/// <summary>
/// Retrieves the token provider for the provided server URL if one has been created.
/// </summary>
/// <param name="serverUrl">The targeted server</param>
/// <param name="provider">Stores the active token provider, if one exists</param>
/// <returns>True if a token provider was found, false otherwise</returns>
public bool TryGetTokenProvider(
Uri serverUrl,
out IssuedTokenProvider provider)
{
ArgumentUtility.CheckForNull(serverUrl, "serverUrl");
lock (m_thisLock)
{
// Ensure that we attempt to use the most appropriate authentication mechanism by default.
if (m_currentProvider == null)
{
if (m_federatedCredential != null)
{
m_currentProvider = m_federatedCredential.CreateTokenProvider(serverUrl, null, null);
}
if (m_currentProvider != null)
{
VssHttpEventSource.Log.IssuedTokenProviderCreated(VssTraceActivity.Current, m_currentProvider);
}
}
provider = m_currentProvider;
}
return(provider != null);
}
public GetTokenOperation(
VssTraceActivity activity,
IssuedTokenProvider provider,
IssuedToken failedToken,
CancellationToken cancellationToken)
: this(activity, provider, failedToken, cancellationToken, new DisposableTaskCompletionSource <IssuedToken>(), true)
{
}
public GetTokenOperation(
VssTraceActivity activity,
IssuedTokenProvider provider,
IssuedToken failedToken,
CancellationToken cancellationToken,
DisposableTaskCompletionSource <IssuedToken> completionSource,
Boolean ownsCompletionSource = false)
{
this.Provider = provider;
this.ActivityId = activity?.Id ?? Guid.Empty;
this.FailedToken = failedToken;
this.CancellationToken = cancellationToken;
this.CompletionSource = completionSource;
this.OwnsCompletionSource = ownsCompletionSource;
}
/// <summary>
/// Creates a token provider for the configured issued token credentials.
/// </summary>
/// <param name="serverUrl">The targeted server</param>
/// <param name="webResponse">The failed web response</param>
/// <param name="failedToken">The failed token</param>
/// <returns>A provider for retrieving tokens for the configured credential</returns>
internal IssuedTokenProvider CreateTokenProvider(
Uri serverUrl,
IHttpResponse webResponse,
IssuedToken failedToken)
{
ArgumentUtility.CheckForNull(serverUrl, "serverUrl");
IssuedTokenProvider tokenProvider = null;
VssTraceActivity traceActivity = VssTraceActivity.Current;
lock (m_thisLock)
{
tokenProvider = m_currentProvider;
if (tokenProvider == null || !tokenProvider.IsAuthenticationChallenge(webResponse))
{
// Prefer federated authentication over Windows authentication.
if (m_federatedCredential != null && m_federatedCredential.IsAuthenticationChallenge(webResponse))
{
if (tokenProvider != null)
{
VssHttpEventSource.Log.IssuedTokenProviderRemoved(traceActivity, tokenProvider);
}
// TODO: This needs to be refactored or renamed to be more generic ...
this.TryGetValidAdalToken(m_federatedCredential.Prompt);
tokenProvider = m_federatedCredential.CreateTokenProvider(serverUrl, webResponse, failedToken);
if (tokenProvider != null)
{
VssHttpEventSource.Log.IssuedTokenProviderCreated(traceActivity, tokenProvider);
}
}
m_currentProvider = tokenProvider;
}
return(tokenProvider);
}
}
/// <summary>
/// Creates a token provider suitable for handling the challenge presented in the response.
/// </summary>
/// <param name="serverUrl">The targeted server</param>
/// <param name="response">The challenge response</param>
/// <param name="failedToken">The failed token</param>
/// <returns>An issued token provider instance</returns>
internal IssuedTokenProvider CreateTokenProvider(
Uri serverUrl,
IHttpResponse response,
IssuedToken failedToken)
{
if (response != null && !IsAuthenticationChallenge(response))
{
throw new InvalidOperationException();
}
if (InitialToken == null && Storage != null)
{
if (TokenStorageUrl == null)
{
throw new InvalidOperationException($"The {nameof(TokenStorageUrl)} property must have a value if the {nameof(Storage)} property is set on this instance of {GetType().Name}.");
}
InitialToken = Storage.RetrieveToken(TokenStorageUrl, CredentialType);
}
IssuedTokenProvider provider = OnCreateTokenProvider(serverUrl, response);
if (provider != null)
{
provider.TokenStorageUrl = TokenStorageUrl;
}
// If the initial token is the one which failed to authenticate, don't
// use it again and let the token provider get a new token.
if (provider != null)
{
if (InitialToken != null && !Object.ReferenceEquals(InitialToken, failedToken))
{
provider.CurrentToken = InitialToken;
}
}
return(provider);
}
