private static WebAccount MatchWamAccountToMsalAccount( IWamPlugin wamPlugin, IAccount account, string loginHint, IEnumerable <WebAccount> wamAccounts) { WebAccount matchedAccountByLoginHint = null; foreach (var wamAccount in wamAccounts) { string homeAccountId = wamPlugin.GetHomeAccountIdOrNull(wamAccount); if (!string.IsNullOrEmpty(homeAccountId) && string.Equals(homeAccountId, account?.HomeAccountId?.Identifier, StringComparison.OrdinalIgnoreCase)) { return(wamAccount); } if (!string.IsNullOrEmpty(loginHint) && string.Equals(loginHint, wamAccount.UserName, StringComparison.OrdinalIgnoreCase)) { matchedAccountByLoginHint = wamAccount; } } return(matchedAccountByLoginHint); }
public async Task ATS_AccountMatchingInWAM_MatchingHomeAccId_Async() { string homeAccId = $"{TestConstants.Uid}.{TestConstants.Utid}"; // Arrange using (var harness = CreateTestHarness()) { var wamAccountProvider = new WebAccountProvider("id", "*****@*****.**", null); var requestParams = harness.CreateAuthenticationRequestParameters(TestConstants.AuthorityConsumerTidTenant); // MSA var webAccount = new WebAccount(wamAccountProvider, "*****@*****.**", WebAccountState.Connected); IReadOnlyList <WebAccount> webAccounts = new List <WebAccount>() { webAccount }; var webTokenRequest = new WebTokenRequest(wamAccountProvider); var webTokenResponseWrapper = Substitute.For <IWebTokenRequestResultWrapper>(); webTokenResponseWrapper.ResponseStatus.Returns(WebTokenRequestStatus.Success); var webTokenResponse = new WebTokenResponse(); webTokenResponseWrapper.ResponseData.Returns(new List <WebTokenResponse>() { webTokenResponse }); _wamProxy.FindAllWebAccountsAsync(wamAccountProvider, TestConstants.ClientId).Returns(Task.FromResult(webAccounts)); // WAM can give MSAL the home account ID of a Wam account, which MSAL matches to a WAM account _msaPlugin.GetHomeAccountIdOrNull(webAccount).Returns(homeAccId); _msaPlugin.CreateWebTokenRequestAsync( wamAccountProvider, requestParams, isForceLoginPrompt: false, isAccountInWam: true, isInteractive: false) .Returns(Task.FromResult(webTokenRequest)); requestParams.Account = new Account( homeAccId, // matching in on home acc id "*****@*****.**", // matching is not on UPN null); // account does not have wam_id, might be coming directly from WAM var atsParams = new AcquireTokenSilentParameters(); _webAccountProviderFactory.GetAccountProviderAsync(null).ReturnsForAnyArgs(Task.FromResult(wamAccountProvider)); _wamProxy.GetTokenSilentlyAsync(webAccount, webTokenRequest). Returns(Task.FromResult(webTokenResponseWrapper)); _msaPlugin.ParseSuccesfullWamResponse(webTokenResponse).Returns(_msalTokenResponse); // Act var result = await _wamBroker.AcquireTokenSilentAsync(requestParams, atsParams).ConfigureAwait(false); // Assert Assert.AreSame(_msalTokenResponse, result); } }
public async Task ATS_NoAccountMatching_ThrowsUiRequiredException_Async() { string homeAccId = $"{TestConstants.Uid}.{TestConstants.Utid}"; // Arrange using (var harness = CreateTestHarness()) { _webAccountProviderFactory.ClearReceivedCalls(); var wamAccountProvider = new WebAccountProvider("id", "*****@*****.**", null); var requestParams = harness.CreateAuthenticationRequestParameters(TestConstants.AuthorityHomeTenant); // AAD var webAccount = new WebAccount(wamAccountProvider, "*****@*****.**", WebAccountState.Connected); IReadOnlyList <WebAccount> webAccounts = new List <WebAccount>() { webAccount }; var webTokenRequest = new WebTokenRequest(wamAccountProvider); _wamProxy.FindAllWebAccountsAsync(wamAccountProvider, TestConstants.ClientId).Returns(Task.FromResult(webAccounts)); _aadPlugin.GetHomeAccountIdOrNull(webAccount).Returns("other_home_acc_id"); requestParams.Account = new Account( homeAccId, // matching in on home acc id "*****@*****.**", // matching is not on UPN null); // account does not have wam_id, might be coming directly from WAM var atsParams = new AcquireTokenSilentParameters(); _webAccountProviderFactory.GetAccountProviderAsync(null).ReturnsForAnyArgs(Task.FromResult(wamAccountProvider)); // Act / Assert var ex = await AssertException.TaskThrowsAsync <MsalUiRequiredException>( () => _wamBroker.AcquireTokenSilentAsync(requestParams, atsParams)).ConfigureAwait(false); } }