public async Task <MsalTokenResponse> SendTokenRequestAsync(
IDictionary <string, string> additionalBodyParameters,
string scopeOverride = null,
string tokenEndpointOverride = null,
CancellationToken cancellationToken = default)
{
using (_requestParams.RequestContext.Logger.LogMethodDuration())
{
cancellationToken.ThrowIfCancellationRequested();
string tokenEndpoint = tokenEndpointOverride ?? _requestParams.Endpoints.TokenEndpoint;
string scopes = !string.IsNullOrEmpty(scopeOverride) ? scopeOverride : GetDefaultScopes(_requestParams.Scope);
AddBodyParamsAndHeaders(additionalBodyParameters, scopes);
AddThrottlingHeader();
_serviceBundle.ThrottlingManager.TryThrottle(_requestParams, _oAuth2Client.GetBodyParameters());
MsalTokenResponse response;
try
{
response = await SendHttpAndClearTelemetryAsync(tokenEndpoint, _requestParams.RequestContext.Logger)
.ConfigureAwait(false);
}
catch (MsalServiceException e)
{
_serviceBundle.ThrottlingManager.RecordException(_requestParams, _oAuth2Client.GetBodyParameters(), e);
throw;
}
if (string.IsNullOrEmpty(response.Scope))
{
response.Scope = _requestParams.Scope.AsSingleString();
_requestParams.RequestContext.Logger.Info(
"ScopeSet was missing from the token response, so using developer provided scopes in the result. ");
}
if (string.IsNullOrEmpty(response.TokenType))
{
throw new MsalClientException(MsalError.AccessTokenTypeMissing, MsalErrorMessage.AccessTokenTypeMissing);
}
if (!string.Equals(
response.TokenType,
_requestParams.AuthenticationScheme.AccessTokenType,
StringComparison.OrdinalIgnoreCase))
{
throw new MsalClientException(
MsalError.TokenTypeMismatch,
MsalErrorMessage.TokenTypeMismatch(
_requestParams.AuthenticationScheme.AccessTokenType,
response.TokenType));
}
return(response);
}
}
public async Task <MsalTokenResponse> SendTokenRequestAsync(
IDictionary <string, string> additionalBodyParameters,
string scopeOverride = null,
string tokenEndpointOverride = null,
CancellationToken cancellationToken = default)
{
string tokenEndpoint = tokenEndpointOverride ?? _requestParams.Endpoints.TokenEndpoint;
string scopes = !string.IsNullOrEmpty(scopeOverride) ? scopeOverride : GetDefaultScopes(_requestParams.Scope);
AddBodyParamsAndHeaders(additionalBodyParameters, scopes);
MsalTokenResponse response = await SendHttpAndClearTelemetryAsync(tokenEndpoint)
.ConfigureAwait(false);
if (string.IsNullOrEmpty(response.Scope))
{
response.Scope = _requestParams.Scope.AsSingleString();
_requestParams.RequestContext.Logger.Info(
"ScopeSet was missing from the token response, so using developer provided scopes in the result. ");
}
if (!string.IsNullOrEmpty(response.TokenType) &&
!string.Equals(
response.TokenType,
_requestParams.AuthenticationScheme.AccessTokenType,
StringComparison.OrdinalIgnoreCase))
{
throw new MsalClientException(
MsalError.TokenTypeMismatch,
MsalErrorMessage.TokenTypeMismatch(
_requestParams.AuthenticationScheme.AccessTokenType,
response.TokenType));
}
return(response);
}
protected async Task <MsalTokenResponse> SendTokenRequestAsync(
string tokenEndpoint,
IDictionary <string, string> additionalBodyParameters,
CancellationToken cancellationToken)
{
OAuth2Client client = new OAuth2Client(ServiceBundle.DefaultLogger, ServiceBundle.HttpManager, ServiceBundle.TelemetryManager);
client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.ClientId);
client.AddBodyParameter(OAuth2Parameter.ClientInfo, "1");
#if DESKTOP || NETSTANDARD1_3 || NET_CORE
if (AuthenticationRequestParameters.ClientCredential != null)
{
Dictionary <string, string> ccBodyParameters = ClientCredentialHelper.CreateClientCredentialBodyParameters(
AuthenticationRequestParameters.RequestContext.Logger,
ServiceBundle.PlatformProxy.CryptographyManager,
AuthenticationRequestParameters.ClientCredential,
AuthenticationRequestParameters.ClientId,
AuthenticationRequestParameters.Endpoints,
AuthenticationRequestParameters.SendX5C);
foreach (var entry in ccBodyParameters)
{
client.AddBodyParameter(entry.Key, entry.Value);
}
}
#endif
client.AddBodyParameter(OAuth2Parameter.Scope,
GetDecoratedScope(AuthenticationRequestParameters.Scope).AsSingleString());
client.AddQueryParameter(OAuth2Parameter.Claims, AuthenticationRequestParameters.Claims);
foreach (var kvp in additionalBodyParameters)
{
client.AddBodyParameter(kvp.Key, kvp.Value);
}
foreach (var kvp in AuthenticationRequestParameters.AuthenticationScheme.GetTokenRequestParams())
{
client.AddBodyParameter(kvp.Key, kvp.Value);
}
MsalTokenResponse response = await SendHttpMessageAsync(client, tokenEndpoint)
.ConfigureAwait(false);
if (!string.Equals(
response.TokenType,
AuthenticationRequestParameters.AuthenticationScheme.AccessTokenType,
StringComparison.OrdinalIgnoreCase))
{
throw new MsalClientException(
MsalError.TokenTypeMismatch,
MsalErrorMessage.TokenTypeMismatch(
AuthenticationRequestParameters.AuthenticationScheme.AccessTokenType,
response.TokenType));
}
return(response);
}
public async Task <MsalTokenResponse> SendTokenRequestAsync(
IDictionary <string, string> additionalBodyParameters,
string scopeOverride = null,
string tokenEndpointOverride = null,
CancellationToken cancellationToken = default)
{
string tokenEndpoint = tokenEndpointOverride ?? _requestParams.Endpoints.TokenEndpoint;
string scopes = !string.IsNullOrEmpty(scopeOverride) ? scopeOverride: GetDefaultScopes(_requestParams.Scope);
_oAuth2Client.AddBodyParameter(OAuth2Parameter.ClientId, _requestParams.ClientId);
_oAuth2Client.AddBodyParameter(OAuth2Parameter.ClientInfo, "1");
#if DESKTOP || NETSTANDARD1_3 || NET_CORE
if (_requestParams.ClientCredential != null)
{
Dictionary <string, string> ccBodyParameters = ClientCredentialHelper.CreateClientCredentialBodyParameters(
_requestParams.RequestContext.Logger,
_serviceBundle.PlatformProxy.CryptographyManager,
_requestParams.ClientCredential,
_requestParams.ClientId,
_requestParams.Endpoints,
_requestParams.SendX5C);
foreach (var entry in ccBodyParameters)
{
_oAuth2Client.AddBodyParameter(entry.Key, entry.Value);
}
}
#endif
_oAuth2Client.AddBodyParameter(OAuth2Parameter.Scope, scopes);
_oAuth2Client.AddBodyParameter(OAuth2Parameter.Claims, _requestParams.ClaimsAndClientCapabilities);
foreach (var kvp in additionalBodyParameters)
{
_oAuth2Client.AddBodyParameter(kvp.Key, kvp.Value);
}
foreach (var kvp in _requestParams.AuthenticationScheme.GetTokenRequestParams())
{
_oAuth2Client.AddBodyParameter(kvp.Key, kvp.Value);
}
MsalTokenResponse response = await SendHttpMessageAsync(tokenEndpoint)
.ConfigureAwait(false);
if (!string.Equals(
response.TokenType,
_requestParams.AuthenticationScheme.AccessTokenType,
StringComparison.OrdinalIgnoreCase))
{
throw new MsalClientException(
MsalError.TokenTypeMismatch,
MsalErrorMessage.TokenTypeMismatch(
_requestParams.AuthenticationScheme.AccessTokenType,
response.TokenType));
}
return(response);
}