/// <inheritdoc/>
public async Task <bool> SetCredentials(TargetUri targetUri, Credential credentials, string username)
{
if (targetUri is null)
{
throw new ArgumentNullException(nameof(targetUri));
}
if (credentials is null)
{
throw new ArgumentNullException(nameof(credentials));
}
Trace.WriteLine($"{credentials.Username} at {targetUri.QueryUri.AbsoluteUri}");
// If the Url doesn't contain a username then save with an explicit username.
if (!targetUri.TargetUriContainsUsername && (!string.IsNullOrWhiteSpace(username) ||
!string.IsNullOrWhiteSpace(credentials.Username)))
{
var realUsername = GetRealUsername(credentials, username);
Credential tempCredentials = new Credential(realUsername, credentials.Password);
if (tempCredentials.Username.Length > BaseSecureStore.UsernameMaxLength)
{
throw new ArgumentOutOfRangeException(nameof(tempCredentials.Username));
}
if (tempCredentials.Password.Length > BaseSecureStore.PasswordMaxLength)
{
throw new ArgumentOutOfRangeException(nameof(tempCredentials.Password));
}
await SetCredentials(targetUri.GetPerUserTargetUri(realUsername), tempCredentials, null);
}
return(await PersonalAccessTokenStore.WriteCredentials(targetUri, credentials));
}
/// <summary>
/// Prompt the user for authentication credentials.
/// </summary>
/// <param name="targetUri"></param>
/// <param name="username"></param>
/// <returns>a valid instance of <see cref="Credential"/> or null</returns>
public async Task <Credential> InteractiveLogon(TargetUri targetUri, string username)
{
if (string.IsNullOrWhiteSpace(username) || targetUri.TargetUriContainsUsername)
{
return(await InteractiveLogon(targetUri));
}
return(await InteractiveLogon(targetUri.GetPerUserTargetUri(username)));
}
/// <inheritdoc/>
public Credential GetCredentials(TargetUri targetUri, string username)
{
if (string.IsNullOrWhiteSpace(username) || targetUri.TargetUriContainsUsername)
{
return(GetCredentials(targetUri));
}
return(GetCredentials(targetUri.GetPerUserTargetUri(username)));
}
/// <inheritdoc/>
public async Task <Credential> GetCredentials(TargetUri targetUri, string username)
{
if (targetUri is null)
{
throw new ArgumentNullException(nameof(targetUri));
}
if (string.IsNullOrWhiteSpace(username) || targetUri.TargetUriContainsUsername)
{
return(await GetCredentials(targetUri));
}
return(await GetCredentials(targetUri.GetPerUserTargetUri(username)));
}
/// <inheritdoc/>
public void SetCredentials(TargetUri targetUri, Credential credentials, string username)
{
BaseSecureStore.ValidateTargetUri(targetUri);
BaseSecureStore.ValidateCredential(credentials);
Trace.WriteLine($"{credentials.Username} at {targetUri.ActualUri.AbsoluteUri}");
// if the url doesn't contain a username then save with an explicit username.
if (!targetUri.TargetUriContainsUsername && !string.IsNullOrWhiteSpace(username))
{
Credential tempCredentials = new Credential(username, credentials.Password);
SetCredentials(targetUri.GetPerUserTargetUri(username), tempCredentials, null);
}
PersonalAccessTokenStore.WriteCredentials(targetUri, credentials);
}
/// <inheritdoc/>
public override async Task <bool> SetCredentials(TargetUri targetUri, Credential credentials)
{
// This is only called from the `Store()` method so only applies to default host entries
// calling this from elsewhere may have unintended consequences, use
// `SetCredentials(targetUri, credentials, username)` instead.
// Only store the credentials as received if they match the uri and user of the existing
// default entry.
var currentCredentials = await GetCredentials(targetUri);
if (currentCredentials != null &&
currentCredentials.Username != null &&
!currentCredentials.Username.Equals(credentials.Username))
{
// Do nothing as the default is for another username and we don't want to overwrite it.
Trace.WriteLine($"skipping for {targetUri.QueryUri} new username {currentCredentials.Username} != {credentials.Username}");
return(false);
}
await SetCredentials(targetUri, credentials, null);
// `Store()` will not call with a username Url.
if (targetUri.TargetUriContainsUsername)
{
return(false);
}
// See if there is a matching personal refresh token.
var username = credentials.Username;
var userSpecificTargetUri = targetUri.GetPerUserTargetUri(username);
var userCredentials = await GetCredentials(userSpecificTargetUri, username);
if (userCredentials != null && userCredentials.Password.Equals(credentials.Password))
{
var userRefreshCredentials = await GetCredentials(GetRefreshTokenTargetUri(userSpecificTargetUri), username);
if (userRefreshCredentials != null)
{
Trace.WriteLine("OAuth RefreshToken");
var hostRefreshCredentials = new Credential(credentials.Username, userRefreshCredentials.Password);
await SetCredentials(GetRefreshTokenTargetUri(targetUri), hostRefreshCredentials, null);
}
}
return(true);
}
/// <inheritdoc/>
public async Task <Credential> ValidateCredentials(TargetUri targetUri, string username, Credential credentials)
{
if (targetUri is null)
{
throw new ArgumentNullException(nameof(targetUri));
}
if (credentials is null)
{
throw new ArgumentNullException(nameof(credentials));
}
TargetUri userSpecificTargetUri;
if (targetUri.TargetUriContainsUsername)
{
userSpecificTargetUri = targetUri;
}
else
{
userSpecificTargetUri = targetUri.GetPerUserTargetUri(username);
}
if (await BitbucketAuthority.ValidateCredentials(userSpecificTargetUri, username, credentials))
{
return(credentials);
}
var userSpecificRefreshCredentials = await GetCredentials(GetRefreshTokenTargetUri(userSpecificTargetUri), username);
// if there are refresh credentials it suggests it might be OAuth so we can try and
// refresh the access_token and try again.
if (userSpecificRefreshCredentials == null)
{
return(null);
}
Credential refreshedCredentials;
if ((refreshedCredentials = await RefreshCredentials(userSpecificTargetUri, userSpecificRefreshCredentials.Password, username ?? credentials.Username)) != null)
{
return(refreshedCredentials);
}
return(null);
}
/// <inheritdoc/>
public async Task <bool> SetCredentials(TargetUri targetUri, Credential credentials, string username)
{
BaseSecureStore.ValidateTargetUri(targetUri);
BaseSecureStore.ValidateCredential(credentials);
Trace.WriteLine($"{credentials.Username} at {targetUri.QueryUri.AbsoluteUri}");
// If the Url doesn't contain a username then save with an explicit username.
if (!targetUri.TargetUriContainsUsername && (!string.IsNullOrWhiteSpace(username) ||
!string.IsNullOrWhiteSpace(credentials.Username)))
{
var realUsername = GetRealUsername(credentials, username);
Credential tempCredentials = new Credential(realUsername, credentials.Password);
await SetCredentials(targetUri.GetPerUserTargetUri(realUsername), tempCredentials, null);
}
return(await PersonalAccessTokenStore.WriteCredentials(targetUri, credentials));
}
/// <inheritdoc/>
public override void SetCredentials(TargetUri targetUri, Credential credentials)
{
// this is only called from the store() method so only applies to default host entries
// calling this from elsewhere may have unintended consequences, use
// SetCredentials(targetUri, credentials, username) instead
// only store the credentials as received if they match the uri and user of the existing
// default entry
var currentCredentials = GetCredentials(targetUri);
if (currentCredentials != null && currentCredentials.Username != null && !currentCredentials.Username.Equals(credentials.Username))
{
// do nothing as the default is for another username and we don't want to overwrite it
Trace.WriteLine($"skipping for {targetUri.ActualUri} new username {currentCredentials.Username} != {credentials.Username}");
return;
}
SetCredentials(targetUri, credentials, null);
// Store() will not call with a username url
if (targetUri.TargetUriContainsUsername)
{
return;
}
// see if there is a matching personal refresh token
var username = credentials.Username;
var userSpecificTargetUri = targetUri.GetPerUserTargetUri(username);
var userCredentials = GetCredentials(userSpecificTargetUri, username);
if (userCredentials != null && userCredentials.Password.Equals(credentials.Password))
{
var userRefreshCredentials = GetCredentials(GetRefreshTokenTargetUri(userSpecificTargetUri), username);
if (userRefreshCredentials != null)
{
Trace.WriteLine("OAuth RefreshToken");
var hostRefreshCredentials = new Credential(credentials.Username, userRefreshCredentials.Password);
SetCredentials(GetRefreshTokenTargetUri(targetUri), hostRefreshCredentials, null);
}
}
}
public void VerifyGetPerUserTargetUriDoesNotDuplicateUsernameOnActualUri()
{
var credentialStore = new MockCredentialStore();
var bbAuth = new Authentication(RuntimeContext.Default, credentialStore, null, null);
var targetUri = new TargetUri("https://[email protected]");
var username = "******";
var resultUri = targetUri.GetPerUserTargetUri(username);
Assert.Equal("/", resultUri.AbsolutePath);
Assert.Equal("https://[email protected]/", resultUri.QueryUri.AbsoluteUri);
Assert.Equal("example.com", resultUri.DnsSafeHost);
Assert.Equal("example.com", resultUri.Host);
Assert.True(resultUri.IsAbsoluteUri);
Assert.True(resultUri.IsDefaultPort);
Assert.Equal(443, resultUri.Port);
Assert.Null(resultUri.ProxyUri);
Assert.Equal("https://[email protected]/", resultUri.QueryUri.AbsoluteUri);
Assert.Equal("https", resultUri.Scheme);
Assert.Equal("https://example.com/", resultUri.ToString(false, true, true));
}
public void VerifyGetPerUserTargetUriFormatsEmailUsernames()
{
var credentialStore = new MockCredentialStore();
var bbAuth = new Authentication(credentialStore, null, null);
var targetUri = new TargetUri("https://example.com");
var username = "******";
var resultUri = targetUri.GetPerUserTargetUri(username);
Assert.Equal("/", resultUri.AbsolutePath);
Assert.Equal("https://johnsquire%[email protected]/", resultUri.ActualUri.AbsoluteUri);
Assert.Equal("example.com", resultUri.DnsSafeHost);
Assert.Equal("example.com", resultUri.Host);
Assert.True(resultUri.IsAbsoluteUri);
Assert.True(resultUri.IsDefaultPort);
Assert.Equal(443, resultUri.Port);
Assert.Null(resultUri.ProxyUri);
Assert.Equal("https://johnsquire%[email protected]/", resultUri.QueryUri.AbsoluteUri);
Assert.Equal("https", resultUri.Scheme);
Assert.Equal(new WebProxy().Address, resultUri.WebProxy.Address);
Assert.Equal("https://example.com/", resultUri.ToString());
}
public void VerifyGetPerUserTargetUriDoesNotDuplicateUsernameOnActualUri()
{
var credentialStore = new MockCredentialStore();
var bbAuth = new Authentication(credentialStore, null, null);
var targetUri = new TargetUri("https://[email protected]");
var username = "******";
var resultUri = targetUri.GetPerUserTargetUri(username);
Assert.AreEqual("/", resultUri.AbsolutePath);
Assert.AreEqual("https://[email protected]/", resultUri.ActualUri.AbsoluteUri);
Assert.AreEqual("example.com", resultUri.DnsSafeHost);
Assert.AreEqual("example.com", resultUri.Host);
Assert.AreEqual(true, resultUri.IsAbsoluteUri);
Assert.AreEqual(true, resultUri.IsDefaultPort);
Assert.AreEqual(443, resultUri.Port);
Assert.AreEqual(null, resultUri.ProxyUri);
Assert.AreEqual("https://[email protected]/", resultUri.QueryUri.AbsoluteUri);
Assert.AreEqual("https", resultUri.Scheme);
Assert.AreEqual(new WebProxy().Address, resultUri.WebProxy.Address);
Assert.AreEqual("https://example.com/", resultUri.ToString());
}
