public async Task <WebTokenRequest> CreateWebTokenRequestAsync(
WebAccountProvider provider,
AuthenticationRequestParameters authenticationRequestParameters,
bool isForceLoginPrompt,
bool isInteractive,
bool isAccountInWam)
{
bool setLoginHint = false;
bool addNewAccount = false;
string loginHint = !string.IsNullOrEmpty(authenticationRequestParameters.LoginHint) ?
authenticationRequestParameters.LoginHint :
authenticationRequestParameters.Account?.Username;
if (isInteractive && !isAccountInWam)
{
if (!string.IsNullOrEmpty(loginHint))
{
setLoginHint = true;
}
else
{
addNewAccount = !(await _webAccountProviderFactory.IsDefaultAccountMsaAsync().ConfigureAwait(false));
}
}
var promptType = (setLoginHint || addNewAccount || (isForceLoginPrompt && isInteractive)) ?
WebTokenRequestPromptType.ForceAuthentication :
WebTokenRequestPromptType.Default;
string scopes = ScopeHelper.GetMsalScopes(authenticationRequestParameters.Scope).AsSingleString();
WebTokenRequest request = new WebTokenRequest(
provider,
scopes,
authenticationRequestParameters.AppConfig.ClientId,
promptType);
if (addNewAccount || setLoginHint)
{
request.Properties.Add("Client_uiflow", "new_account"); // launch add account flow
if (setLoginHint)
{
request.Properties.Add("LoginHint", loginHint); // prefill username
}
}
AddV2Properties(request);
if (ApiInformation.IsPropertyPresent("Windows.Security.Authentication.Web.Core.WebTokenRequest", "CorrelationId"))
{
LegacyOsWamProxy.SetCorrelationId(request, authenticationRequestParameters.CorrelationId.ToString());
}
else
{
_logger.Warning("[WAM MSA Plugin] Could not add the correlation ID to the request.");
}
return(request);
}
public Task <WebTokenRequest> CreateWebTokenRequestAsync(
WebAccountProvider provider,
AuthenticationRequestParameters authenticationRequestParameters,
bool isForceLoginPrompt,
bool isInteractive,
bool isAccountInWam,
string scopeOverride = null)
{
string loginHint = !string.IsNullOrEmpty(authenticationRequestParameters.LoginHint) ?
authenticationRequestParameters.LoginHint :
authenticationRequestParameters.Account?.Username;
bool setLoginHint =
isInteractive &&
!isAccountInWam &&
!string.IsNullOrEmpty(loginHint);
var wamPrompt = setLoginHint || (isInteractive && isForceLoginPrompt) ?
WebTokenRequestPromptType.ForceAuthentication :
WebTokenRequestPromptType.Default;
WebTokenRequest request = new WebTokenRequest(
provider,
scopeOverride ?? ScopeHelper.GetMsalScopes(authenticationRequestParameters.Scope).AsSingleString(),
authenticationRequestParameters.AppConfig.ClientId,
wamPrompt);
if (setLoginHint)
{
request.Properties.Add("LoginHint", authenticationRequestParameters.LoginHint);
}
request.Properties.Add("wam_compat", "2.0");
if (ApiInformation.IsPropertyPresent("Windows.Security.Authentication.Web.Core.WebTokenRequest", "CorrelationId"))
{
LegacyOsWamProxy.SetCorrelationId(request, authenticationRequestParameters.CorrelationId.ToString());
}
else
{
request.Properties.Add("correlationId", authenticationRequestParameters.CorrelationId.ToString());
}
if (!string.IsNullOrEmpty(authenticationRequestParameters.ClaimsAndClientCapabilities))
{
request.Properties.Add("claims", authenticationRequestParameters.ClaimsAndClientCapabilities);
}
return(Task.FromResult(request));
}
public async Task <IReadOnlyList <WebAccount> > FindAllWebAccountsAsync(WebAccountProvider provider, string clientID)
{
using (_logger.LogBlockDuration("WAM:FindAllWebAccountsAsync:"))
{
if (_logger.IsLoggingEnabled(LogLevel.Verbose))
{
_logger.VerbosePii(provider.ToLogString(true), provider.ToLogString(false));
}
// Win 10 RS3 release and above
if (!ApiInformation.IsMethodPresent(
"Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager",
"FindAllAccountsAsync"))
{
_logger.Info("[WamProxy] FindAllAccountsAsync method does not exist (it was introduced in Win 10 RS3). " +
"Returning 0 broker accounts. ");
return(Enumerable.Empty <WebAccount>().ToList());
}
return(await LegacyOsWamProxy.FindAllAccountsAsync(provider, clientID, _logger).ConfigureAwait(false));
}
}
