public static void ClearAccessTokens(this ITokenCacheAccessor accessor)
 {
     foreach (var item in accessor.GetAllAccessTokens())
     {
         accessor.DeleteAccessToken(item.GetKey());
     }
 }
 private void AssertAccessorsAreEqual(ITokenCacheAccessor expected, ITokenCacheAccessor actual)
 {
     Assert.AreEqual(expected.GetAllAccessTokens().Count(), actual.GetAllAccessTokens().Count());
     Assert.AreEqual(expected.GetAllRefreshTokens().Count(), actual.GetAllRefreshTokens().Count());
     Assert.AreEqual(expected.GetAllIdTokens().Count(), actual.GetAllIdTokens().Count());
     Assert.AreEqual(expected.GetAllAccounts().Count(), actual.GetAllAccounts().Count());
 }
Beispiel #3
0
        private void DeleteAccessTokensWithIntersectingScopes(
            AuthenticationRequestParameters requestParams,
            IEnumerable <string> environmentAliases,
            string tenantId,
            HashSet <string> scopeSet,
            string homeAccountId,
            string tokenType)
        {
            // delete all cache entries with intersecting scopes.
            // this should not happen but we have this as a safe guard
            // against multiple matches.
            requestParams.RequestContext.Logger.Info("Looking for scopes for the authority in the cache which intersect with " +
                                                     requestParams.Scope.AsSingleString());
            IList <MsalAccessTokenCacheItem> accessTokenItemList = new List <MsalAccessTokenCacheItem>();

            foreach (var accessToken in _accessor.GetAllAccessTokens())
            {
                if (accessToken.ClientId.Equals(ClientId, StringComparison.OrdinalIgnoreCase) &&
                    environmentAliases.Contains(accessToken.Environment) &&
                    string.Equals(accessToken.TokenType ?? "", tokenType ?? "", StringComparison.OrdinalIgnoreCase) &&
                    (accessToken.IsAdfs || accessToken.TenantId.Equals(tenantId, StringComparison.OrdinalIgnoreCase)) &&
                    accessToken.ScopeSet.Overlaps(scopeSet))
                {
                    requestParams.RequestContext.Logger.Verbose("Intersecting scopes found");
                    accessTokenItemList.Add(accessToken);
                }
            }

            requestParams.RequestContext.Logger.Info("Intersecting scope entries count - " + accessTokenItemList.Count);

            if (!requestParams.IsClientCredentialRequest)
            {
                // filter by identifier of the user instead
                accessTokenItemList =
                    accessTokenItemList.Where(
                        item => item.HomeAccountId.Equals(homeAccountId, StringComparison.OrdinalIgnoreCase))
                    .ToList();
                requestParams.RequestContext.Logger.Info("Matching entries after filtering by user - " + accessTokenItemList.Count);
            }

            foreach (var cacheItem in accessTokenItemList)
            {
                _accessor.DeleteAccessToken(cacheItem.GetKey());
            }
        }
Beispiel #4
0
        private static MsalAccessTokenCacheItem UpdateATWithRefreshOn(
            ITokenCacheAccessor accessor,
            DateTimeOffset refreshOn,
            bool expired = false)
        {
            MsalAccessTokenCacheItem atItem = accessor.GetAllAccessTokens().Single();

            UpdateATWithRefreshOn(atItem, refreshOn, expired);

            accessor.SaveAccessToken(atItem);

            return(atItem);
        }
 internal static void AssertItemCount(
     this ITokenCacheAccessor accessor,
     int expectedAtCount,
     int expectedRtCount,
     int expectedIdtCount,
     int expectedAccountCount,
     int expectedAppMetadataCount = 0)
 {
     Assert.AreEqual(expectedAtCount, accessor.GetAllAccessTokens().Count());
     Assert.AreEqual(expectedRtCount, accessor.GetAllRefreshTokens().Count());
     Assert.AreEqual(expectedIdtCount, accessor.GetAllIdTokens().Count());
     Assert.AreEqual(expectedAccountCount, accessor.GetAllAccounts().Count());
     Assert.AreEqual(expectedAppMetadataCount, accessor.GetAllAppMetadata().Count());
 }
        private static MsalAccessTokenCacheItem UpdateATWithRefreshOn(
            ITokenCacheAccessor accessor,
            DateTimeOffset refreshOn,
            bool expired = false)
        {
            MsalAccessTokenCacheItem atItem = accessor.GetAllAccessTokens().Single();

            // past date on refresh on
            atItem.RefreshOnUnixTimestamp = CoreHelpers.DateTimeToUnixTimestamp(refreshOn);

            Assert.IsTrue(atItem.ExpiresOn > DateTime.UtcNow + TimeSpan.FromMinutes(10));

            if (expired)
            {
                atItem.ExpiresOnUnixTimestamp = CoreHelpers.DateTimeToUnixTimestamp(DateTime.UtcNow - TimeSpan.FromMinutes(1));
            }

            accessor.SaveAccessToken(atItem);

            return(atItem);
        }
Beispiel #7
0
        private static MsalAccessTokenCacheItem UpdateATWithRefreshOn(
            ITokenCacheAccessor accessor,
            DateTimeOffset?refreshOn = null,
            bool expired             = false)
        {
            MsalAccessTokenCacheItem atItem = accessor.GetAllAccessTokens().Single();

            refreshOn = refreshOn ?? DateTimeOffset.UtcNow - TimeSpan.FromMinutes(30);
            atItem    = atItem.WithRefreshOn(refreshOn);

            Assert.IsTrue(atItem.ExpiresOn > DateTime.UtcNow + TimeSpan.FromMinutes(10));

            if (expired)
            {
                atItem = atItem.WithExpiresOn(DateTime.UtcNow - TimeSpan.FromMinutes(1));
            }

            accessor.SaveAccessToken(atItem);

            return(atItem);
        }
        public byte[] Serialize(IDictionary <string, JToken> unkownNodes)
        {
            var accessTokensAsString  = new List <string>();
            var refreshTokensAsString = new List <string>();
            var idTokensAsString      = new List <string>();
            var accountsAsString      = new List <string>();

            foreach (var accessToken in _accessor.GetAllAccessTokens())
            {
                accessTokensAsString.Add(accessToken.ToJsonString());
            }

            foreach (var refreshToken in _accessor.GetAllRefreshTokens())
            {
                refreshTokensAsString.Add(refreshToken.ToJsonString());
            }

            foreach (var idToken in _accessor.GetAllIdTokens())
            {
                idTokensAsString.Add(idToken.ToJsonString());
            }

            foreach (var account in _accessor.GetAllAccounts())
            {
                accountsAsString.Add(account.ToJsonString());
            }

            // reads the underlying in-memory dictionary and dumps out the content as a JSON
            var cacheDict = new Dictionary <string, IEnumerable <string> >
            {
                [AccessTokenKey]  = accessTokensAsString,
                [RefreshTokenKey] = refreshTokensAsString,
                [IdTokenKey]      = idTokensAsString,
                [AccountKey]      = accountsAsString
            };

            // Serializes as an array of Key Value pairs
            return(JsonHelper.SerializeToJson(cacheDict.ToList())
                   .ToByteArray());
        }
        public byte[] Serialize(IDictionary <string, JToken> unkownNodes)
        {
            var cache = new CacheSerializationContract(unkownNodes);

            foreach (var token in _accessor.GetAllAccessTokens())
            {
                cache.AccessTokens[token.GetKey()
                                   .ToString()] = token;
            }

            foreach (var token in _accessor.GetAllRefreshTokens())
            {
                cache.RefreshTokens[token.GetKey()
                                    .ToString()] = token;
            }

            foreach (var token in _accessor.GetAllIdTokens())
            {
                cache.IdTokens[token.GetKey()
                               .ToString()] = token;
            }

            foreach (var accountItem in _accessor.GetAllAccounts())
            {
                cache.Accounts[accountItem.GetKey()
                               .ToString()] = accountItem;
            }

            foreach (var appMetadata in _accessor.GetAllAppMetadata())
            {
                cache.AppMetadata[appMetadata.GetKey()
                                  .ToString()] = appMetadata;
            }

            return(cache.ToJsonString()
                   .ToByteArray());
        }