public ClientKey(string clientId, ClientAssertion clientAssertion):this(clientId)
{
if (clientAssertion == null)
{
throw new ArgumentNullException("clientAssertion");
}
this.Assertion = clientAssertion;
this.HasCredential = true;
}
public async Task <AuthenticationResultProxy> AcquireTokenAsync(string resource, ClientAssertion clientAssertion, string userAssertion)
{
if (CallSync)
{
return(RunTask(() => this.context.AcquireToken(resource, clientAssertion, (userAssertion == null) ? null : new UserAssertion(userAssertion))));
}
return(await RunTaskAsync(this.context.AcquireTokenAsync(resource, clientAssertion, (userAssertion == null) ? null : new UserAssertion(userAssertion))));
}
public async Task <AuthenticationResultProxy> AcquireTokenByAuthorizationCodeAsync(string authorizationCode, Uri redirectUri, ClientAssertion credential, string resource)
{
if (CallSync)
{
return(RunTask(() => this.context.AcquireTokenByAuthorizationCode(authorizationCode, redirectUri, credential, resource)));
}
return(await RunTaskAsync(this.context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, redirectUri, credential, resource)));
}
public async Task <AuthenticationResultProxy> AcquireTokenSilentAsync(string resource, ClientAssertion clientAssertion, UserIdentifier userId)
{
if (CallSync)
{
return(RunTask(() => this.context.AcquireTokenSilent(resource, clientAssertion, userId)));
}
return(await RunTaskAsync(this.context.AcquireTokenSilentAsync(resource, clientAssertion, userId)));
}
public async Task <AuthenticationResultProxy> AcquireTokenByRefreshTokenAsync(string refreshToken, ClientAssertion credential, string resource)
{
if (CallSync)
{
return(RunTask(() => this.context.AcquireTokenByRefreshToken(refreshToken, credential, resource)));
}
return(await RunTaskAsync(this.context.AcquireTokenByRefreshTokenAsync(refreshToken, credential, resource)));
}
public async Task <string> GetAccessToken(string source, string path, string clientId, ClientAssertion assertion, string privateKey, string[] publicKeys)
{
_logger.LogInformation("Get access_token for {clientId} from {source}", clientId, source);
var jwtAssertion = _assertionService.CreateJwtAssertion(assertion, privateKey, publicKeys);
return(await DoGetAccessToken(source, path, clientId, jwtAssertion));
}
public async Task ConfidentialClientWithJwtTest()
{
var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache());
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler()
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(),
PostData = new Dictionary <string, string>()
{
{ "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" }
}
});
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler()
{
Method = HttpMethod.Post,
ResponseMessage = MockHelpers.CreateSuccessTokenResponseMessage(),
PostData = new Dictionary <string, string>()
{
{ "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" }
}
});
ClientAssertion assertion = new ClientAssertion(TestConstants.DefaultClientId, "some-assertion");
AuthenticationResult result = await context.AcquireTokenByAuthorizationCodeAsync("some-code", TestConstants.DefaultRedirectUri, assertion, TestConstants.DefaultResource);
Assert.IsNotNull(result.AccessToken);
result = await context.AcquireTokenByAuthorizationCodeAsync("some-code", TestConstants.DefaultRedirectUri, assertion, null);
Assert.IsNotNull(result.AccessToken);
try
{
await context.AcquireTokenByAuthorizationCodeAsync(string.Empty, TestConstants.DefaultRedirectUri, assertion, TestConstants.DefaultResource);
}
catch (ArgumentNullException exc)
{
Assert.AreEqual(exc.ParamName, "authorizationCode");
}
try
{
await context.AcquireTokenByAuthorizationCodeAsync(null, TestConstants.DefaultRedirectUri, assertion, TestConstants.DefaultResource);
}
catch (ArgumentNullException exc)
{
Assert.AreEqual(exc.ParamName, "authorizationCode");
}
try
{
await context.AcquireTokenByAuthorizationCodeAsync("some-code", null, assertion, TestConstants.DefaultResource);
}
catch (ArgumentNullException exc)
{
Assert.AreEqual(exc.ParamName, "redirectUri");
}
try
{
await context.AcquireTokenByAuthorizationCodeAsync("some-code", TestConstants.DefaultRedirectUri, (ClientAssertion)null, TestConstants.DefaultResource);
}
catch (ArgumentNullException exc)
{
Assert.AreEqual(exc.ParamName, "clientAssertion");
}
}
public async Task <AuthenticationResultProxy> AcquireTokenAsync(string resource, ClientAssertion credential)
{
return(await RunTaskAsync(this.context.AcquireTokenAsync(resource, credential)));
}
/// <summary>
/// Acquires security token without asking for user credential.
/// </summary>
/// <param name="resource">Identifier of the target resource that is the recipient of the requested token.</param>
/// <param name="clientAssertion">The client assertion to use for token acquisition.</param>
/// <param name="userId">Identifier of the user token is requested for. This parameter can be <see cref="T:Microsoft.IdentityModel.Clients.ActiveDirectory.UserIdentifier" />.Any.</param>
/// <returns>It contains Access Token, Refresh Token and the Access Token's expiration time. If acquiring token without user credential is not possible, the method throws AdalException.</returns>
public async Task <IAuthenticationResultWrapper> AcquireTokenSilentAsync(string resource, ClientAssertion clientAssertion, UserIdentifier userId)
{
if (string.IsNullOrWhiteSpace(resource))
{
throw new ArgumentNullException(nameof(resource));
}
if (clientAssertion == null)
{
throw new ArgumentNullException(nameof(clientAssertion));
}
if (userId == null)
{
throw new ArgumentNullException(nameof(userId));
}
var result = await this.Context.AcquireTokenSilentAsync(resource, clientAssertion, userId).ConfigureAwait(false);
return(new AuthenticationResultWrapper(result));
}
/// <summary>
/// Acquires security token from the authority using an authorization code previously received.
/// This method does not lookup token cache, but stores the result in it, so it can be looked up using other methods such as <see cref="M:Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.AcquireTokenSilentAsync(System.String,System.String,Microsoft.IdentityModel.Clients.ActiveDirectory.UserIdentifier)" />.
/// </summary>
/// <param name="authorizationCode">The authorization code received from service authorization endpoint.</param>
/// <param name="redirectUri">The redirect address used for obtaining authorization code.</param>
/// <param name="clientAssertion">The client assertion to use for token acquisition.</param>
/// <param name="resource">Identifier of the target resource that is the recipient of the requested token. It can be null if provided earlier to acquire authorizationCode.</param>
/// <returns>It contains Access Token, Refresh Token and the Access Token's expiration time.</returns>
public async Task <IAuthenticationResultWrapper> AcquireTokenByAuthorizationCodeAsync(string authorizationCode, Uri redirectUri, ClientAssertion clientAssertion, string resource)
{
if (string.IsNullOrWhiteSpace(authorizationCode))
{
throw new ArgumentNullException(nameof(authorizationCode));
}
if (redirectUri == null)
{
throw new ArgumentNullException(nameof(redirectUri));
}
if (clientAssertion == null)
{
throw new ArgumentNullException(nameof(clientAssertion));
}
if (string.IsNullOrWhiteSpace(resource))
{
throw new ArgumentNullException(nameof(resource));
}
var result = await this.Context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, redirectUri, clientAssertion, resource).ConfigureAwait(false);
return(new AuthenticationResultWrapper(result));
}
