static void Main(string[] args) { Console.WriteLine("SharedTokenCache Browser v0.0.1"); Console.WriteLine("Shareware"); Console.WriteLine(); var credentials = new SharedTokenCacheCredential(); var accounts = credentials .Get <object>("_client") .Get <object>("_client") .Get <object>("UserTokenCache") .Get <object>("_accessor") // This object contains some interesting stuff .Get <IDictionary>("_accountCacheDictionary"); // Like an account dictionary try { // Need to access credentials for it to create the InMemoryTokenCache object credentials.GetToken(new TokenRequestContext()); } catch {} // It will cause an Exception if there is more than one in cache Console.WriteLine($"Found {accounts.Count} accounts in cache"); WriteDictionary(accounts.ToDictionary(x => x.Key.ToString(), x => AccountsCacheEntry.ToCacheEntry(x.Value))); }
public override Task <IAccessToken> Authenticate(AuthenticationParameters parameters, CancellationToken cancellationToken) { var silentParameters = parameters as SilentParameters; var onPremise = silentParameters.Environment.OnPremise; var tenantId = onPremise ? AdfsTenant : (string.Equals(parameters.TenantId, OrganizationsTenant, StringComparison.OrdinalIgnoreCase) ? null : parameters.TenantId); var resource = silentParameters.Environment.GetEndpoint(silentParameters.ResourceId) ?? silentParameters.ResourceId; var scopes = AuthenticationHelpers.GetScope(onPremise, resource); var authority = silentParameters.Environment.ActiveDirectoryAuthority; AzureSession.Instance.TryGetComponent(nameof(PowerShellTokenCache), out PowerShellTokenCache tokenCache); var options = new SharedTokenCacheCredentialOptions(tokenCache.TokenCache) { EnableGuestTenantAuthentication = true, ClientId = AuthenticationHelpers.PowerShellClientId, Username = silentParameters.UserId, AuthorityHost = new Uri(authority), TenantId = tenantId, }; var cacheCredential = new SharedTokenCacheCredential(options); var requestContext = new TokenRequestContext(scopes); var parametersLog = $"- TenantId:'{options.TenantId}', Scopes:'{string.Join(",", scopes)}', AuthorityHost:'{options.AuthorityHost}', UserId:'{silentParameters.UserId}'"; return(MsalAccessToken.GetAccessTokenAsync( nameof(SilentAuthenticator), parametersLog, cacheCredential, requestContext, cancellationToken, silentParameters.TenantId, silentParameters.UserId, silentParameters.HomeAccountId)); }
public async Task SilentAuthenticateWithBrokerAsync() { TokenCachePersistenceOptions persistenceOptions = new TokenCachePersistenceOptions(); // to fully manually verify the InteractiveBrowserCredential this test should be run both authenticating with a // school / organization account as well as a personal live account, i.e. a @outlook.com, @live.com, or @hotmail.com var cred = new InteractiveBrowserCredential(new InteractiveBrowserCredentialBrokerOptions { TokenCachePersistenceOptions = persistenceOptions }); AccessToken token = await cred.GetTokenAsync(new TokenRequestContext(new string[] { "https://vault.azure.net/.default" })).ConfigureAwait(false); Assert.NotNull(token.Token); var silentCred = new SharedTokenCacheCredential(new SharedTokenCacheCredentialBrokerOptions()); // The calls below this should be silent and not require user interaction token = await cred.GetTokenAsync(new TokenRequestContext(new string[] { "https://vault.azure.net/.default" })).ConfigureAwait(false); Assert.NotNull(token.Token); token = await cred.GetTokenAsync(new TokenRequestContext(new string[] { "https://management.core.windows.net//.default" })).ConfigureAwait(false); Assert.NotNull(token.Token); }
public void RespectsIsPIILoggingEnabled([Values(true, false)] bool isLoggingPIIEnabled) { var credential = new SharedTokenCacheCredential(new SharedTokenCacheCredentialOptions { IsLoggingPIIEnabled = isLoggingPIIEnabled }); Assert.NotNull(credential.Client); Assert.AreEqual(isLoggingPIIEnabled, credential.Client.IsPiiLoggingEnabled); }
public void ValidateClientIdSetOnMsalClient() { var clientId = Guid.NewGuid().ToString(); var credential = new SharedTokenCacheCredential(new SharedTokenCacheCredentialOptions { ClientId = clientId }); Assert.AreEqual(clientId, credential.Client.ClientId); }