Example #1
0
        public async Task AdalRt_CreatedByAdalV4_UsedByAdalV4Async()
        {
            await AcquireTokensUsingAdalAsync().ConfigureAwait(false);

            ClearMsalCache();
            AssertMsalCacheIsEmpty();

            // passing empty password to make sure that token returned silenlty - using RT
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource1, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, "")).ConfigureAwait(false);

            ValidateAdalAuthResult();
        }
Example #2
0
        private async Task AcquireTokensUsingAdalAsync()
        {
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource1, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();

            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource2, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();
        }
Example #3
0
        public async Task UnifiedCache_Msal_ClearCacheAsync()
        {
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource1, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            Assert.IsTrue(adalCache.ReadItems().Count() > 0);
            var accounts = await msalPublicClient.GetAccountsAsync().ConfigureAwait(false);

            Assert.IsTrue(accounts.Count() > 0);

            msalCache.Clear();

            AssertAdalCacheIsEmpty();
            AssertMsalCacheIsEmpty();
        }
Example #4
0
        public async Task UnifiedCache_Adalv3ToMsal2MigrationIntegrationTestAsync()
        {
            // acquire adal tokens using adalV4
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource1, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();

            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource2, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();

            // simulate adalV3 token cache state by setting client info in adal cache entities to null
            // and clearing msal cache
            UpdateAdalCacheSetClientInfoToNull();
            ClearMsalCache();
            AssertMsalCacheIsEmpty();

            // make sure that adal v3 RT is visible for Msal
            var msalAccounts = await msalPublicClient.GetAccountsAsync().ConfigureAwait(false);

            Assert.AreEqual(1, msalAccounts.Count());
            var account = msalAccounts.First();

            Assert.AreEqual(user.Upn, account.Username);
            Assert.IsNull(account.HomeAccountId);
            Assert.IsNotNull(account.Environment);

            // make sure that adal v3 RT is usable by Msal
            msalAuthResult = await msalPublicClient.AcquireTokenSilentAsync(MsalScopes, account).ConfigureAwait(false);

            ValidateMsalAuthResult();

            // make sure Msal remove account api remove corresponding cache entities in all formats
            msalAccounts = await msalPublicClient.GetAccountsAsync().ConfigureAwait(false);

            Assert.AreEqual(1, msalAccounts.Count());
            account = msalAccounts.First();

            await msalPublicClient.RemoveAsync(account).ConfigureAwait(false);

            AssertAdalCacheIsEmpty();
            AssertNoCredentialsInMsalCache();
        }
Example #5
0
        public async Task UnifiedCache_Adalv3ToAdalV4ToMsal2MigrationIntegrationTestAsync()
        {
            // acquire adal tokens using adalV4
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource1, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();

            // simulate adalV3 token cache state by setting client info in adal cache entities to null
            // and clearing msal cache
            UpdateAdalCacheSetClientInfoToNull();
            ClearMsalCache();
            AssertMsalCacheIsEmpty();


            // Migration to AdalV4 - acquire adal tokens using adalV4

            // make sure that AT in AdalV3 format is used by AdalV4
            Assert.AreEqual(1, adalCache.ReadItems().Count());
            adalAuthResult = await adalContext.AcquireTokenSilentAsync(AdalResource1, ClientId).ConfigureAwait(false);

            Assert.AreEqual(1, adalCache.ReadItems().Count());

            // acquire token to different resource
            adalAuthResult = await global::Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.
                             AcquireTokenAsync(adalContext, AdalResource2, ClientId,
                                               new global::Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential(user.Upn, securePassword)).ConfigureAwait(false);

            ValidateAdalAuthResult();

            // At this poing Adal cache contains RTs for the same account in diff format v3 and v4
            Assert.IsTrue(adalCache.ReadItems().Count() == 2);

            var msalAccounts = await msalPublicClient.GetAccountsAsync().ConfigureAwait(false);

            Assert.AreEqual(1, msalAccounts.Count());
            var account = msalAccounts.First();

            Assert.AreEqual(user.Upn, account.Username);
            // make sure for the same account RT in V4 format preffered over V3 format
            Assert.IsNotNull(account.HomeAccountId);
            Assert.IsNotNull(account.Environment);

            // validate that Adal writes only RT and Account cache entities in Msal format
            Assert.AreEqual(0, msalCache.TokenCacheAccessor.GetAllAccessTokensAsString().Count);
            Assert.AreEqual(1, msalCache.TokenCacheAccessor.GetAllRefreshTokensAsString().Count);
            Assert.AreEqual(0, msalCache.TokenCacheAccessor.GetAllIdTokensAsString().Count);
            Assert.AreEqual(1, msalCache.TokenCacheAccessor.GetAllAccountsAsString().Count);

            // make sure that adal v4 RT is usable by Msal
            msalAuthResult = await msalPublicClient.AcquireTokenSilentAsync(MsalScopes, account).ConfigureAwait(false);

            ValidateMsalAuthResult();

            // make sure Msal remove account api remove corresponding cache entities in all formats
            msalAccounts = await msalPublicClient.GetAccountsAsync().ConfigureAwait(false);

            Assert.AreEqual(1, msalAccounts.Count());
            account = msalAccounts.First();

            await msalPublicClient.RemoveAsync(account).ConfigureAwait(false);

            AssertAdalCacheIsEmpty();
            AssertNoCredentialsInMsalCache();
        }