public void AcquireToken(IDictionary <string, string> brokerPayload)
{
if (brokerPayload.ContainsKey(BrokerParameter.BrokerInstallUrl))
{
string url = brokerPayload[BrokerParameter.BrokerInstallUrl];
Uri uri = new Uri(url);
string query = uri.Query;
if (query.StartsWith("?"))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = EncodingHelper.ParseKeyValueList(query, '&', true, false, null);
PlatformParameters pp = PlatformParameters as PlatformParameters;
pp.CallerActivity.StartActivity(new Intent(Intent.ActionView, Android.Net.Uri.Parse(keyPair["app_link"])));
throw new AdalException(AdalErrorAndroidEx.BrokerApplicationRequired, AdalErrorMessageAndroidEx.BrokerApplicationRequired);
}
Context mContext = Application.Context;
AuthenticationRequest request = new AuthenticationRequest(brokerPayload);
PlatformParameters platformParams = PlatformParameters as PlatformParameters;
// BROKER flow intercepts here
// cache and refresh call happens through the authenticator service
if (mBrokerProxy.VerifyUser(request.LoginHint,
request.UserId))
{
var msg = "It switched to broker for context: " + mContext.PackageName;
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
request.BrokerAccountName = request.LoginHint;
// Don't send background request, if prompt flag is always or
// refresh_session
bool hasAccountNameOrUserId = !string.IsNullOrEmpty(request.BrokerAccountName) || !string.IsNullOrEmpty(request.UserId);
if (string.IsNullOrEmpty(request.Claims) && hasAccountNameOrUserId)
{
msg = "User is specified for background token request";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
resultEx = mBrokerProxy.GetAuthTokenInBackground(request, platformParams.CallerActivity);
}
else
{
msg = "User is not specified for background token request";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
}
if (resultEx != null && resultEx.Result != null && !string.IsNullOrEmpty(resultEx.Result.AccessToken))
{
msg = "Token is returned from background call";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
readyForResponse.Release();
return;
}
// Launch broker activity
// if cache and refresh request is not handled.
// Initial request to authenticator needs to launch activity to
// record calling uid for the account. This happens for Prompt auto
// or always behavior.
msg = "Token is not returned from backgroud call";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
// Only happens with callback since silent call does not show UI
msg = "Launch activity for Authenticator";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
msg = "Starting Authentication Activity";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
if (resultEx == null)
{
msg = "Initial request to authenticator";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
// Log the initial request but not force a prompt
}
if (brokerPayload.ContainsKey(BrokerParameter.SilentBrokerFlow))
{
throw new AdalSilentTokenAcquisitionException();
}
// onActivityResult will receive the response
// Activity needs to launch to record calling app for this
// account
Intent brokerIntent = mBrokerProxy.GetIntentForBrokerActivity(request, platformParams.CallerActivity);
if (brokerIntent != null)
{
try
{
msg = "Calling activity pid:" + Android.OS.Process.MyPid()
+ " tid:" + Android.OS.Process.MyTid() + "uid:"
+ Android.OS.Process.MyUid();
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
platformParams.CallerActivity.StartActivityForResult(brokerIntent, 1001);
}
catch (ActivityNotFoundException e)
{
CallState.Logger.Error(null, e);
CallState.Logger.ErrorPii(null, e);
}
}
}
else
{
throw new AdalException(AdalErrorAndroidEx.NoBrokerAccountFound, "Add requested account as a Workplace account via Settings->Accounts or set UseBroker=true.");
}
}
public AuthenticationResultEx GetAuthTokenInBackground(AuthenticationRequest request, Activity callerActivity)
{
AuthenticationResultEx authResult = null;
VerifyNotOnMainThread();
// if there is not any user added to account, it returns empty
Account targetAccount = null;
Account[] accountList = mAcctManager
.GetAccountsByType(BrokerConstants.BrokerAccountType);
if (!string.IsNullOrEmpty(request.BrokerAccountName))
{
targetAccount = FindAccount(request.BrokerAccountName, accountList);
}
else
{
try
{
UserInfo[] users = GetBrokerUsers();
UserInfo matchingUser = FindUserInfo(request.UserId, users);
if (matchingUser != null)
{
targetAccount = FindAccount(matchingUser.DisplayableId, accountList);
}
}
catch (Exception e)
{
CallState.Logger.Error(null, e);
CallState.Logger.ErrorPii(null, e);
}
}
if (targetAccount != null)
{
Bundle brokerOptions = GetBrokerOptions(request);
// blocking call to get token from cache or refresh request in
// background at Authenticator
IAccountManagerFuture result = null;
string msg;
try
{
// It does not expect activity to be launched.
// AuthenticatorService is handling the request at
// AccountManager.
//
result = mAcctManager.GetAuthToken(targetAccount,
BrokerConstants.AuthtokenType, brokerOptions, false,
null /*
* set to null to avoid callback
*/, new Handler(callerActivity.MainLooper));
// Making blocking request here
msg = "Received result from Authenticator";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
Bundle bundleResult = (Bundle)result.GetResult(10000, TimeUnit.Milliseconds);
// Authenticator should throw OperationCanceledException if
// token is not available
authResult = GetResultFromBrokerResponse(bundleResult);
}
catch (OperationCanceledException e)
{
CallState.Logger.Error(null, e);
CallState.Logger.ErrorPii(null, e);
}
catch (AuthenticatorException e)
{
CallState.Logger.Error(null, e);
CallState.Logger.ErrorPii(null, e);
}
catch (Exception e)
{
// Authenticator gets problem from webrequest or file read/write
/* Logger.e(TAG, "Authenticator cancels the request", "",
* ADALError.BROKER_AUTHENTICATOR_IO_EXCEPTION);*/
CallState.Logger.Error(null, e);
CallState.Logger.ErrorPii(null, e);
}
msg = "Returning result from Authenticator";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
return(authResult);
}
else
{
var msg = "Target account is not found";
CallState.Logger.Verbose(null, msg);
CallState.Logger.VerbosePii(null, msg);
}
return(null);
}
