public IAccessToken GetAccessToken(AdalConfiguration config, ShowDialog promptBehavior, string userId, SecureString password, AzureAccount.AccountType credentialType) { if (credentialType == AzureAccount.AccountType.User) { throw new ArgumentException(string.Format(Resources.InvalidCredentialType, "User"), "credentialType"); } return new ServicePrincipalAccessToken(config, AcquireTokenWithSecret(config, userId, password), this.RenewWithSecret, userId); }
public IAccessToken GetAccessTokenWithCertificate(AdalConfiguration config, string clientId, string certificateThumbprint, AzureAccount.AccountType credentialType) { if (credentialType == AzureAccount.AccountType.User) { throw new ArgumentException(string.Format(Resources.InvalidCredentialType, "User"), "credentialType"); } return new ServicePrincipalAccessToken(config, AcquireTokenWithCertificate(config, clientId, certificateThumbprint), (adalConfig, appId) => this.RenewWithCertificate(adalConfig, appId, certificateThumbprint), clientId); }
private AuthenticationResult AcquireTokenWithSecret(AdalConfiguration config, string appId, SecureString appKey) { if (appKey == null) { return RenewWithSecret(config, appId); } StoreAppKey(appId, config.AdDomain, appKey); var credential = new ClientCredential(appId, appKey); var context = GetContext(config); return context.AcquireToken(config.ResourceClientUri, credential); }
private AuthenticationResult AcquireTokenWithCertificate(AdalConfiguration config, string appId, string thumbprint) { var certificate = AzureSession.DataStore.GetCertificate(thumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, thumbprint)); } var context = GetContext(config); return context.AcquireToken(config.ResourceClientUri, new ClientAssertionCertificate(appId, certificate)); }
private AuthenticationResult RenewWithSecret(AdalConfiguration config, string appId) { TracingAdapter.Information(Resources.SPNRenewTokenTrace, appId, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); using (SecureString appKey = LoadAppKey(appId, config.AdDomain)) { if (appKey == null) { throw new KeyNotFoundException(string.Format(Resources.ServiceKeyNotFound, appId)); } return AcquireTokenWithSecret(config, appId, appKey); } }
public IAccessToken GetAccessTokenWithCertificate( AdalConfiguration config, string clientId, string certificate, AzureAccount.AccountType credentialType) { switch (credentialType) { case AzureAccount.AccountType.ServicePrincipal: return servicePrincipalTokenProvider.GetAccessTokenWithCertificate(config, clientId, certificate, credentialType); default: throw new ArgumentException(string.Format(Resources.UnsupportedCredentialType, credentialType), "credentialType"); } }
public IAccessToken GetAccessToken( AdalConfiguration config, string promptBehavior, Action <string> promptAction, string userId, SecureString password, string credentialType) { if (credentialType != AzureAccount.AccountType.User) { throw new ArgumentException(string.Format(Resources.InvalidCredentialType, "User"), "credentialType"); } return(new AdalAccessToken(AcquireToken(config, promptBehavior, promptAction, userId, password), this, config)); }
public IAccessToken GetAccessTokenWithCertificate( AdalConfiguration config, string clientId, string certificateThumbprint, AzureAccount.AccountType credentialType) { if (credentialType == AzureAccount.AccountType.User) { throw new ArgumentException(string.Format(Resources.InvalidCredentialType, "User"), "credentialType"); } return(new ServicePrincipalAccessToken( config, AcquireTokenWithCertificate(config, clientId, certificateThumbprint), (adalConfig, appId) => this.RenewWithCertificate(adalConfig, appId, certificateThumbprint), clientId)); }
private AuthenticationResult AcquireTokenWithCertificate( AdalConfiguration config, string appId, string thumbprint) { var certificate = AzureSession.Instance.DataStore.GetCertificate(thumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, thumbprint)); } var context = GetContext(config); return(context.AcquireToken(config.ResourceClientUri, new ClientAssertionCertificate(appId, certificate))); }
// We have to run this in a separate thread to guarantee that it's STA. This method // handles the threading details. private AuthenticationResult AcquireToken( AdalConfiguration config, string promptBehavior, Action <string> promptAction, string userId, SecureString password) { AuthenticationResult result = null; Exception ex = null; if (promptBehavior == ShowDialog.Never) { result = SafeAquireToken(config, promptBehavior, promptAction, userId, password, out ex); } else { var thread = new Thread(() => { result = SafeAquireToken(config, promptBehavior, promptAction, userId, password, out ex); }); thread.SetApartmentState(ApartmentState.STA); thread.Name = "AcquireTokenThread"; thread.Start(); thread.Join(); } if (ex != null) { var adex = ex as AdalException; if (adex != null) { if (adex.ErrorCode == AdalError.AuthenticationCanceled) { throw new AadAuthenticationCanceledException(adex.Message, adex); } } if (ex is AadAuthenticationException) { throw ex; } throw new AadAuthenticationFailedException(GetExceptionMessage(ex), ex); } return(result); }
private AuthenticationResult AcquireTokenWithCertificate( AdalConfiguration config, string appId, string thumbprint) { var certificate = AzureSession.Instance.DataStore.GetCertificate(thumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, thumbprint)); } var context = GetContext(config); return(context.AcquireTokenAsync(config.ResourceClientUri, new Microsoft.IdentityModel.Clients.ActiveDirectory.ClientAssertionCertificate(appId, certificate)) .ConfigureAwait(false).GetAwaiter().GetResult()); }
private AuthenticationResult AcquireTokenWithSecret(AdalConfiguration config, string appId, SecureString appKey) { if (appKey == null) { return RenewWithSecret(config, appId); } StoreAppKey(appId, config.AdDomain, appKey); var context = GetContext(config); #if !NETSTANDARD var credential = new ClientCredential(appId, appKey); return context.AcquireToken(config.ResourceClientUri, credential); #else var credential = new ClientCredential(appId, ConversionUtilities.SecureStringToString(appKey)); return context.AcquireTokenAsync(config.ResourceClientUri, credential).ConfigureAwait(false).GetAwaiter().GetResult(); #endif }
public IAccessToken GetAccessToken( AdalConfiguration config, ShowDialog promptBehavior, string userId, SecureString password, AzureAccount.AccountType credentialType) { switch (credentialType) { case AzureAccount.AccountType.User: return userTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType); case AzureAccount.AccountType.ServicePrincipal: return servicePrincipalTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType); default: throw new ArgumentException(Resources.UnknownCredentialType, "credentialType"); } }
private AuthenticationResult DoAcquireToken( AdalConfiguration config, string userId, SecureString password, Action <string> promptAction, bool renew = false) { AuthenticationResult result; var context = CreateContext(config); TracingAdapter.Information( Resources.UPNAcquireTokenContextTrace, context.Authority, context.CorrelationId, context.ValidateAuthority); TracingAdapter.Information( Resources.UPNAcquireTokenConfigTrace, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); if (promptAction == null || renew) { result = context.AcquireTokenSilentAsync(config.ResourceClientUri, config.ClientId, new UserIdentifier(userId, UserIdentifierType.OptionalDisplayableId)) .ConfigureAwait(false).GetAwaiter().GetResult(); } else if (string.IsNullOrEmpty(userId) || password == null) { var code = context.AcquireDeviceCodeAsync(config.ResourceClientUri, config.ClientId) .ConfigureAwait(false).GetAwaiter().GetResult(); promptAction(code?.Message); result = context.AcquireTokenByDeviceCodeAsync(code) .ConfigureAwait(false).GetAwaiter().GetResult(); } else { UserCredential credential = new UserCredential(userId); result = context.AcquireTokenAsync(config.ResourceClientUri, config.ClientId, credential) .ConfigureAwait(false).GetAwaiter().GetResult(); } return(result); }
private AuthenticationResult SafeAquireToken( AdalConfiguration config, string showDialog, Action <string> promptAction, string userId, SecureString password, out Exception ex) { try { ex = null; var promptBehavior = (PromptBehavior)Enum.Parse(typeof(PromptBehavior), showDialog.ToString()); return(DoAcquireToken(config, promptBehavior, promptAction, userId, password)); } catch (AdalException adalEx) { if (adalEx.ErrorCode == AdalError.UserInteractionRequired || adalEx.ErrorCode == AdalError.MultipleTokensMatched) { string message = Resources.AdalUserInteractionRequired; if (adalEx.ErrorCode == AdalError.MultipleTokensMatched) { message = Resources.AdalMultipleTokens; } ex = new AadAuthenticationFailedWithoutPopupException(message, adalEx); } else if (adalEx.ErrorCode == AdalError.MissingFederationMetadataUrl || adalEx.ErrorCode == AdalError.FederatedServiceReturnedError) { ex = new AadAuthenticationFailedException(Resources.CredentialOrganizationIdMessage, adalEx); } else { ex = adalEx; } } catch (Exception threadEx) { ex = threadEx; } return(null); }
public IAccessToken GetAccessToken( AdalConfiguration config, string promptBehavior, string userId, SecureString password, string credentialType) { switch (credentialType) { case AzureAccount.AccountType.User: return(userTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType)); case AzureAccount.AccountType.ServicePrincipal: return(servicePrincipalTokenProvider.GetAccessToken(config, promptBehavior, userId, password, credentialType)); default: throw new ArgumentException(Resources.UnknownCredentialType, "credentialType"); } }
private AuthenticationResult AcquireTokenWithCertificate( AdalConfiguration config, string appId, string thumbprint) { var certificate = AzureSession.Instance.DataStore.GetCertificate(thumbprint); if (certificate == null) { throw new ArgumentException(string.Format(Resources.CertificateNotFoundInStore, thumbprint)); } var context = GetContext(config); #if !NETSTANDARD return context.AcquireToken(config.ResourceClientUri, new ClientAssertionCertificate(appId, certificate)); #else return context.AcquireTokenAsync(config.ResourceClientUri, new ClientAssertionCertificate(appId, certificate)) .ConfigureAwait(false).GetAwaiter().GetResult(); #endif }
private AuthenticationResult RenewWithSecret(AdalConfiguration config, string appId) { TracingAdapter.Information(Resources.SPNRenewTokenTrace, appId, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); #if !NETSTANDARD using (SecureString appKey = LoadAppKey(appId, config.AdDomain)) { #else var appKey = LoadAppKey(appId, config.AdDomain); #endif if (appKey == null) { throw new KeyNotFoundException(string.Format(Resources.ServiceKeyNotFound, appId)); } return AcquireTokenWithSecret(config, appId, appKey); #if !NETSTANDARD } #endif }
private AuthenticationResult DoAcquireToken(AdalConfiguration config, PromptBehavior promptBehavior, string userId, SecureString password) { AuthenticationResult result; var context = CreateContext(config); TracingAdapter.Information(Resources.UPNAcquireTokenContextTrace, context.Authority, context.CorrelationId, context.ValidateAuthority); TracingAdapter.Information(Resources.UPNAcquireTokenConfigTrace, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); if (string.IsNullOrEmpty(userId)) { if (promptBehavior != PromptBehavior.Never) { ClearCookies(); } result = context.AcquireToken(config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, UserIdentifier.AnyUser, AdalConfiguration.EnableEbdMagicCookie); } else { if (password == null) { result = context.AcquireToken(config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, new UserIdentifier(userId, UserIdentifierType.RequiredDisplayableId), AdalConfiguration.EnableEbdMagicCookie); } else { UserCredential credential = new UserCredential(userId, password); result = context.AcquireToken(config.ResourceClientUri, config.ClientId, credential); } } return(result); }
private AuthenticationContext CreateContext(AdalConfiguration config) { return(new AuthenticationContext(config.AdEndpoint + config.AdDomain, config.ValidateAuthority, config.TokenCache)); }
public IAccessToken GetAccessTokenWithCertificate(AdalConfiguration config, string clientId, string certificate, AzureAccount.AccountType credentialType) { throw new NotImplementedException(); }
public IAccessToken GetAccessTokenWithCertificate( AdalConfiguration config, string clientId, string certificate, AzureAccount.AccountType credentialType) { throw new NotImplementedException(); }
public IAccessToken GetAccessToken(AdalConfiguration config, ShowDialog promptBehavior, string userId, SecureString password, AzureAccount.AccountType credentialType) { return this.accessToken; }
public AdalAccessToken(AuthenticationResult authResult, UserTokenProvider tokenProvider, AdalConfiguration configuration) { AuthResult = authResult; this.tokenProvider = tokenProvider; Configuration = configuration; }
// We have to run this in a separate thread to guarantee that it's STA. This method // handles the threading details. private AuthenticationResult AcquireToken(AdalConfiguration config, ShowDialog promptBehavior, string userId, SecureString password) { AuthenticationResult result = null; Exception ex = null; if (promptBehavior == ShowDialog.Never) { result = SafeAquireToken(config, promptBehavior, userId, password, out ex); } else { var thread = new Thread(() => { result = SafeAquireToken(config, promptBehavior, userId, password, out ex); }); thread.SetApartmentState(ApartmentState.STA); thread.Name = "AcquireTokenThread"; thread.Start(); thread.Join(); } if (ex != null) { var adex = ex as AdalException; if (adex != null) { if (adex.ErrorCode == AdalError.AuthenticationCanceled) { throw new AadAuthenticationCanceledException(adex.Message, adex); } } if (ex is AadAuthenticationException) { throw ex; } throw new AadAuthenticationFailedException(GetExceptionMessage(ex), ex); } return result; }
private AuthenticationContext GetContext(AdalConfiguration config) { string authority = config.AdEndpoint + config.AdDomain; return new AuthenticationContext(authority, config.ValidateAuthority, config.TokenCache); }
private AuthenticationResult SafeAquireToken( AdalConfiguration config, ShowDialog showDialog, string userId, SecureString password, out Exception ex) { try { ex = null; var promptBehavior = (PromptBehavior)Enum.Parse(typeof(PromptBehavior), showDialog.ToString()); return DoAcquireToken(config, promptBehavior, userId, password); } catch (AdalException adalEx) { if (adalEx.ErrorCode == AdalError.UserInteractionRequired || adalEx.ErrorCode == AdalError.MultipleTokensMatched) { string message = Resources.AdalUserInteractionRequired; if (adalEx.ErrorCode == AdalError.MultipleTokensMatched) { message = Resources.AdalMultipleTokens; } ex = new AadAuthenticationFailedWithoutPopupException(message, adalEx); } else if (adalEx.ErrorCode == AdalError.MissingFederationMetadataUrl) { ex = new AadAuthenticationFailedException(Resources.CredentialOrganizationIdMessage, adalEx); } else { ex = adalEx; } } catch (Exception threadEx) { ex = threadEx; } return null; }
private AuthenticationResult DoAcquireToken( AdalConfiguration config, PromptBehavior promptBehavior, string userId, SecureString password) { AuthenticationResult result; var context = CreateContext(config); TracingAdapter.Information( Resources.UPNAcquireTokenContextTrace, context.Authority, context.CorrelationId, context.ValidateAuthority); TracingAdapter.Information( Resources.UPNAcquireTokenConfigTrace, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); if (string.IsNullOrEmpty(userId)) { if (promptBehavior != PromptBehavior.Never) { AdalTokenCache.ClearCookies(); } result = context.AcquireToken( config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, UserIdentifier.AnyUser, AdalConfiguration.EnableEbdMagicCookie); } else { if (password == null) { result = context.AcquireToken( config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, new UserIdentifier(userId, UserIdentifierType.RequiredDisplayableId), AdalConfiguration.EnableEbdMagicCookie); } else { UserCredential credential = new UserCredential(userId, password); result = context.AcquireToken(config.ResourceClientUri, config.ClientId, credential); } } return result; }
public ServicePrincipalAccessToken(AdalConfiguration configuration, AuthenticationResult authResult, Func<AdalConfiguration, string, AuthenticationResult> tokenRenewer, string appId) { Configuration = configuration; AuthResult = authResult; this.tokenRenewer = tokenRenewer; this.appId = appId; }
public AdalAccessToken(AuthenticationResult authResult, UserTokenProvider tokenProvider, AdalConfiguration configuration) { AuthResult = authResult; this.tokenProvider = tokenProvider; Configuration = configuration; }
private AuthenticationContext CreateContext(AdalConfiguration config) { return new AuthenticationContext(config.AdEndpoint + config.AdDomain, config.ValidateAuthority, config.TokenCache) { OwnerWindow = parentWindow }; }
public IAccessToken GetAccessTokenWithCertificate(AdalConfiguration config, string principalId, string certificateThumbprint, string credentialType) { throw new NotImplementedException(); }
IAccessToken ITokenProvider.GetAccessTokenWithCertificate(AdalConfiguration config, string principalId, string certificateThumbprint, AzureAccount.AccountType credentialType) { return GetAccessTokenWithCertificate(config, principalId, certificateThumbprint, credentialType); }
private AuthenticationContext GetContext(AdalConfiguration config) { string authority = config.AdEndpoint + config.AdDomain; return(new AuthenticationContext(authority, config.ValidateAuthority, config.TokenCache)); }
private AuthenticationResult RenewWithCertificate(AdalConfiguration config, string appId, string thumbprint) { TracingAdapter.Information(Resources.SPNRenewTokenTrace, appId, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); return AcquireTokenWithCertificate(config, appId, thumbprint); }
public IAccessToken GetAccessTokenWithCertificate(AdalConfiguration config, string principalId, string certificateThumbprint, AzureAccount.AccountType credentialType) { return this.accessToken; }
private AuthenticationResult DoAcquireToken( AdalConfiguration config, PromptBehavior promptBehavior, Action <string> promptAction, string userId, SecureString password) { AuthenticationResult result; var context = CreateContext(config); TracingAdapter.Information( Resources.UPNAcquireTokenContextTrace, context.Authority, context.CorrelationId, context.ValidateAuthority); TracingAdapter.Information( Resources.UPNAcquireTokenConfigTrace, config.AdDomain, config.AdEndpoint, config.ClientId, config.ClientRedirectUri); if (string.IsNullOrEmpty(userId)) { if (promptBehavior != PromptBehavior.Never) { AdalTokenCache.ClearCookies(); } Guid tempGuid = Guid.Empty; if (!string.Equals(config.AdDomain, "Common", StringComparison.OrdinalIgnoreCase) && !Guid.TryParse(config.AdDomain, out tempGuid)) { var tempResult = context.AcquireToken( config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, UserIdentifier.AnyUser, AdalConfiguration.EnableEbdMagicCookie); config.AdDomain = tempResult.TenantId; context = CreateContext(config); promptBehavior = PromptBehavior.Never; } result = context.AcquireToken( config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, UserIdentifier.AnyUser, AdalConfiguration.EnableEbdMagicCookie); } else { if (password == null) { result = context.AcquireToken( config.ResourceClientUri, config.ClientId, config.ClientRedirectUri, promptBehavior, new UserIdentifier(userId, UserIdentifierType.RequiredDisplayableId), AdalConfiguration.EnableEbdMagicCookie); } else { UserCredential credential = new UserCredential(userId, password); result = context.AcquireToken(config.ResourceClientUri, config.ClientId, credential); } } return(result); }