                    {
                        changePasswordUri = new Uri(idToken.PasswordChangeUrl);
                    }

                    result.UpdateTenantAndUserInfo(tenantId, this.IdTokenString,
                                                   new UserInfo
                    {
                        UniqueId          = uniqueId,
                        DisplayableId     = displayableId,
                        GivenName         = givenName,
                        FamilyName        = familyName,
                        IdentityProvider  = identityProvider,
                        PasswordExpiresOn = passwordExpiresOffest,
                        PasswordChangeUrl = changePasswordUri
                    });

                    result.Authority = Authority;
                }

                resultEx = new AuthenticationResultEx
                {
                    Result       = result,
                    RefreshToken = this.RefreshToken,
                    // This is only needed for AcquireTokenByAuthorizationCode in which parameter resource is optional and we need
                    // to get it from the STS response.
                    ResourceInResponse = this.Resource
                };
            }
            else if (this.Error != null)
            {
                throw new AdalServiceException(this.Error, this.ErrorDescription);
            }
            else
            {
                throw new AdalServiceException(AdalError.Unknown, AdalErrorMessage.Unknown);
            }

            return(resultEx);
        }