Beispiel #1
0
        private static AadAuthParams ExtractAuthParamsFromIdentityProvider(string identityProvider)
        {
            if (string.IsNullOrEmpty(identityProvider))
            {
                return(null);
            }
            AadAuthParams aadAuthParams = new AadAuthParams();

            if (identityProvider.Contains(","))
            {
                string[] array = identityProvider.Split(new char[]
                {
                    ','
                });
                aadAuthParams.Authority     = array[0];
                aadAuthParams.ApplicationId = array[1];
                if (string.IsNullOrEmpty(aadAuthParams.ApplicationId))
                {
                    aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66";
                }
            }
            else
            {
                aadAuthParams.Authority     = identityProvider;
                aadAuthParams.ApplicationId = "cf710c6e-dfcc-4fa8-a093-d47294e44c66";
            }
            return(aadAuthParams);
        }
Beispiel #2
0
        private static void ValidateAuthority(string authority)
        {
            Uri uri;

            if (!AadAuthParams.IsValidUrl(authority, out uri) || string.IsNullOrEmpty(uri.AbsolutePath) || !uri.AbsolutePath.StartsWith("/") || uri.AbsolutePath.Length == 1)
            {
                throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_IdentityProviderFormatInvalid);
            }
        }
Beispiel #3
0
 private static AadAuthParams[] ReadLocalSecurityAuthParams()
 {
     AadAuthParams[] result;
     using (Stream resourceAsStream = AadAuthParams.GetResourceAsStream("ASAzureSecurityConfig.xml"))
     {
         result = AadAuthParams.DeserializeAuthParams(resourceAsStream);
     }
     return(result);
 }
        private static object CreateAuthenticationContextWithCache(AadAuthParams authParams, string dataSource)
        {
            AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
            object             obj      = Activator.CreateInstance(instance.TokenCacheT);

            new AdalRuntimeLibrary.CacheLocalStorage(obj, dataSource);
            return(Activator.CreateInstance(instance.AuthenticationContextT, new object[]
            {
                authParams.Authority,
                obj
            }));
        }
Beispiel #5
0
        private static AadAuthParams FindAuthParams(Uri uri, AadAuthParams[] authParams)
        {
            string        host          = uri.Host;
            AadAuthParams aadAuthParams = null;

            for (int i = 0; i < authParams.Length; i++)
            {
                AadAuthParams aadAuthParams2 = authParams[i];
                if (host.EndsWith(aadAuthParams2.DomainPostfix, StringComparison.InvariantCultureIgnoreCase) && (aadAuthParams == null || aadAuthParams2.DomainPostfix.Length > aadAuthParams.DomainPostfix.Length))
                {
                    aadAuthParams = aadAuthParams2;
                }
            }
            return(aadAuthParams);
        }
Beispiel #6
0
        private void SetValues(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache, bool refreshableToken)
        {
            this.accessToken      = accessToken;
            this.refreshToken     = refreshToken;
            this.authParams       = authParams;
            this.dataSource       = dataSource;
            this.useAdalCache     = useAdalCache;
            this.refreshableToken = refreshableToken;
            this.expiresOn        = expiresOn;
            double totalSeconds = expiresOn.Subtract(DateTimeOffset.Now).TotalSeconds;

            if (totalSeconds > 0.0)
            {
                double value = totalSeconds * 0.08;
                this.reAcquireOn = expiresOn.Subtract(TimeSpan.FromSeconds(value));
                return;
            }
            this.reAcquireOn = expiresOn;
        }
Beispiel #7
0
 private static AadAuthParams[] ReadRemoteSecurityAuthParams()
 {
     AadAuthParams[] result;
     using (WebClient webClient = new WebClient())
     {
         try
         {
             byte[] buffer = webClient.DownloadData("https://global.asazure.windows.net/ASAzureSecurityConfig.xml");
             using (MemoryStream memoryStream = new MemoryStream(buffer))
             {
                 result = AadAuthParams.DeserializeAuthParams(memoryStream);
             }
         }
         catch (WebException)
         {
             result = new AadAuthParams[0];
         }
     }
     return(result);
 }
Beispiel #8
0
        public static AadAuthParams FindMatchingAuthParams(string identityProvider, Uri dataSourceUri)
        {
            AadAuthParams aadAuthParams = AadAuthParams.ExtractAuthParamsFromIdentityProvider(identityProvider);

            if (aadAuthParams != null)
            {
                return(aadAuthParams);
            }
            aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.LocalSecurityAuthParams);
            if (aadAuthParams != null)
            {
                return(aadAuthParams);
            }
            aadAuthParams = AadAuthParams.FindAuthParams(dataSourceUri, AadAuthParams.RemoteSecurityAuthParams);
            if (aadAuthParams != null)
            {
                return(aadAuthParams);
            }
            throw new ArgumentException(XmlaSR.Authentication_ClaimsToken_AuthorityNotFound);
        }
        internal static AadTokenHolder ReAcquireToken(string refreshToken, AadAuthParams authParams, string dataSource, bool useAdalCache)
        {
            AadTokenHolder result;

            using (new AdalRuntimeLibrary.Usage())
            {
                AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
                object             obj      = useAdalCache ? AadAuthenticator.CreateAuthenticationContextWithCache(authParams, dataSource) : Activator.CreateInstance(instance.AuthenticationContextT, new object[]
                {
                    authParams.Authority
                });
                object obj2 = instance.AcquireTokenByRefreshTokenM.Invoke(obj, new string[]
                {
                    refreshToken,
                    authParams.ApplicationId
                });
                result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj2, null), (string)instance.RefreshTokenP.GetValue(obj2, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj2, null), authParams, dataSource, useAdalCache);
            }
            return(result);
        }
        private static bool TryToUpdateTenant(AadAuthParams authParams, object authContext, string userId, out AadAuthParams authParamsUpdated)
        {
            AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
            object             value    = instance.TokenCacheP.GetValue(authContext, null);

            foreach (object current in ((IEnumerable)instance.ReadItemsM.Invoke(value, null)))
            {
                string text = (string)instance.AuthorityP.GetValue(current, null);
                string b    = (string)instance.ClientIdP.GetValue(current, null);
                string b2   = (string)instance.DisplayableIdP.GetValue(current, null);
                if (authParams.ApplicationId == b && AadAuthParams.IsSameInstance(authParams.Authority, text) && (userId == null || userId == b2))
                {
                    authParamsUpdated = new AadAuthParams
                    {
                        Authority     = text,
                        ApplicationId = authParams.ApplicationId,
                        DomainPostfix = authParams.DomainPostfix
                    };
                    return(true);
                }
            }
            authParamsUpdated = null;
            return(false);
        }
        internal static AadTokenHolder AcquireToken(Uri dataSourceUri, string dataSource, string identityProvider, string userId, string password, bool useAdalCache)
        {
            if (userId == null && password != null)
            {
                return(new AadTokenHolder(password));
            }
            AadAuthParams  aadAuthParams = AadAuthParams.FindMatchingAuthParams(identityProvider, dataSourceUri);
            string         text          = string.Format("https://{0}", dataSourceUri.Host);
            AadTokenHolder result;

            using (new AdalRuntimeLibrary.Usage())
            {
                AdalRuntimeLibrary instance = AdalRuntimeLibrary.Instance;
                object             obj;
                if (useAdalCache)
                {
                    obj = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource);
                    AadAuthParams aadAuthParams2;
                    if (aadAuthParams.IsCommonTenant && AadAuthenticator.TryToUpdateTenant(aadAuthParams, obj, userId, out aadAuthParams2))
                    {
                        aadAuthParams = aadAuthParams2;
                        obj           = AadAuthenticator.CreateAuthenticationContextWithCache(aadAuthParams, dataSource);
                    }
                }
                else
                {
                    obj = Activator.CreateInstance(instance.AuthenticationContextT, new object[]
                    {
                        aadAuthParams.Authority
                    });
                }
                object obj3;
                if (userId != null && password != null)
                {
                    object obj2 = Activator.CreateInstance(instance.UserCredentialT, new object[]
                    {
                        userId,
                        password
                    });
                    obj3 = instance.AcquireTokenCredentialsM.Invoke(obj, new object[]
                    {
                        text,
                        aadAuthParams.ApplicationId,
                        obj2
                    });
                }
                else if (userId != null)
                {
                    object obj4 = Activator.CreateInstance(instance.UserIdentifierT, new object[]
                    {
                        userId,
                        instance.OptionalDisplayableIdV
                    });
                    obj3 = instance.AcquireTokenUserIdM.Invoke(obj, new object[]
                    {
                        text,
                        aadAuthParams.ApplicationId,
                        AadAuthenticator.RedirectUri,
                        instance.PromptBehaviorAutoV,
                        obj4
                    });
                }
                else
                {
                    obj3 = instance.AcquireTokenM.Invoke(obj, new object[]
                    {
                        text,
                        aadAuthParams.ApplicationId,
                        AadAuthenticator.RedirectUri,
                        instance.PromptBehaviorAutoV
                    });
                }
                result = new AadTokenHolder((string)instance.AccessTokenP.GetValue(obj3, null), (string)instance.RefreshTokenP.GetValue(obj3, null), (DateTimeOffset)instance.ExpiresOnP.GetValue(obj3, null), aadAuthParams, dataSource, useAdalCache);
            }
            return(result);
        }
Beispiel #12
0
 internal AadTokenHolder(string accessToken, string refreshToken, DateTimeOffset expiresOn, AadAuthParams authParams, string dataSource, bool useAdalCache)
 {
     this.SetValues(accessToken, refreshToken, expiresOn, authParams, dataSource, useAdalCache, true);
 }