public static async Task <bool> SwitchToAccount(Account account)
{
if (account != null && account.UserId != null)
{
AuthStorageHelper.GetAuthStorageHelper().PersistCredentials(account);
RestClient client = SDKManager.GlobalClientManager.PeekRestClient();
if (client != null)
{
OAuth2.ClearCookies(account.GetLoginOptions());
IdentityResponse identity = await OAuth2.CallIdentityService(account.IdentityUrl, client);
if (identity != null)
{
account.UserId = identity.UserId;
account.UserName = identity.UserName;
account.Policy = identity.MobilePolicy;
AuthStorageHelper.GetAuthStorageHelper().PersistCredentials(account);
}
OAuth2.RefreshCookies();
PlatformAdapter.SendToCustomLogger("AccountManager.SwitchToAccount - done, result = true", LoggingLevel.Verbose);
return(true);
}
}
PlatformAdapter.SendToCustomLogger("AccountManager.SwitchToAccount - done, result = false", LoggingLevel.Verbose);
return(false);
}
private void CheckAccount(Account expectedAccount, bool exists)
{
AuthStorageHelper authStorageHelper = AuthStorageHelper.GetAuthStorageHelper();
TypeInfo auth = authStorageHelper.GetType().GetTypeInfo();
MethodInfo retrieve = auth.GetDeclaredMethod("RetrievePersistedCredentials");
var accounts = (Dictionary <string, Account>)retrieve.Invoke(authStorageHelper, null);
if (!exists)
{
Assert.IsFalse(accounts.ContainsKey(expectedAccount.UserName),
"Account " + expectedAccount.UserName + " should not have been found");
}
else
{
Assert.IsTrue(accounts.ContainsKey(expectedAccount.UserName),
"Account " + expectedAccount.UserName + " should exist");
Account account = accounts[expectedAccount.UserName];
Assert.AreEqual(expectedAccount.LoginUrl, account.LoginUrl);
Assert.AreEqual(expectedAccount.ClientId, account.ClientId);
Assert.AreEqual(expectedAccount.CallbackUrl, account.CallbackUrl);
Assert.AreEqual(expectedAccount.Scopes.Length, account.Scopes.Length);
Assert.AreEqual(expectedAccount.InstanceUrl, account.InstanceUrl);
Assert.AreEqual(expectedAccount.AccessToken, expectedAccount.AccessToken);
Assert.AreEqual(expectedAccount.RefreshToken, expectedAccount.RefreshToken);
}
}
/// <summary>
/// Async method for refreshing the token, persisting the data in the encrypted settings and returning the updated
/// account
/// with the new access token.
/// </summary>
/// <param name="account"></param>
/// <returns>Boolean based on if the refresh auth token succeeded or not</returns>
public static async Task <Account> RefreshAuthToken(Account account)
{
if (account != null)
{
try
{
AuthResponse response =
await RefreshAuthTokenRequest(account.GetLoginOptions(), account.RefreshToken);
account.AccessToken = response.AccessToken;
AuthStorageHelper.GetAuthStorageHelper().PersistCredentials(account);
}
catch (WebException ex)
{
PlatformAdapter.SendToCustomLogger(
"OAuth2.RefreshAuthToken - Exception occurred when refreshing token:", LoggingLevel.Critical);
PlatformAdapter.SendToCustomLogger(ex, LoggingLevel.Critical);
Debug.WriteLine("Error refreshing token");
throw new OAuthException(ex.Message, ex.Status);
}
catch (Exception ex)
{
PlatformAdapter.SendToCustomLogger(
"OAuth2.RefreshAuthToken - Exception occurred when refreshing token:", LoggingLevel.Critical);
PlatformAdapter.SendToCustomLogger(ex, LoggingLevel.Critical);
Debug.WriteLine("Error refreshing token");
throw new OAuthException(ex.Message, ex.InnerException);
}
}
return(account);
}
/// <summary>
/// This will return true if there is a master pincode set.
/// </summary>
/// <returns></returns>
public static bool IsPincodeSet()
{
bool result = AuthStorageHelper.GetAuthStorageHelper().RetrievePincode() != null;
PlatformAdapter.SendToCustomLogger(string.Format("AuthStorageHelper.IsPincodeSet - result = {0}", result), LoggingLevel.Verbose);
return(result);
}
/// <summary>
/// This will wipe out the pincode and associated data.
/// </summary>
public static void WipePincode()
{
AuthStorageHelper auth = AuthStorageHelper.GetAuthStorageHelper();
auth.DeletePincode();
auth.DeleteData(PinBackgroundedTimeKey);
auth.DeleteData(PincodeRequired);
PlatformAdapter.SendToCustomLogger("PincodeManager.WipePincode - Pincode wiped", LoggingLevel.Verbose);
}
/// <summary>
/// This method will launch the pincode screen if the policy requires it.
/// If determined that no pincode screen is required, the flag requiring the pincode will be cleared.
/// </summary>
public static async void LaunchPincodeScreen()
{
var frame = Window.Current.Content as Frame;
if (frame != null && typeof(PincodeDialog) != frame.SourcePageType)
{
await frame.Dispatcher.RunAsync(CoreDispatcherPriority.Normal, () =>
{
SDKServiceLocator.Get <ILoggingService>().Log(" Launching Pincode Screen", LoggingLevel.Information);
Account account = AccountManager.GetAccount();
if (account != null)
{
PincodeOptions options = null;
bool required = AuthStorageHelper.IsPincodeRequired();
if (account.Policy != null && !IsPincodeSet())
{
options = new PincodeOptions(PincodeOptions.PincodeScreen.Create, account, "");
}
else if (required)
{
MobilePolicy policy = AuthStorageHelper.GetMobilePolicy();
if (account.Policy != null)
{
if (policy.ScreenLockTimeout < account.Policy.ScreenLockTimeout)
{
policy.ScreenLockTimeout = account.Policy.ScreenLockTimeout;
AuthStorageHelper.GetAuthStorageHelper().PersistPincode(policy);
}
if (policy.PinLength < account.Policy.PinLength)
{
options = new PincodeOptions(PincodeOptions.PincodeScreen.Create, account, "");
}
else
{
options = new PincodeOptions(PincodeOptions.PincodeScreen.Locked, account, "");
}
}
else
{
options = new PincodeOptions(PincodeOptions.PincodeScreen.Locked, account, "");
}
}
if (options != null)
{
// As per MSDN documentation (https://msdn.microsoft.com/en-us/library/windows/apps/hh702394.aspx)
// the second param of Frame.Navigate must be a basic type otherwise Suspension manager will crash
// when serializing frame's state. So we serialize custom object using Json and pass that as the
// second param to avoid this crash.
frame.Navigate(typeof(PincodeDialog), PincodeOptions.ToJson(options));
}
}
});
}
}
public static void SavePinTimer()
{
MobilePolicy policy = GetMobilePolicy();
Account account = AccountManager.GetAccount();
if (account != null && policy != null && policy.ScreenLockTimeout > 0)
{
PlatformAdapter.SendToCustomLogger("AuthStorageHelper.SavePinTimer - saving pin timer", LoggingLevel.Verbose);
AuthStorageHelper.GetAuthStorageHelper()
.PersistData(true, PinBackgroundedTimeKey, DateTime.Now.ToUniversalTime().ToString());
}
}
/// <summary>
/// Returns the global mobile policy stored.
/// </summary>
/// <returns></returns>
public static MobilePolicy GetMobilePolicy()
{
string retrieved = AuthStorageHelper.GetAuthStorageHelper().RetrievePincode();
if (retrieved != null)
{
PlatformAdapter.SendToCustomLogger("AuthStorageHelper.GetMobilePolicy - returning retrieved policy", LoggingLevel.Verbose);
return(JsonConvert.DeserializeObject <MobilePolicy>(retrieved));
}
PlatformAdapter.SendToCustomLogger("AuthStorageHelper.GetMobilePolicy - No policy found", LoggingLevel.Verbose);
return(null);
}
/// <summary>
/// Stores the pincode and associated mobile policy information including pin length and screen lock timeout.
/// </summary>
/// <param name="policy"></param>
/// <param name="pincode"></param>
public static void StorePincode(MobilePolicy policy, string pincode)
{
string hashed = GenerateEncryptedPincode(pincode);
var mobilePolicy = new MobilePolicy
{
ScreenLockTimeout = policy.ScreenLockTimeout,
PinLength = policy.PinLength,
PincodeHash = Encryptor.Encrypt(hashed, pincode)
};
AuthStorageHelper.GetAuthStorageHelper().PersistPincode(mobilePolicy);
PlatformAdapter.SendToCustomLogger("AuthStorageHelper.StorePincode - Pincode stored", LoggingLevel.Verbose);
}
public void TestPersistRetrieveDeleteEncryptionSettings()
{
AuthStorageHelper authStorageHelper = AuthStorageHelper.GetAuthStorageHelper();
TypeInfo auth = authStorageHelper.GetType().GetTypeInfo();
MethodInfo persist = auth.GetDeclaredMethod("PersistEncryptionSettings");
MethodInfo delete = auth.GetDeclaredMethod("DeleteEncryptionSettings");
persist.Invoke(authStorageHelper, new object[] { Password, Salt });
CheckEncryptionSettings(true);
delete.Invoke(authStorageHelper, null);
CheckEncryptionSettings(false);
}
private void CheckEncryptionSettings(bool exists)
{
AuthStorageHelper authStorageHelper = AuthStorageHelper.GetAuthStorageHelper();
TypeInfo auth = authStorageHelper.GetType().GetTypeInfo();
MethodInfo tryRetrieve = auth.GetDeclaredMethod("TryRetrieveEncryptionSettings");
var parameters = new object[] { null, null };
var success = (bool)tryRetrieve.Invoke(authStorageHelper, parameters);
if (!exists)
{
Assert.IsFalse(success, "Encryption settings should not exist");
}
else
{
Assert.IsTrue(success, "Encryption settings should exist");
Assert.AreEqual(Password, parameters[0]);
Assert.AreEqual(Salt, parameters[1]);
}
}
public void TestPersistRetrieveDeleteCredentials()
{
var account = new Account("loginUrl", "clientId", "callbackUrl", new[] { "scopeA", "scopeB" }, "instanceUrl",
"identityUrl", "accessToken", "refreshToken");
account.UserId = "userId";
account.UserName = "******";
AuthStorageHelper authStorageHelper = AuthStorageHelper.GetAuthStorageHelper();
CheckAccount(account, false);
TypeInfo auth = authStorageHelper.GetType().GetTypeInfo();
MethodInfo persist = auth.GetDeclaredMethod("PersistCredentials");
MethodInfo delete =
auth.GetDeclaredMethods("DeletePersistedCredentials")
.First(method => method.GetParameters().Count() == 2);
persist.Invoke(authStorageHelper, new object[] { account });
CheckAccount(account, true);
delete.Invoke(authStorageHelper, new object[] { account.UserName, account.UserId });
CheckAccount(account, false);
}
/// <summary>
/// Create and persist Account for newly authenticated user
/// </summary>
/// <param name="loginOptions"></param>
/// <param name="authResponse"></param>
public static async Task <Account> CreateNewAccount(LoginOptions loginOptions, AuthResponse authResponse)
{
PlatformAdapter.SendToCustomLogger("AccountManager.CreateNewAccount - create account object", LoggingLevel.Verbose);
var account = new Account(loginOptions.LoginUrl, loginOptions.ClientId, loginOptions.CallbackUrl,
loginOptions.Scopes,
authResponse.InstanceUrl, authResponse.IdentityUrl, authResponse.AccessToken, authResponse.RefreshToken);
account.CommunityId = authResponse.CommunityId;
account.CommunityUrl = authResponse.CommunityUrl;
IdentityResponse identity = null;
try
{
var cm = new ClientManager();
cm.PeekRestClient();
identity = await OAuth2.CallIdentityService(authResponse.IdentityUrl, authResponse.AccessToken);
}
catch (JsonException ex)
{
PlatformAdapter.SendToCustomLogger(
"AccountManager.CreateNewAccount - Exception occurred when retrieving account identity:",
LoggingLevel.Critical);
PlatformAdapter.SendToCustomLogger(ex, LoggingLevel.Critical);
Debug.WriteLine("Error retrieving account identity");
}
if (identity != null)
{
account.UserId = identity.UserId;
account.UserName = identity.UserName;
account.Policy = identity.MobilePolicy;
AuthStorageHelper.GetAuthStorageHelper().PersistCredentials(account);
}
PlatformAdapter.SendToCustomLogger("AccountManager.CreateNewAccount - done", LoggingLevel.Verbose);
return(account);
}
/// <summary>
/// Validate the given pincode against the stored pincode.
/// </summary>
/// <param name="pincode">Pincode to validate</param>
/// <returns>True if pincode matches</returns>
public static bool ValidatePincode(string pincode)
{
string compare = GenerateEncryptedPincode(pincode);
try
{
string retrieved = AuthStorageHelper.GetAuthStorageHelper().RetrievePincode();
var policy = JsonConvert.DeserializeObject <MobilePolicy>(retrieved);
bool result = compare.Equals(Encryptor.Decrypt(policy.PincodeHash, pincode));
PlatformAdapter.SendToCustomLogger(string.Format("AuthStorageHelper.ValidatePincode - result = {0}", result), LoggingLevel.Verbose);
return(result);
}
catch (Exception ex)
{
PlatformAdapter.SendToCustomLogger("AuthStorageHelper.ValidatePincode - Exception occurred when validating pincode:", LoggingLevel.Critical);
PlatformAdapter.SendToCustomLogger(ex, LoggingLevel.Critical);
Debug.WriteLine("Error validating pincode");
}
return(false);
}
/// <summary>
/// Delete Account for currently authenticated user
/// </summary>
public static void DeleteAccount()
{
Account account = GetAccount();
AuthStorageHelper.GetAuthStorageHelper().DeletePersistedCredentials(account.UserName, account.UserId);
}
public Task PersistCurrentAccountAsync(Account account)
{
AuthStorageHelper.GetAuthStorageHelper().PersistCurrentCredentials(account);
return(Task.FromResult(0));
}
public void TestGetAuthStorageHelper()
{
AuthStorageHelper authStorageHelper = AuthStorageHelper.GetAuthStorageHelper();
Assert.IsNotNull(authStorageHelper);
}
public Account RetrieveCurrentAccount()
{
return(AuthStorageHelper.GetAuthStorageHelper().RetrieveCurrentAccount());
}
public Dictionary <string, Account> RetrieveAllPersistedAccounts()
{
return(AuthStorageHelper.GetAuthStorageHelper().RetrievePersistedCredentials());
}
public Task PersistCurrentPincodeAsync(Account account)
{
AuthStorageHelper.GetAuthStorageHelper().PersistPincode(account.Policy);
return(Task.FromResult(0));
}
public static void WipeAccounts()
{
AuthStorageHelper.GetAuthStorageHelper().DeletePersistedCredentials();
SwitchAccount();
}
public void DeletePersistedAccount(string userName, string userId)
{
AuthStorageHelper.GetAuthStorageHelper().DeletePersistedCredentials(userName, userId);
}
public void DeleteAllPersistedAccounts()
{
AuthStorageHelper.GetAuthStorageHelper().DeletePersistedCredentials();
}
