public async Task BrokerSilentRequestTestExecutorAsync(bool brokerConfiguredByUser, bool brokerIsInstalledAndInvokable) { string brokerID = "*****@*****.**"; using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { // resul will be from the cache TokenCacheHelper.PopulateCache(harness.Cache.Accessor, TestConstants.Uid, TestConstants.Utid, TestConstants.ClientId, TestConstants.ProductionPrefCacheEnvironment, brokerID); IBroker mockBroker = Substitute.For <IBroker>(); mockBroker.IsBrokerInstalledAndInvokable().ReturnsForAnyArgs(brokerIsInstalledAndInvokable); harness.ServiceBundle.Config.BrokerCreatorFunc = (app, config, logger) => mockBroker; var parameters = harness.CreateRequestParams( harness.Cache, null, TestConstants.ExtraQueryParameters, null, authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityCommonTenant, false)); parameters.AppConfig.IsBrokerEnabled = brokerConfiguredByUser; var silentParameters = new AcquireTokenSilentParameters() { Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment), }; var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); var result = await request.RunAsync(default).ConfigureAwait(false);
private async Task RunPluginSelectionTestAsync(string inputAuthority, bool expectMsaPlugin) { // Arrange using (var harness = CreateTestHarness()) { _webAccountProviderFactory.ClearReceivedCalls(); var acc = new WebAccountProvider("id", "*****@*****.**", null); var requestParams = harness.CreateAuthenticationRequestParameters(inputAuthority); requestParams.Account = new Account( $"{TestConstants.Uid}.{TestConstants.Utid}", TestConstants.DisplayableId, null); var atsParams = new AcquireTokenSilentParameters(); _webAccountProviderFactory.GetAccountProviderAsync(null).ReturnsForAnyArgs(Task.FromResult(acc)); // Act var ex = await AssertException.TaskThrowsAsync <MsalUiRequiredException>( () => _wamBroker.AcquireTokenSilentAsync(requestParams, atsParams)).ConfigureAwait(false); // Assert Assert.AreEqual(MsalError.InteractionRequired, ex.ErrorCode); if (expectMsaPlugin) { await _webAccountProviderFactory.Received(1).GetAccountProviderAsync("consumers").ConfigureAwait(false); } else { await _webAccountProviderFactory.Received(1).GetAccountProviderAsync(inputAuthority).ConfigureAwait(false); } } }
public async Task <MsalTokenResponse> AcquireTokenSilentDefaultUserAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { using (_logger.LogMethodDuration()) { bool isMsa = await IsMsaRequestAsync( authenticationRequestParameters.Authority, null, IsMsaPassthrough(authenticationRequestParameters)).ConfigureAwait(false); IWamPlugin wamPlugin = isMsa ? _msaPlugin : _aadPlugin; WebAccountProvider provider = await GetProviderAsync( authenticationRequestParameters.Authority.AuthorityInfo.CanonicalAuthority, isMsa).ConfigureAwait(false); WebTokenRequest webTokenRequest = await wamPlugin.CreateWebTokenRequestAsync( provider, authenticationRequestParameters, isForceLoginPrompt : false, isAccountInWam : false, isInteractive : false) .ConfigureAwait(false); AddCommonParamsToRequest(authenticationRequestParameters, webTokenRequest); var wamResult = await _wamProxy.GetTokenSilentlyForDefaultAccountAsync(webTokenRequest).ConfigureAwait(false); return(CreateMsalTokenResponse(wamResult, wamPlugin, isInteractive: false)); } }
public void SilentRefreshFailedNoCacheItemFoundTest() { using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { var parameters = harness.CreateRequestParams( harness.Cache, ScopeHelper.CreateSortedSetFromEnumerable( new[] { "some-scope1", "some-scope2" }), authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityHomeTenant, false)); var silentParameters = new AcquireTokenSilentParameters() { Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment), }; try { var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Task <AuthenticationResult> task = request.RunAsync(CancellationToken.None); var authenticationResult = task.Result; Assert.Fail("MsalUiRequiredException should be thrown here"); } catch (AggregateException ae) { var exc = ae.InnerException as MsalUiRequiredException; Assert.IsNotNull(exc, "Actual exception type is " + ae.InnerException.GetType()); Assert.AreEqual(MsalError.NoTokensFoundError, exc.ErrorCode); } } }
public async Task <MsalTokenResponse> AcquireTokenSilentDefaultUserAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { var cancellationToken = authenticationRequestParameters.RequestContext.UserCancellationToken; MsalTokenResponse msalTokenResponse = null; _logger.Verbose("[WamBroker] Acquiring token silently for default account."); using (var core = new NativeInterop.Core()) using (var authParams = WamAdapters.GetCommonAuthParameters(authenticationRequestParameters, _wamOptions.MsaPassthrough)) { using (NativeInterop.AuthResult result = await core.SignInSilentlyAsync( authParams, authenticationRequestParameters.CorrelationId.ToString("D"), cancellationToken).ConfigureAwait(false)) { if (result.IsSuccess) { msalTokenResponse = WamAdapters.ParseRuntimeResponse(result, authenticationRequestParameters, _logger); } else { WamAdapters.ThrowExceptionFromWamError(result, authenticationRequestParameters, _logger); } } } return(msalTokenResponse); }
public async Task <AuthenticationResult> ExecuteAsync( AcquireTokenCommonParameters commonParameters, AcquireTokenSilentParameters silentParameters, CancellationToken cancellationToken) { //Since the AcquireTokenSilentParameterBuilder api is shared between public and confidential clients, //We need some way to validate that MSAL is not performing AcquireTokenSilent with POP on public clients without Broker if (commonParameters.PopAuthenticationConfiguration != null && ServiceBundle?.Config.IsBrokerEnabled == false && //Validates that we are not on CCA //TODO: Find a better way to determine this ServiceBundle?.Config.ClientCredential == null && commonParameters.OnBeforeTokenRequestHandler == null && ServiceBundle?.Config.AppTokenProvider == null ) { throw new MsalClientException(MsalError.BrokerRequiredForPop, MsalErrorMessage.BrokerRequiredForPop); } var requestContext = CreateRequestContextAndLogVersionInfo(commonParameters.CorrelationId, cancellationToken); var requestParameters = await _clientApplicationBase.CreateRequestParametersAsync( commonParameters, requestContext, _clientApplicationBase.UserTokenCacheInternal).ConfigureAwait(false); requestParameters.SendX5C = silentParameters.SendX5C ?? false; var handler = new SilentRequest(ServiceBundle, requestParameters, silentParameters); return(await handler.RunAsync(cancellationToken).ConfigureAwait(false)); }
public SilentRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters silentParameters) : base(serviceBundle, authenticationRequestParameters, silentParameters) { _silentParameters = silentParameters; }
public Task <AuthenticationResult> ExecuteAsync( AcquireTokenCommonParameters commonParameters, AcquireTokenSilentParameters silentParameters, CancellationToken cancellationToken) { return(ExecuteMatsAsync( commonParameters, async() => await _executor.ExecuteAsync(commonParameters, silentParameters, cancellationToken).ConfigureAwait(false))); }
private async Task <IAccount> GetAccountFromParamsOrLoginHintAsync(AcquireTokenSilentParameters silentParameters) { if (silentParameters.Account != null) { return(silentParameters.Account); } return(await GetSingleAccountForLoginHintAsync(silentParameters.LoginHint).ConfigureAwait(false)); }
public async Task ATS_AccountMatchingInWAM_MatchingHomeAccId_Async() { string homeAccId = $"{TestConstants.Uid}.{TestConstants.Utid}"; // Arrange using (var harness = CreateTestHarness()) { var wamAccountProvider = new WebAccountProvider("id", "*****@*****.**", null); var requestParams = harness.CreateAuthenticationRequestParameters(TestConstants.AuthorityConsumerTidTenant); // MSA var webAccount = new WebAccount(wamAccountProvider, "*****@*****.**", WebAccountState.Connected); IReadOnlyList <WebAccount> webAccounts = new List <WebAccount>() { webAccount }; var webTokenRequest = new WebTokenRequest(wamAccountProvider); var webTokenResponseWrapper = Substitute.For <IWebTokenRequestResultWrapper>(); webTokenResponseWrapper.ResponseStatus.Returns(WebTokenRequestStatus.Success); var webTokenResponse = new WebTokenResponse(); webTokenResponseWrapper.ResponseData.Returns(new List <WebTokenResponse>() { webTokenResponse }); _wamProxy.FindAllWebAccountsAsync(wamAccountProvider, TestConstants.ClientId).Returns(Task.FromResult(webAccounts)); // WAM can give MSAL the home account ID of a Wam account, which MSAL matches to a WAM account _msaPlugin.GetHomeAccountIdOrNull(webAccount).Returns(homeAccId); _msaPlugin.CreateWebTokenRequestAsync( wamAccountProvider, requestParams, isForceLoginPrompt: false, isAccountInWam: true, isInteractive: false) .Returns(Task.FromResult(webTokenRequest)); requestParams.Account = new Account( homeAccId, // matching in on home acc id "*****@*****.**", // matching is not on UPN null); // account does not have wam_id, might be coming directly from WAM var atsParams = new AcquireTokenSilentParameters(); _webAccountProviderFactory.GetAccountProviderAsync(null).ReturnsForAnyArgs(Task.FromResult(wamAccountProvider)); _wamProxy.GetTokenSilentlyAsync(webAccount, webTokenRequest). Returns(Task.FromResult(webTokenResponseWrapper)); _msaPlugin.ParseSuccesfullWamResponse(webTokenResponse).Returns(_msalTokenResponse); // Act var result = await _wamBroker.AcquireTokenSilentAsync(requestParams, atsParams).ConfigureAwait(false); // Assert Assert.AreSame(_msalTokenResponse, result); } }
public async Task <MsalTokenResponse> AcquireTokenSilentAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { using (_logger.LogMethodDuration()) { // Important: MSAL will have already resolved the authority by now, // so we are not expecting "common" or "organizations" but a tenanted authority bool isMsa = IsMsaRequest( authenticationRequestParameters.Authority, null, IsMsaPassthrough(authenticationRequestParameters)); IWamPlugin wamPlugin = isMsa ? _msaPlugin : _aadPlugin; WebAccountProvider provider; if (isMsa) { provider = await _webAccountProviderFactory.GetAccountProviderAsync("consumers").ConfigureAwait(false); } else { provider = await _webAccountProviderFactory.GetAccountProviderAsync(authenticationRequestParameters.Authority.AuthorityInfo.CanonicalAuthority) .ConfigureAwait(false); } WebAccount webAccount = await FindWamAccountForMsalAccountAsync( provider, wamPlugin, authenticationRequestParameters.Account, null, // ATS requires an account object, login_hint is not supported on its own authenticationRequestParameters.ClientId).ConfigureAwait(false); if (webAccount == null) { throw new MsalUiRequiredException( MsalError.InteractionRequired, "Could not find a WAM account for the silent request."); } WebTokenRequest webTokenRequest = await wamPlugin.CreateWebTokenRequestAsync( provider, authenticationRequestParameters, isForceLoginPrompt : false, isAccountInWam : true, isInteractive : false) .ConfigureAwait(false); AddCommonParamsToRequest(authenticationRequestParameters, webTokenRequest); var wamResult = await _wamProxy.GetTokenSilentlyAsync(webAccount, webTokenRequest).ConfigureAwait(false); return(CreateMsalTokenResponse(wamResult, wamPlugin, isInteractive: false)); } }
/// <summary> /// Android Broker does not support logging in a "default" user. /// </summary> public Task <MsalTokenResponse> AcquireTokenSilentDefaultUserAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { throw new MsalUiRequiredException( MsalError.CurrentBrokerAccount, MsalErrorMessage.MsalUiRequiredMessage, null, UiRequiredExceptionClassification.AcquireTokenSilentFailed); }
public async Task <MsalTokenResponse> AcquireTokenSilentAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { await InitiateBrokerHandShakeAsync().ConfigureAwait(false); BrokerRequest brokerRequest = BrokerRequest.FromSilentParameters( authenticationRequestParameters, acquireTokenSilentParameters); return(await AcquireTokenSilentInternalAsync(brokerRequest).ConfigureAwait(false)); }
internal BrokerSilentRequest( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters, IServiceBundle serviceBundle, IBroker broker) { _authenticationRequestParameters = authenticationRequestParameters; _silentParameters = acquireTokenSilentParameters; _serviceBundle = serviceBundle; Broker = broker; }
public SilentClientAuthStretegy( SilentRequest request, IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters silentParameters) { AuthenticationRequestParameters = authenticationRequestParameters; _silentParameters = silentParameters; ServiceBundle = serviceBundle; _silentRequest = request; }
public async Task <MsalTokenResponse> AcquireTokenSilentDefaultUserAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { using (_logger.LogMethodDuration()) { var defaultAccountProvider = await _webAccountProviderFactory.GetDefaultProviderAsync().ConfigureAwait(false); if (defaultAccountProvider == null) { throw new MsalUiRequiredException( MsalError.InteractionRequired, "A default account was not found"); } // special case: passthrough + default MSA account. Need to use the transfer token protocol. if (_wamOptions.MsaPassthrough && _webAccountProviderFactory.IsConsumerProvider(defaultAccountProvider)) { return(await AcquireTokenSilentDefaultUserPassthroughAsync(authenticationRequestParameters, defaultAccountProvider).ConfigureAwait(false)); } bool isMsa = await IsMsaRequestAsync( authenticationRequestParameters.Authority, null, _wamOptions.MsaPassthrough).ConfigureAwait(false); IWamPlugin wamPlugin = isMsa ? _msaPlugin : _aadPlugin; WebAccountProvider provider = await GetProviderAsync( authenticationRequestParameters.Authority.AuthorityInfo.CanonicalAuthority, isMsa).ConfigureAwait(false); WebTokenRequest webTokenRequest = await wamPlugin.CreateWebTokenRequestAsync( provider, authenticationRequestParameters, isForceLoginPrompt : false, isAccountInWam : false, isInteractive : false) .ConfigureAwait(false); WamAdapters.AddMsalParamsToRequest(authenticationRequestParameters, webTokenRequest, _logger); var wamResult = await _wamProxy.GetTokenSilentlyForDefaultAccountAsync(webTokenRequest).ConfigureAwait(false); return(WamAdapters.CreateMsalResponseFromWamResponse( wamResult, wamPlugin, authenticationRequestParameters.AppConfig.ClientId, _logger, isInteractive: false)); } }
public async Task ExpiredTokenRefreshFlowTestAsync() { IDictionary <string, string> extraQueryParamsAndClaims = TestConstants.s_extraQueryParams.ToDictionary(e => e.Key, e => e.Value); extraQueryParamsAndClaims.Add(OAuth2Parameter.Claims, TestConstants.Claims); using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { _tokenCacheHelper.PopulateCache(harness.Cache.Accessor); var parameters = harness.CreateRequestParams( harness.Cache, null, TestConstants.s_extraQueryParams, TestConstants.Claims, authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityHomeTenant, false)); var silentParameters = new AcquireTokenSilentParameters() { Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment), }; // set access tokens as expired foreach (var accessItem in (await harness.Cache.GetAllAccessTokensAsync(true).ConfigureAwait(false))) { accessItem.ExpiresOnUnixTimestamp = ((long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds) .ToString(CultureInfo.InvariantCulture); harness.Cache.AddAccessTokenCacheItem(accessItem); } TestCommon.MockInstanceDiscoveryAndOpenIdRequest(harness.HttpManager); harness.HttpManager.AddMockHandler( new MockHttpMessageHandler() { ExpectedMethod = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), ExpectedQueryParams = extraQueryParamsAndClaims }); var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Task <AuthenticationResult> task = request.RunAsync(CancellationToken.None); var result = task.Result; Assert.IsNotNull(result); Assert.AreEqual("some-access-token", result.AccessToken); Assert.AreEqual(TestConstants.s_scope.AsSingleString(), result.Scopes.AsSingleString()); } }
public SilentBrokerAuthStrategy( SilentRequest request, IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters silentParameters, IBroker broker) { _authenticationRequestParameters = authenticationRequestParameters; _silentParameters = silentParameters; _serviceBundle = serviceBundle; _silentRequest = request; Broker = broker; _logger = authenticationRequestParameters.RequestContext.Logger; }
public BrokerSilentStrategy( SilentRequest request, IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters silentParameters, IBroker broker) { _authenticationRequestParameters = authenticationRequestParameters; _silentParameters = silentParameters; _serviceBundle = serviceBundle; _silentRequest = request; Broker = broker ?? throw new ArgumentNullException(nameof(broker)); _logger = authenticationRequestParameters.RequestContext.Logger; }
public async Task <MsalTokenResponse> AcquireTokenSilentAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { var cancellationToken = authenticationRequestParameters.RequestContext.UserCancellationToken; MsalTokenResponse msalTokenResponse = null; _logger.Verbose("[WamBroker] Acquiring token silently."); using (var core = new NativeInterop.Core()) using (var authParams = WamAdapters.GetCommonAuthParameters(authenticationRequestParameters, _wamOptions.MsaPassthrough)) { using (var account = await core.ReadAccountByIdAsync( acquireTokenSilentParameters.Account.HomeAccountId.ObjectId, authenticationRequestParameters.CorrelationId.ToString("D"), cancellationToken).ConfigureAwait(false)) { if (account == null) { _logger.WarningPii( $"Could not find a WAM account for the selected user {acquireTokenSilentParameters.Account.Username}", "Could not find a WAM account for the selected user"); throw new MsalUiRequiredException( "wam_no_account_for_id", $"Could not find a WAM account for the selected user {acquireTokenSilentParameters.Account.Username}"); } using (NativeInterop.AuthResult result = await core.AcquireTokenSilentlyAsync( authParams, authenticationRequestParameters.CorrelationId.ToString("D"), account, cancellationToken).ConfigureAwait(false)) { if (result.IsSuccess) { msalTokenResponse = WamAdapters.ParseRuntimeResponse(result, authenticationRequestParameters, _logger); } else { WamAdapters.ThrowExceptionFromWamError(result, authenticationRequestParameters, _logger); } } } } return(msalTokenResponse); }
public async Task <AuthenticationResult> ExecuteAsync( AcquireTokenCommonParameters commonParameters, AcquireTokenSilentParameters silentParameters, CancellationToken cancellationToken) { var requestContext = CreateRequestContextAndLogVersionInfo(commonParameters.TelemetryCorrelationId); var requestParameters = _clientApplicationBase.CreateRequestParameters( commonParameters, requestContext, _clientApplicationBase.UserTokenCacheInternal); var handler = new SilentRequest(ServiceBundle, requestParameters, silentParameters); return(await handler.RunAsync(cancellationToken).ConfigureAwait(false)); }
public void ConstructorTests() { using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { var parameters = harness.CreateRequestParams(harness.Cache, null); var silentParameters = new AcquireTokenSilentParameters(); var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Assert.IsNotNull(request); parameters.Account = new Account(TestConstants.s_userIdentifier, TestConstants.DisplayableId, null); request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Assert.IsNotNull(request); request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Assert.IsNotNull(request); } }
public async Task ATS_DefaultAccount_Async() { string homeAccId = $"{TestConstants.Uid}.{TestConstants.Utid}"; // Arrange using (var harness = CreateTestHarness()) { var wamAccountProvider = new WebAccountProvider("id", "*****@*****.**", null); var requestParams = harness.CreateAuthenticationRequestParameters(TestConstants.AuthorityHomeTenant); // AAD authority, no account var webTokenRequest = new WebTokenRequest(wamAccountProvider); var atsParams = new AcquireTokenSilentParameters(); _webAccountProviderFactory.GetAccountProviderAsync(null).ReturnsForAnyArgs(Task.FromResult(wamAccountProvider)); var webTokenResponseWrapper = Substitute.For <IWebTokenRequestResultWrapper>(); webTokenResponseWrapper.ResponseStatus.Returns(WebTokenRequestStatus.Success); var webTokenResponse = new WebTokenResponse(); webTokenResponseWrapper.ResponseData.Returns(new List <WebTokenResponse>() { webTokenResponse }); _aadPlugin.CreateWebTokenRequestAsync( wamAccountProvider, requestParams, isForceLoginPrompt: false, isAccountInWam: false, isInteractive: false) .Returns(Task.FromResult(webTokenRequest)); _wamProxy.GetTokenSilentlyForDefaultAccountAsync(webTokenRequest). Returns(Task.FromResult(webTokenResponseWrapper)); _aadPlugin.ParseSuccesfullWamResponse(webTokenResponse).Returns(_msalTokenResponse); // Act var result = await _wamBroker.AcquireTokenSilentDefaultUserAsync(requestParams, atsParams).ConfigureAwait(false); // Assert Assert.AreSame(_msalTokenResponse, result); await _aadPlugin.Received(1).CreateWebTokenRequestAsync(wamAccountProvider, requestParams, isForceLoginPrompt: false, isAccountInWam: false, isInteractive: false).ConfigureAwait(false); } }
public void BrokerSilentRequestBrokerRequiredTestAsync() { IDictionary <string, string> extraQueryParamsAndClaims = TestConstants.s_extraQueryParams.ToDictionary(e => e.Key, e => e.Value); extraQueryParamsAndClaims.Add(OAuth2Parameter.Claims, TestConstants.Claims); using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { _tokenCacheHelper.PopulateCache(harness.Cache.Accessor); harness.ServiceBundle.PlatformProxy.SetBrokerForTest(CreateMockBroker()); var parameters = harness.CreateRequestParams( harness.Cache, null, TestConstants.s_extraQueryParams, TestConstants.Claims, authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityHomeTenant, false)); parameters.IsBrokerEnabled = false; var silentParameters = new AcquireTokenSilentParameters() { Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment), }; TestCommon.MockInstanceDiscoveryAndOpenIdRequest(harness.HttpManager); harness.HttpManager.AddMockHandler( new MockHttpMessageHandler() { ExpectedMethod = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), ExpectedQueryParams = extraQueryParamsAndClaims }); var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Task <AuthenticationResult> task = request.RunAsync(CancellationToken.None); var result = task.Result; Assert.IsNotNull(result); Assert.AreEqual("some-access-token", result.AccessToken); Assert.AreEqual(TestConstants.s_scope.AsSingleString(), result.Scopes.AsSingleString()); } }
public static BrokerRequest FromSilentParameters( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { BrokerRequest br = FromAuthenticationParameters(authenticationRequestParameters); #pragma warning disable CA1305 // Specify IFormatProvider br.ForceRefresh = acquireTokenSilentParameters.ForceRefresh.ToString(); #pragma warning restore CA1305 // Specify IFormatProvider br.UserName = !string.IsNullOrEmpty(acquireTokenSilentParameters.Account?.Username) ? acquireTokenSilentParameters.Account?.Username : acquireTokenSilentParameters.LoginHint; br.HomeAccountId = acquireTokenSilentParameters.Account?.HomeAccountId?.Identifier; br.LocalAccountId = acquireTokenSilentParameters.Account?.HomeAccountId?.ObjectId; return(br); }
public SilentRequest( IServiceBundle serviceBundle, AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters silentParameters, ISilentAuthRequestStrategy clientStrategyOverride = null, ISilentAuthRequestStrategy brokerStrategyOverride = null) : base(serviceBundle, authenticationRequestParameters, silentParameters) { _silentParameters = silentParameters; _brokerStrategyLazy = new Lazy <ISilentAuthRequestStrategy>(() => brokerStrategyOverride ?? new BrokerSilentStrategy(this, serviceBundle, authenticationRequestParameters, silentParameters, serviceBundle.PlatformProxy.CreateBroker(null))); _clientStrategy = clientStrategyOverride ?? new CacheSilentStrategy(this, serviceBundle, authenticationRequestParameters, silentParameters); _logger = authenticationRequestParameters.RequestContext.Logger; }
public void ExpiredTokenRefreshFlowTest() { using (var harness = new MockHttpTestHarness(TestConstants.AuthorityHomeTenant)) { TokenCacheHelper.PopulateCache(harness.Cache.Accessor); var parameters = harness.CreateRequestParams( harness.Cache, null, TestConstants.ExtraQueryParameters, TestConstants.Claims, authorityOverride: AuthorityInfo.FromAuthorityUri(TestConstants.AuthorityHomeTenant, false)); var silentParameters = new AcquireTokenSilentParameters() { Account = new Account(TestConstants.HomeAccountId, TestConstants.DisplayableId, TestConstants.ProductionPrefCacheEnvironment), }; TokenCacheHelper.ExpireAllAccessTokens(harness.Cache); harness.HttpManager.AddInstanceDiscoveryMockHandler(); harness.HttpManager.AddMockHandler( new MockHttpMessageHandler() { ExpectedMethod = HttpMethod.Post, ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(), ExpectedQueryParams = TestConstants.ExtraQueryParameters, ExpectedPostData = new Dictionary <string, string>() { { OAuth2Parameter.Claims, TestConstants.Claims } } }); var request = new SilentRequest(harness.ServiceBundle, parameters, silentParameters); Task <AuthenticationResult> task = request.RunAsync(CancellationToken.None); var result = task.Result; Assert.IsNotNull(result); Assert.AreEqual("some-access-token", result.AccessToken); Assert.AreEqual(TestConstants.s_scope.AsSingleString(), result.Scopes.AsSingleString()); } }
private MockHttpAndServiceBundle CreateBrokerHelper() { MockHttpAndServiceBundle harness = CreateTestHarness(); _parameters = harness.CreateAuthenticationRequestParameters( TestConstants.AuthorityHomeTenant, TestConstants.s_scope, new TokenCache(harness.ServiceBundle, false), extraQueryParameters: TestConstants.ExtraQueryParameters, claims: TestConstants.Claims); _parameters.IsBrokerConfigured = true; AcquireTokenInteractiveParameters interactiveParameters = new AcquireTokenInteractiveParameters(); _acquireTokenSilentParameters = new AcquireTokenSilentParameters(); IBroker broker = harness.ServiceBundle.PlatformProxy.CreateBroker(null); _brokerInteractiveRequest = new BrokerInteractiveRequestComponent( _parameters, interactiveParameters, broker, "install_url"); _brokerSilentAuthStrategy = new SilentBrokerAuthStrategy( new SilentRequest(harness.ServiceBundle, _parameters, _acquireTokenSilentParameters), harness.ServiceBundle, _parameters, _acquireTokenSilentParameters, broker); _brokerHttpResponse = new HttpResponse(); _brokerHttpResponse.Body = "SomeBody"; _brokerHttpResponse.StatusCode = HttpStatusCode.Unauthorized; _brokerHttpResponse.Headers = new HttpResponseMessage().Headers; return(harness); }
public async Task <MsalTokenResponse> AcquireTokenSilentAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { CheckPowerOptimizationStatus(); BrokerRequest brokerRequest = BrokerRequest.FromSilentParameters( authenticationRequestParameters, acquireTokenSilentParameters); try { await InitiateBrokerHandshakeAsync().ConfigureAwait(false); return(await AcquireTokenSilentViaBrokerAsync(brokerRequest).ConfigureAwait(false)); } catch (Exception ex) { _logger.ErrorPiiWithPrefix(ex, "[Android broker] Android broker silent invocation failed. "); _brokerHelper.HandleBrokerOperationError(ex); throw; } }
public async Task <MsalTokenResponse> AcquireTokenSilentAsync( AuthenticationRequestParameters authenticationRequestParameters, AcquireTokenSilentParameters acquireTokenSilentParameters) { BrokerRequest brokerRequest = BrokerRequest.FromSilentParameters( authenticationRequestParameters, acquireTokenSilentParameters); try { await _brokerHelper.InitiateBrokerHandshakeAsync(_parentActivity).ConfigureAwait(false); var androidBrokerTokenResponse = await AcquireTokenSilentViaBrokerAsync(brokerRequest).ConfigureAwait(false); return(androidBrokerTokenResponse); } catch (Exception ex) { _logger.ErrorPiiWithPrefix(ex, "Android broker silent invocation failed. "); HandleBrokerOperationError(ex); throw; } }