public IDictionary <string, JToken> Deserialize(byte[] bytes, bool clearExistingCacheData)
{
CacheSerializationContract cache;
try
{
cache = CacheSerializationContract.FromJsonString(CoreHelpers.ByteArrayToString(bytes));
}
catch (Exception ex)
{
throw new MsalClientException(MsalError.JsonParseError, MsalErrorMessage.TokenCacheJsonSerializerFailedParse, ex);
}
if (clearExistingCacheData)
{
_accessor.Clear();
}
if (cache.AccessTokens != null)
{
foreach (var atItem in cache.AccessTokens.Values)
{
_accessor.SaveAccessToken(atItem);
}
}
if (cache.RefreshTokens != null)
{
foreach (var rtItem in cache.RefreshTokens.Values)
{
_accessor.SaveRefreshToken(rtItem);
}
}
if (cache.IdTokens != null)
{
foreach (var idItem in cache.IdTokens.Values)
{
_accessor.SaveIdToken(idItem);
}
}
if (cache.Accounts != null)
{
foreach (var account in cache.Accounts.Values)
{
_accessor.SaveAccount(account);
}
}
if (cache.AppMetadata != null)
{
foreach (var appMetadata in cache.AppMetadata.Values)
{
_accessor.SaveAppMetadata(appMetadata);
}
}
return(cache.UnknownNodes);
}
public static void AddAccountToCache(ITokenCacheAccessor accessor, string uid, string utid)
{
MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem
(MsalTestConstants.ProductionPrefCacheEnvironment, null, MockHelpers.CreateClientInfo(uid, utid), null, null, utid, null, null);
accessor.SaveAccount(accountCacheItem);
}
public IDictionary <string, JToken> Deserialize(byte[] bytes, bool clearExistingCacheData)
{
List <KeyValuePair <string, IEnumerable <string> > > cacheKvpList;
try
{
cacheKvpList = JsonHelper.DeserializeFromJson <List <KeyValuePair <string, IEnumerable <string> > > >(bytes);
}
catch (Exception ex)
{
throw new MsalClientException(MsalError.JsonParseError, MsalErrorMessage.TokenCacheDictionarySerializerFailedParse, ex);
}
var cacheDict = cacheKvpList.ToDictionary(x => x.Key, x => x.Value);
if (clearExistingCacheData)
{
_accessor.Clear();
}
if (cacheKvpList == null || cacheKvpList.Count == 0)
{
return(null);
}
if (cacheDict.ContainsKey(AccessTokenKey))
{
foreach (var atItem in cacheDict[AccessTokenKey])
{
_accessor.SaveAccessToken(MsalAccessTokenCacheItem.FromJsonString(atItem));
}
}
if (cacheDict.ContainsKey(RefreshTokenKey))
{
foreach (var rtItem in cacheDict[RefreshTokenKey])
{
_accessor.SaveRefreshToken(MsalRefreshTokenCacheItem.FromJsonString(rtItem));
}
}
if (cacheDict.ContainsKey(IdTokenKey))
{
foreach (var idItem in cacheDict[IdTokenKey])
{
_accessor.SaveIdToken(MsalIdTokenCacheItem.FromJsonString(idItem));
}
}
if (cacheDict.ContainsKey(AccountKey))
{
foreach (var account in cacheDict[AccountKey])
{
_accessor.SaveAccount(MsalAccountCacheItem.FromJsonString(account));
}
}
return(null);
}
internal static (MsalAccessTokenCacheItem AT, MsalRefreshTokenCacheItem RT, MsalIdTokenCacheItem ID, MsalAccountCacheItem Account) PopulateCacheWithOneAccessToken(ITokenCacheAccessor accessor, bool randomizeClientInfo = false)
{
string uid = randomizeClientInfo ? Guid.NewGuid().ToString() : TestConstants.Uid;
string utid = randomizeClientInfo ? Guid.NewGuid().ToString() : TestConstants.Utid;
string clientInfo = MockHelpers.CreateClientInfo(uid, utid);
string homeAccountId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier();
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
TestConstants.ProductionPrefCacheEnvironment,
TestConstants.ClientId,
TestConstants.s_scope.AsSingleString(),
TestConstants.Utid,
"",
DateTimeOffset.UtcNow,
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
clientInfo,
homeAccountId);
// add access token
accessor.SaveAccessToken(atItem);
MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem(
TestConstants.ProductionPrefCacheEnvironment,
TestConstants.ClientId,
MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", TestConstants.DisplayableId),
clientInfo,
homeAccountId,
TestConstants.Utid);
accessor.SaveIdToken(idTokenCacheItem);
MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem(
TestConstants.ProductionPrefNetworkEnvironment,
null,
clientInfo,
homeAccountId,
null,
null,
TestConstants.Utid,
null,
null,
null);
accessor.SaveAccount(accountCacheItem);
var rt = AddRefreshTokenToCache(accessor, uid, utid);
return(atItem, rt, idTokenCacheItem, accountCacheItem);
}
internal static void PopulateCache(ITokenCacheAccessor accessor)
{
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
CoreTestConstants.ProductionPrefCacheEnvironment,
CoreTestConstants.ClientId,
"Bearer",
CoreTestConstants.Scope.AsSingleString(),
CoreTestConstants.Utid,
"",
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
MockHelpers.CreateClientInfo());
// add access token
accessor.SaveAccessToken(atItem);
MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem(
CoreTestConstants.ProductionPrefCacheEnvironment, CoreTestConstants.ClientId,
MockHelpers.CreateIdToken(CoreTestConstants.UniqueId + "more", CoreTestConstants.DisplayableId),
MockHelpers.CreateClientInfo(), CoreTestConstants.Utid);
accessor.SaveIdToken(idTokenCacheItem);
MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem
(CoreTestConstants.ProductionPrefNetworkEnvironment, null, MockHelpers.CreateClientInfo(), null, null, CoreTestConstants.Utid,
null, null);
accessor.SaveAccount(accountCacheItem);
atItem = new MsalAccessTokenCacheItem(
CoreTestConstants.ProductionPrefCacheEnvironment,
CoreTestConstants.ClientId,
"Bearer",
CoreTestConstants.ScopeForAnotherResource.AsSingleString(),
CoreTestConstants.Utid,
"",
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
MockHelpers.CreateClientInfo());
// add another access token
accessor.SaveAccessToken(atItem);
AddRefreshTokenToCache(accessor, CoreTestConstants.Uid, CoreTestConstants.Utid, CoreTestConstants.Name);
}
internal void PopulateCacheWithOneAccessToken(ITokenCacheAccessor accessor)
{
string clientInfo = MockHelpers.CreateClientInfo();
string homeAccountId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier();
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
TestConstants.ProductionPrefCacheEnvironment,
TestConstants.ClientId,
TestConstants.s_scope.AsSingleString(),
TestConstants.Utid,
"",
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
clientInfo,
homeAccountId);
// add access token
accessor.SaveAccessToken(atItem);
MsalIdTokenCacheItem idTokenCacheItem = new MsalIdTokenCacheItem(
TestConstants.ProductionPrefCacheEnvironment,
TestConstants.ClientId,
MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", TestConstants.DisplayableId),
clientInfo,
homeAccountId,
TestConstants.Utid);
accessor.SaveIdToken(idTokenCacheItem);
MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem(
TestConstants.ProductionPrefNetworkEnvironment,
null,
clientInfo,
homeAccountId,
null,
null,
TestConstants.Utid,
null,
null,
null);
accessor.SaveAccount(accountCacheItem);
AddRefreshTokenToCache(accessor, TestConstants.Uid, TestConstants.Utid);
}
public static void WriteMsalRefreshToken(ITokenCacheAccessor tokenCacheAccessor,
AdalResultWrapper resultWrapper, string authority, string clientId, string displayableId,
string givenName, string familyName, string objectId)
{
if (string.IsNullOrEmpty(resultWrapper.RawClientInfo))
{
MsalLogger.Default.Info("Client Info is missing. Skipping MSAL refresh token cache write");
return;
}
if (string.IsNullOrEmpty(resultWrapper.RefreshToken))
{
MsalLogger.Default.Info("Refresh Token is missing. Skipping MSAL refresh token cache write");
return;
}
if (string.IsNullOrEmpty(resultWrapper.Result.IdToken))
{
MsalLogger.Default.Info("Id Token is missing. Skipping MSAL refresh token cache write");
return;
}
try
{
var rtItem = new MsalRefreshTokenCacheItem
(new Uri(authority).Host, clientId, resultWrapper.RefreshToken, resultWrapper.RawClientInfo);
tokenCacheAccessor.SaveRefreshToken(rtItem);
MsalAccountCacheItem accountCacheItem = new MsalAccountCacheItem
(new Uri(authority).Host, objectId, resultWrapper.RawClientInfo, null, displayableId, resultWrapper.Result.TenantId,
givenName, familyName);
tokenCacheAccessor.SaveAccount(accountCacheItem);
}
catch (Exception ex)
{
MsalLogger.Default.WarningPiiWithPrefix(
ex,
"An error occurred while writing ADAL refresh token to the cache in MSAL format. "
+ "For details please see https://aka.ms/net-cache-persistence-errors. ");
}
}
internal void PopulateCache(
ITokenCacheAccessor accessor,
string uid = MsalTestConstants.Uid,
string utid = MsalTestConstants.Utid,
string clientId = MsalTestConstants.ClientId)
{
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
MsalTestConstants.ProductionPrefCacheEnvironment,
clientId,
MsalTestConstants.Scope.AsSingleString(),
utid,
"",
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
MockHelpers.CreateClientInfo(uid, utid));
// add access token
accessor.SaveAccessToken(atItem);
var idTokenCacheItem = new MsalIdTokenCacheItem(
MsalTestConstants.ProductionPrefCacheEnvironment,
clientId,
MockHelpers.CreateIdToken(MsalTestConstants.UniqueId + "more", MsalTestConstants.DisplayableId),
MockHelpers.CreateClientInfo(uid, utid),
utid);
accessor.SaveIdToken(idTokenCacheItem);
var accountCacheItem = new MsalAccountCacheItem(
MsalTestConstants.ProductionPrefCacheEnvironment,
null,
MockHelpers.CreateClientInfo(uid, utid),
null,
MsalTestConstants.DisplayableId,
utid,
null,
null);
accessor.SaveAccount(accountCacheItem);
atItem = new MsalAccessTokenCacheItem(
MsalTestConstants.ProductionPrefCacheEnvironment,
clientId,
MsalTestConstants.ScopeForAnotherResource.AsSingleString(),
utid,
"",
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn)),
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn)),
MockHelpers.CreateClientInfo(uid, utid));
// add another access token
accessor.SaveAccessToken(atItem);
AddRefreshTokenToCache(accessor, uid, utid, clientId);
var appMetadataItem = new MsalAppMetadataCacheItem(
clientId,
MsalTestConstants.ProductionPrefCacheEnvironment,
null);
accessor.SaveAppMetadata(appMetadataItem);
}
internal void PopulateCache(
ITokenCacheAccessor accessor,
string uid = TestConstants.Uid,
string utid = TestConstants.Utid,
string clientId = TestConstants.ClientId,
string environment = TestConstants.ProductionPrefCacheEnvironment,
string displayableId = TestConstants.DisplayableId,
string rtSecret = TestConstants.RTSecret,
string overridenScopes = null,
bool expiredAccessTokens = false,
bool addSecondAt = true)
{
string clientInfo = MockHelpers.CreateClientInfo(uid, utid);
string homeAccId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier();
var accessTokenExpiresOn = expiredAccessTokens ?
new DateTimeOffset(DateTime.UtcNow) :
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn));
var extendedAccessTokenExpiresOn = expiredAccessTokens ?
new DateTimeOffset(DateTime.UtcNow) :
new DateTimeOffset(DateTime.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn));
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
environment,
clientId,
overridenScopes ?? TestConstants.s_scope.AsSingleString(),
utid,
"",
accessTokenExpiresOn,
extendedAccessTokenExpiresOn,
clientInfo,
homeAccId);
// add access token
accessor.SaveAccessToken(atItem);
var idTokenCacheItem = new MsalIdTokenCacheItem(
environment,
clientId,
MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", displayableId),
clientInfo,
homeAccId,
tenantId: utid);
accessor.SaveIdToken(idTokenCacheItem);
// add another access token
if (addSecondAt)
{
atItem = new MsalAccessTokenCacheItem(
environment,
clientId,
TestConstants.s_scopeForAnotherResource.AsSingleString(),
utid,
"",
accessTokenExpiresOn,
extendedAccessTokenExpiresOn,
clientInfo,
homeAccId);
accessor.SaveAccessToken(atItem);
}
var accountCacheItem = new MsalAccountCacheItem(
environment,
null,
clientInfo,
homeAccId,
null,
displayableId,
utid,
null,
null);
accessor.SaveAccount(accountCacheItem);
AddRefreshTokenToCache(accessor, uid, utid, clientId, environment, rtSecret);
var appMetadataItem = new MsalAppMetadataCacheItem(
clientId,
environment,
null);
accessor.SaveAppMetadata(appMetadataItem);
}
/// <summary>
/// Deserializes the token cache from a serialization blob
/// </summary>
/// <param name="tokenCacheAccessor">Token cache accessor to perform cache write operations (to fill-in from the state)</param>
/// <param name="unifiedState">Array of bytes containing serialized unified cache data</param>
/// <param name="requestContext">call state to pass correlation id and logger instance</param>
internal static void DeserializeUnifiedCache(ITokenCacheAccessor tokenCacheAccessor, byte[] unifiedState, RequestContext requestContext)
{
tokenCacheAccessor.Clear();
Dictionary <string, IEnumerable <string> > cacheDict = JsonHelper
.DeserializeFromJson <Dictionary <string, IEnumerable <string> > >(unifiedState);
if (cacheDict == null || cacheDict.Count == 0)
{
MsalLogger.Default.Info("Msal Cache is empty.");
return;
}
if (cacheDict.ContainsKey(AccessTokenKey))
{
foreach (var atItem in cacheDict[AccessTokenKey])
{
var msalAccessTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalAccessTokenCacheItem>(atItem, requestContext);
if (msalAccessTokenCacheItem != null)
{
tokenCacheAccessor.SaveAccessToken(msalAccessTokenCacheItem);
}
}
}
if (cacheDict.ContainsKey(RefreshTokenKey))
{
foreach (var rtItem in cacheDict[RefreshTokenKey])
{
var msalRefreshTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalRefreshTokenCacheItem>(rtItem, requestContext);
if (msalRefreshTokenCacheItem != null)
{
tokenCacheAccessor.SaveRefreshToken(msalRefreshTokenCacheItem);
}
}
}
if (cacheDict.ContainsKey(IdTokenKey))
{
foreach (var idItem in cacheDict[IdTokenKey])
{
var msalIdTokenCacheItem = JsonHelper.TryToDeserializeFromJson <MsalIdTokenCacheItem>(idItem, requestContext);
if (msalIdTokenCacheItem != null)
{
tokenCacheAccessor.SaveIdToken(msalIdTokenCacheItem);
}
}
}
if (cacheDict.ContainsKey(AccountKey))
{
foreach (var account in cacheDict[AccountKey])
{
var msalAccountCacheItem = JsonHelper.TryToDeserializeFromJson <MsalAccountCacheItem>(account, requestContext);
if (msalAccountCacheItem != null)
{
tokenCacheAccessor.SaveAccount(msalAccountCacheItem);
}
}
}
}
/// <inheritdoc />
public void SaveAccount(MsalAccountCacheItem item)
{
_tokenCacheAccessor.SaveAccount(item);
}
internal static void PopulateCache(
ITokenCacheAccessor accessor,
string uid = TestConstants.Uid,
string utid = TestConstants.Utid,
string clientId = TestConstants.ClientId,
string environment = TestConstants.ProductionPrefCacheEnvironment,
string displayableId = TestConstants.DisplayableId,
string rtSecret = TestConstants.RTSecret,
string overridenScopes = null,
string userAssertion = null,
bool expiredAccessTokens = false,
bool addSecondAt = true)
{
bool addAccessTokenOnly = accessor is InMemoryPartitionedAppTokenCacheAccessor;
string clientInfo = MockHelpers.CreateClientInfo(uid, utid);
string homeAccId = ClientInfo.CreateFromJson(clientInfo).ToAccountIdentifier();
var accessTokenExpiresOn = expiredAccessTokens ?
DateTimeOffset.UtcNow :
DateTimeOffset.UtcNow + TimeSpan.FromSeconds(ValidExpiresIn);
var extendedAccessTokenExpiresOn = expiredAccessTokens ?
DateTimeOffset.UtcNow :
DateTimeOffset.UtcNow + TimeSpan.FromSeconds(ValidExtendedExpiresIn);
string userAssertionHash = null;
if (userAssertion != null)
{
var crypto = PlatformProxyFactory.CreatePlatformProxy(null).CryptographyManager;
userAssertionHash = crypto.CreateBase64UrlEncodedSha256Hash(userAssertion);
}
MsalAccessTokenCacheItem atItem = new MsalAccessTokenCacheItem(
environment,
clientId,
overridenScopes ?? TestConstants.s_scope.AsSingleString(),
utid,
"",
DateTimeOffset.UtcNow,
accessTokenExpiresOn,
extendedAccessTokenExpiresOn,
clientInfo,
homeAccId,
oboCacheKey: userAssertionHash);
// add access token
accessor.SaveAccessToken(atItem);
// add another access token
if (addSecondAt)
{
atItem = new MsalAccessTokenCacheItem(
environment,
clientId,
TestConstants.s_scopeForAnotherResource.AsSingleString(),
utid,
"",
DateTimeOffset.UtcNow,
accessTokenExpiresOn,
extendedAccessTokenExpiresOn,
clientInfo,
homeAccId);
accessor.SaveAccessToken(atItem);
}
if (!addAccessTokenOnly)
{
var idTokenCacheItem = new MsalIdTokenCacheItem(
environment,
clientId,
MockHelpers.CreateIdToken(TestConstants.UniqueId + "more", displayableId),
clientInfo,
homeAccId,
tenantId: utid);
accessor.SaveIdToken(idTokenCacheItem);
var accountCacheItem = new MsalAccountCacheItem(
environment,
null,
clientInfo,
homeAccId,
null,
displayableId,
utid,
null,
null,
null);
accessor.SaveAccount(accountCacheItem);
AddRefreshTokenToCache(accessor, uid, utid, clientId, environment, rtSecret);
var appMetadataItem = new MsalAppMetadataCacheItem(
clientId,
environment,
null);
accessor.SaveAppMetadata(appMetadataItem);
}
}
