private async Task <TokenResponse> WindowsIntegratedAuthExchangeAsync(CancellationToken cancellationToken)
{
// todo: throw if not on a windows system
// todo: even better, implement capabilities check system...
string username = _systemUtils.GetCurrentUsername();
if (string.IsNullOrWhiteSpace(username))
{
throw new InvalidOperationException("failed to retrieve current user name");
}
_authParameters.UserName = username;
var userRealm = await _webRequestManager.GetUserRealmAsync(cancellationToken).ConfigureAwait(false);
if (!userRealm.IsFederated)
{
throw new InvalidOperationException("wia only supports federated users");
}
var mexDoc = await _webRequestManager.GetMexAsync(userRealm.FederationMetadataUrl, cancellationToken)
.ConfigureAwait(false);
var wsTrustResponse = await _webRequestManager.GetWsTrustResponseAsync(
userRealm.CloudAudienceUrn,
mexDoc.GetWsTrustWindowsTransportEndpoint(),
cancellationToken).ConfigureAwait(false);
var samlGrant = wsTrustResponse.GetSamlAssertion(mexDoc.GetWsTrustWindowsTransportEndpoint());
return(await _webRequestManager.GetAccessTokenFromSamlGrantAsync(samlGrant, cancellationToken)
.ConfigureAwait(false));
}