public override string ToString()
{
StringBuilder messageBuilder = new StringBuilder();
foreach (KeyValuePair <string, string> kvp in this)
{
EncodingHelper.AddKeyValueString(messageBuilder, EncodingHelper.UrlEncode(kvp.Key), EncodingHelper.UrlEncode(kvp.Value));
}
if (this.ExtraQueryParameter != null)
{
messageBuilder.Append('&' + this.ExtraQueryParameter);
}
return(messageBuilder.ToString());
}
void DecidePolicyForNavigation(WebView webView, NSDictionary actionInformation, NSUrlRequest request, WebFrame frame, NSObject decisionToken)
{
if (request == null)
{
WebView.DecideUse(decisionToken);
return;
}
string requestUrlString = request.Url.ToString();
if (requestUrlString.StartsWith(BrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
var result = new AuthorizationResult(AuthorizationStatus.ProtocolError)
{
Error = "Unsupported request",
ErrorDescription = "Server is redirecting client to browser. This behavior is not yet defined on Mac OS X."
};
callbackMethod(result);
WebView.DecideIgnore(decisionToken);
Close();
return;
}
if (requestUrlString.ToLower(CultureInfo.InvariantCulture).StartsWith(callback.ToLower(CultureInfo.InvariantCulture), StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(BrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
callbackMethod(new AuthorizationResult(AuthorizationStatus.Success, request.Url.ToString()));
WebView.DecideIgnore(decisionToken);
Close();
return;
}
if (requestUrlString.StartsWith(BrokerConstants.DeviceAuthChallengeRedirect, StringComparison.CurrentCultureIgnoreCase))
{
var uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = PlatformPlugin.DeviceAuthHelper.CreateDeviceAuthChallengeResponse(keyPair).Result;
var newRequest = (NSMutableUrlRequest)request.MutableCopy();
newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
newRequest[BrokerConstants.ChallengeResponseHeader] = responseHeader;
webView.MainFrame.LoadRequest(newRequest);
WebView.DecideIgnore(decisionToken);
return;
}
if (!request.Url.AbsoluteString.Equals("about:blank", StringComparison.CurrentCultureIgnoreCase) && !request.Url.Scheme.Equals("https", StringComparison.CurrentCultureIgnoreCase))
{
var result = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
result.Error = AdalError.NonHttpsRedirectNotSupported;
result.ErrorDescription = AdalErrorMessage.NonHttpsRedirectNotSupported;
callbackMethod(result);
WebView.DecideIgnore(decisionToken);
Close();
}
WebView.DecideUse(decisionToken);
}
public void AcquireToken(IDictionary <string, string> brokerPayload)
{
if (brokerPayload.ContainsKey("broker_install_url"))
{
string url = brokerPayload["broker_install_url"];
Uri uri = new Uri(url);
string query = uri.Query;
if (query.StartsWith("?"))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null);
PlatformParameters pp = PlatformParameters as PlatformParameters;
pp.CallerActivity.StartActivity(new Intent(Intent.ActionView, Android.Net.Uri.Parse(keyPair["app_link"])));
throw new AdalException(AdalErrorAndroidEx.BrokerApplicationRequired, AdalErrorMessageAndroidEx.BrokerApplicationRequired);
}
Context mContext = Application.Context;
AuthenticationRequest request = new AuthenticationRequest(brokerPayload);
PlatformParameters platformParams = PlatformParameters as PlatformParameters;
// BROKER flow intercepts here
// cache and refresh call happens through the authenticator service
if (mBrokerProxy.VerifyUser(request.LoginHint,
request.UserId))
{
PlatformPlugin.Logger.Verbose(null, "It switched to broker for context: " + mContext.PackageName);
request.BrokerAccountName = request.LoginHint;
// Don't send background request, if prompt flag is always or
// refresh_session
if (!string.IsNullOrEmpty(request.BrokerAccountName) || !string.IsNullOrEmpty(request.UserId))
{
PlatformPlugin.Logger.Verbose(null, "User is specified for background token request");
resultEx = mBrokerProxy.GetAuthTokenInBackground(request, platformParams.CallerActivity);
}
else
{
PlatformPlugin.Logger.Verbose(null, "User is not specified for background token request");
}
if (resultEx != null && resultEx.Result != null && !string.IsNullOrEmpty(resultEx.Result.AccessToken))
{
PlatformPlugin.Logger.Verbose(null, "Token is returned from background call ");
readyForResponse.Release();
return;
}
// Launch broker activity
// if cache and refresh request is not handled.
// Initial request to authenticator needs to launch activity to
// record calling uid for the account. This happens for Prompt auto
// or always behavior.
PlatformPlugin.Logger.Verbose(null, "Token is not returned from backgroud call");
// Only happens with callback since silent call does not show UI
PlatformPlugin.Logger.Verbose(null, "Launch activity for Authenticator");
PlatformPlugin.Logger.Verbose(null, "Starting Authentication Activity");
if (resultEx == null)
{
PlatformPlugin.Logger.Verbose(null, "Initial request to authenticator");
// Log the initial request but not force a prompt
}
if (brokerPayload.ContainsKey("silent_broker_flow"))
{
throw new AdalSilentTokenAcquisitionException();
}
// onActivityResult will receive the response
// Activity needs to launch to record calling app for this
// account
Intent brokerIntent = mBrokerProxy.GetIntentForBrokerActivity(request, platformParams.CallerActivity);
if (brokerIntent != null)
{
try
{
PlatformPlugin.Logger.Verbose(null, "Calling activity pid:" + Android.OS.Process.MyPid()
+ " tid:" + Android.OS.Process.MyTid() + "uid:"
+ Android.OS.Process.MyUid());
platformParams.CallerActivity.StartActivityForResult(brokerIntent, 1001);
}
catch (ActivityNotFoundException e)
{
PlatformPlugin.Logger.Error(null, e);
}
}
}
else
{
throw new AdalException(AdalErrorAndroidEx.NoBrokerAccountFound, "Add requested account as a Workplace account via Settings->Accounts or set UseBroker=true.");
}
}
void WebView_NavigateToUrl(object sender, NavigateToUrlEventArgs e)
{
/*Console.WriteLine(e.Uri);
* if (e.Uri.ToString().StartsWith("urn:ietf:wg:oauth:2.0:oob", StringComparison.InvariantCultureIgnoreCase))
* {
* Console.WriteLine("MAGICAL SPECIAL HANDLING");
* Application.Invoke(delegate { progressIndicator.Indeterminate = true; progressIndicator.Fraction = 0;});
* }*/
if (e == null)
{
return;
}
string requestUrlString = e.Uri.ToString();
if (requestUrlString.StartsWith(BrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
var result = new AuthorizationResult(AuthorizationStatus.ProtocolError)
{
Error = "Unsupported request",
ErrorDescription = "Server is redirecting client to browser. This behavior is not yet defined on Mac OS X."
};
callbackMethod(result);
webView.StopLoading();
Application.Invoke(delegate { Close(); });
return;
}
if (requestUrlString.ToLower(CultureInfo.InvariantCulture).StartsWith(callback.ToLower(CultureInfo.InvariantCulture), StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(BrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
callbackMethod(new AuthorizationResult(AuthorizationStatus.Success, requestUrlString));
webView.StopLoading();
Application.Invoke(delegate { Close(); });
return;
}
if (requestUrlString.StartsWith(BrokerConstants.DeviceAuthChallengeRedirect, StringComparison.CurrentCultureIgnoreCase))
{
var uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = PlatformPlugin.DeviceAuthHelper.CreateDeviceAuthChallengeResponse(keyPair).Result;
/*var newRequest = WebRequest.CreateHttp(keyPair["SubmitUrl"]);
* newRequest.Headers[BrokerConstants.ChallengeResponseHeader] = responseHeader;
* var newRequest = (NSMutableUrlRequest)request.MutableCopy();
* newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
* newRequest[BrokerConstants.ChallengeResponseHeader] = responseHeader;
* webView.MainFrame.LoadRequest(newRequest);
* WebView.DecideIgnore(decisionToken);*/
return;
}
if (!e.Uri.AbsoluteUri.Equals("about:blank", StringComparison.CurrentCultureIgnoreCase) && !e.Uri.Scheme.Equals("https", StringComparison.CurrentCultureIgnoreCase))
{
var result = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
result.Error = AdalError.NonHttpsRedirectNotSupported;
result.ErrorDescription = AdalErrorMessage.NonHttpsRedirectNotSupported;
callbackMethod(result);
webView.StopLoading();
Application.Invoke(delegate { Close(); });
}
}
public override void ViewDidLoad()
{
base.ViewDidLoad();
View.BackgroundColor = UIColor.White;
webView = new UIWebView((CGRect)View.Bounds);
webView.ShouldStartLoad = (wView, request, navType) =>
{
if (request == null)
{
return(true);
}
string requestUrlString = request.Url.ToString();
if (requestUrlString.StartsWith(BrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
DispatchQueue.MainQueue.DispatchAsync(() => CancelAuthentication(null, null));
requestUrlString = requestUrlString.Replace(BrokerConstants.BrowserExtPrefix, "https://");
DispatchQueue.MainQueue.DispatchAsync(
() => UIApplication.SharedApplication.OpenUrl(new NSUrl(requestUrlString)));
this.DismissViewController(true, null);
return(false);
}
if (requestUrlString.ToLower(CultureInfo.InvariantCulture).StartsWith(callback.ToLower(CultureInfo.InvariantCulture), StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(BrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
callbackMethod(new AuthorizationResult(AuthorizationStatus.Success, request.Url.ToString()));
this.DismissViewController(true, null);
return(false);
}
if (requestUrlString.StartsWith(BrokerConstants.DeviceAuthChallengeRedirect, StringComparison.CurrentCultureIgnoreCase))
{
Uri uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = PlatformPlugin.DeviceAuthHelper.CreateDeviceAuthChallengeResponse(keyPair).Result;
NSMutableUrlRequest newRequest = (NSMutableUrlRequest)request.MutableCopy();
newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
newRequest[BrokerConstants.ChallengeResponseHeader] = responseHeader;
wView.LoadRequest(newRequest);
return(false);
}
if (!request.Url.AbsoluteString.Equals("about:blank", StringComparison.CurrentCultureIgnoreCase) && !request.Url.Scheme.Equals("https", StringComparison.CurrentCultureIgnoreCase))
{
AuthorizationResult result = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
result.Error = AdalError.NonHttpsRedirectNotSupported;
result.ErrorDescription = AdalErrorMessage.NonHttpsRedirectNotSupported;
callbackMethod(result);
this.DismissViewController(true, null);
return(false);
}
return(true);
};
webView.LoadFinished += delegate
{
// If the title is too long, iOS automatically truncates it and adds ...
this.Title = webView.EvaluateJavascript(@"document.title") ?? "Sign in";
};
View.AddSubview(webView);
this.NavigationItem.LeftBarButtonItem = new UIBarButtonItem(UIBarButtonSystemItem.Cancel,
this.CancelAuthentication);
webView.LoadRequest(new NSUrlRequest(new NSUrl(this.url)));
// if this is false, page will be 'zoomed in' to normal size
//webView.ScalesPageToFit = true;
}
