private static async Task <AuthenticationParameters> CreateFromResourceUrlCommonAsync(Uri resourceUrl)
{
if (resourceUrl == null)
{
throw new ArgumentNullException("resourceUrl");
}
AuthenticationParameters authParams;
try
{
HttpClientWrapper request = new HttpClientWrapper(resourceUrl.AbsoluteUri, null);
using (await request.GetResponseAsync().ConfigureAwait(false))
{
var ex = new MsalException(MsalError.UnauthorizedResponseExpected);
PlatformPlugin.Logger.Error(null, ex);
throw ex;
}
}
catch (HttpRequestWrapperException ex)
{
PlatformPlugin.Logger.Error(null, ex);
IHttpWebResponse response = ex.WebResponse;
if (response == null)
{
var serviceEx = new MsalServiceException(MsalErrorMessage.UnauthorizedHttpStatusCodeExpected, ex);
PlatformPlugin.Logger.Error(null, serviceEx);
throw serviceEx;
}
authParams = CreateFromUnauthorizedResponseCommon(response);
}
return(authParams);
}
internal static MsalThrottledServiceException FromThrottledAuthenticationResponse(HttpResponse httpResponse)
{
MsalServiceException ex = new MsalServiceException(MsalError.RequestThrottled, MsalErrorMessage.AadThrottledError);
SetHttpExceptionData(ex, httpResponse);
return(new MsalThrottledServiceException(ex));
}
internal static MsalServiceException FromHttpResponse(
string errorCode,
string errorMessage,
HttpResponse httpResponse,
Exception innerException = null)
{
MsalServiceException ex = null;
var oAuth2Response = JsonHelper.TryToDeserializeFromJson <OAuth2ResponseBase>(httpResponse?.Body);
if (string.Equals(oAuth2Response?.Error, MsalError.InvalidGrantError, StringComparison.OrdinalIgnoreCase))
{
if (InvalidGrantClassification.IsUiInteractionRequired(oAuth2Response?.SubError))
{
ex = new MsalUiRequiredException(errorCode, errorMessage, innerException);
}
}
if (ex == null)
{
ex = new MsalServiceException(errorCode, errorMessage, innerException);
}
ex.ResponseBody = httpResponse?.Body;
ex.StatusCode = httpResponse != null ? (int)httpResponse.StatusCode : 0;
ex.Headers = httpResponse?.Headers;
ex.Claims = oAuth2Response?.Claims;
ex.CorrelationId = oAuth2Response?.CorrelationId;
ex.SubError = oAuth2Response?.SubError;
return(ex);
}
internal static MsalServiceException FromImdsResponse(
string errorCode,
string errorMessage,
HttpResponse httpResponse,
Exception innerException = null)
{
MsalServiceException ex = new MsalServiceException(errorCode, errorMessage, innerException);
SetHttpExceptionData(ex, httpResponse);
return(ex);
}
internal static MsalServiceException FromImdsResponse(
string errorCode,
string errorMessage,
HttpResponse httpResponse,
Exception innerException = null)
{
MsalServiceException ex = new MsalServiceException(errorCode, errorMessage, innerException);
ex.ResponseBody = httpResponse?.Body;
ex.StatusCode = httpResponse != null ? (int)httpResponse.StatusCode : 0;
ex.Headers = httpResponse?.Headers;
return(ex);
}
internal static MsalServiceException FromBrokerResponse(
MsalTokenResponse msalTokenResponse,
string errorMessage)
{
string errorCode = msalTokenResponse.Error;
string correlationId = msalTokenResponse.CorrelationId;
string subErrorCode = string.IsNullOrEmpty(msalTokenResponse.SubError)?
MsalError.UnknownBrokerError : msalTokenResponse.SubError;
HttpResponse brokerHttpResponse = msalTokenResponse.HttpResponse;
MsalServiceException ex = null;
if (IsAppProtectionPolicyRequired(errorCode, subErrorCode))
{
ex = new IntuneAppProtectionPolicyRequiredException(errorCode, subErrorCode)
{
Upn = msalTokenResponse.Upn,
AuthorityUrl = msalTokenResponse.AuthorityUrl,
TenantId = msalTokenResponse.TenantId,
AccountUserId = msalTokenResponse.AccountUserId,
};
}
if (IsInvalidGrant(errorCode, subErrorCode) || IsInteractionRequired(errorCode))
{
ex = new MsalUiRequiredException(errorCode, errorMessage);
}
if (string.Equals(errorCode, MsalError.InvalidClient, StringComparison.OrdinalIgnoreCase))
{
ex = new MsalServiceException(
MsalError.InvalidClient,
MsalErrorMessage.InvalidClient + " Original exception: " + errorMessage);
}
if (ex == null)
{
ex = new MsalServiceException(errorCode, errorMessage);
}
SetHttpExceptionData(ex, brokerHttpResponse);
ex.CorrelationId = correlationId;
ex.SubError = subErrorCode;
return(ex);
}
internal static MsalServiceException FromHttpResponse(
string errorCode,
string errorMessage,
HttpResponse httpResponse,
Exception innerException = null)
{
MsalServiceException ex = null;
var oAuth2Response = JsonHelper.TryToDeserializeFromJson <OAuth2ResponseBase>(httpResponse?.Body);
if (IsInvalidGrant(oAuth2Response?.Error, oAuth2Response?.SubError) || IsInteractionRequired(oAuth2Response?.Error))
{
if (IsThrottled(oAuth2Response))
{
ex = new MsalUiRequiredException(errorCode, MsalErrorMessage.AadThrottledError, innerException);
}
else
{
ex = new MsalUiRequiredException(errorCode, errorMessage, innerException);
}
}
if (string.Equals(oAuth2Response?.Error, MsalError.InvalidClient, StringComparison.OrdinalIgnoreCase))
{
ex = new MsalServiceException(
MsalError.InvalidClient,
MsalErrorMessage.InvalidClient + " Original exception: " + oAuth2Response?.ErrorDescription,
innerException);
}
if (ex == null)
{
ex = new MsalServiceException(errorCode, errorMessage, innerException);
}
SetHttpExceptionData(ex, httpResponse);
ex.Claims = oAuth2Response?.Claims;
ex.CorrelationId = oAuth2Response?.CorrelationId;
ex.SubError = oAuth2Response?.SubError;
return(ex);
}
internal static MsalServiceException FromBrokerResponse(
string errorCode,
string errorMessage,
string subErrorCode,
string correlationId,
HttpResponse brokerHttpResponse)
{
MsalServiceException ex = null;
if (IsInvalidGrant(errorCode, subErrorCode) || IsInteractionRequired(errorCode))
{
ex = new MsalUiRequiredException(errorCode, errorMessage);
}
if (string.Equals(errorCode, MsalError.InvalidClient, StringComparison.OrdinalIgnoreCase))
{
ex = new MsalServiceException(
MsalError.InvalidClient,
MsalErrorMessage.InvalidClient + " Original exception: " + errorMessage);
}
if (ex == null)
{
ex = new MsalServiceException(errorCode, errorMessage);
}
if (brokerHttpResponse != null)
{
ex.ResponseBody = brokerHttpResponse.Body;
ex.StatusCode = (int)brokerHttpResponse.StatusCode;
ex.Headers = brokerHttpResponse.Headers;
}
ex.CorrelationId = correlationId;
ex.SubError = subErrorCode;
return(ex);
}
private static void SetHttpExceptionData(MsalServiceException ex, HttpResponse httpResponse)
{
ex.ResponseBody = httpResponse?.Body;
ex.StatusCode = httpResponse != null ? (int)httpResponse.StatusCode : 0;
ex.Headers = httpResponse?.Headers;
}
private static async Task<AuthenticationParameters> CreateFromResourceUrlCommonAsync(Uri resourceUrl)
{
if (resourceUrl == null)
{
throw new ArgumentNullException("resourceUrl");
}
AuthenticationParameters authParams;
try
{
HttpClientWrapper request = new HttpClientWrapper(resourceUrl.AbsoluteUri, null);
using (await request.GetResponseAsync().ConfigureAwait(false))
{
var ex = new MsalException(MsalError.UnauthorizedResponseExpected);
PlatformPlugin.Logger.Error(null, ex);
throw ex;
}
}
catch (HttpRequestWrapperException ex)
{
PlatformPlugin.Logger.Error(null, ex);
IHttpWebResponse response = ex.WebResponse;
if (response == null)
{
var serviceEx = new MsalServiceException(MsalErrorMessage.UnauthorizedHttpStatusCodeExpected, ex);
PlatformPlugin.Logger.Error(null, serviceEx);
throw serviceEx;
}
authParams = CreateFromUnauthorizedResponseCommon(response);
}
return authParams;
}
