/// <summary> /// Attempts to enumerate and delete any and all Azure Directory Authentication /// Refresh tokens caches by GCM asynchronously. /// </summary> /// <returns>A <see cref="Task"/> for the async action.</returns> private static Task SecurityPurgeAdaTokens(SecretStore adaStore) { // this can and should be done asynchronously to minimize user impact return(Task.Run(() => { adaStore.PurgeCredentials(); })); }
private static BaseAuthentication CreateAuthentication(OperationArguments operationArguments) { Debug.Assert(operationArguments != null, "The operationArguments is null"); Trace.WriteLine("Program::CreateAuthentication"); var secrets = new SecretStore(SecretsNamespace); BaseAuthentication authority = null; switch (operationArguments.Authority) { case AuthorityType.Auto: Trace.WriteLine(" detecting authority type"); // detect the authority if (BaseVsoAuthentication.GetAuthentication(operationArguments.TargetUri, VsoCredentialScope, secrets, null, out authority) || GithubAuthentication.GetAuthentication(operationArguments.TargetUri, GithubCredentialScope, secrets, GithubCredentialPrompt, GithubAuthCodePrompt, null, out authority)) { // set the authority type based on the returned value if (authority is VsoMsaAuthentication) { operationArguments.Authority = AuthorityType.MicrosoftAccount; goto case AuthorityType.MicrosoftAccount; } else if (authority is VsoAadAuthentication) { operationArguments.Authority = AuthorityType.AzureDirectory; goto case AuthorityType.AzureDirectory; } else if (authority is GithubAuthentication) { operationArguments.Authority = AuthorityType.GitHub; goto case AuthorityType.GitHub; } } operationArguments.Authority = AuthorityType.Basic; goto case AuthorityType.Basic; case AuthorityType.AzureDirectory: Trace.WriteLine(" authority is Azure Directory"); Guid tenantId = Guid.Empty; // return the allocated authority or a generic AAD backed VSO authentication object return authority ?? new VsoAadAuthentication(Guid.Empty, VsoCredentialScope, secrets); case AuthorityType.Basic: default: Trace.WriteLine(" authority is basic"); // return a generic username + password authentication object return authority ?? new BasicAuthentication(secrets); case AuthorityType.GitHub: Trace.WriteLine(" authority it GitHub"); // return a GitHub authenitcation object return authority ?? new GithubAuthentication(GithubCredentialScope, secrets, GithubCredentialPrompt, GithubAuthCodePrompt, null); case AuthorityType.MicrosoftAccount: Trace.WriteLine(" authority is Microsoft Live"); // return the allocated authority or a generic MSA backed VSO authentication object return authority ?? new VsoMsaAuthentication(VsoCredentialScope, secrets); } }
private static BaseAuthentication CreateAuthentication(OperationArguments operationArguments) { Debug.Assert(operationArguments != null, "The operationArguments is null"); Debug.Assert(operationArguments.TargetUri != null, "The operationArgument.TargetUri is null"); var secretsNamespace = operationArguments.CustomNamespace ?? SecretsNamespace; var secrets = new SecretStore(secretsNamespace, null, null, Secret.UriToName); BaseAuthentication authority = null; var basicCredentialCallback = (operationArguments.UseModalUi) ? new AcquireCredentialsDelegate(Program.ModalPromptForCredentials) : new AcquireCredentialsDelegate(Program.BasicCredentialPrompt); var githubCredentialCallback = (operationArguments.UseModalUi) ? new GitHubAuthentication.AcquireCredentialsDelegate(GitHub.Authentication.AuthenticationPrompts.CredentialModalPrompt) : new GitHubAuthentication.AcquireCredentialsDelegate(Program.GitHubCredentialPrompt); var githubAuthcodeCallback = (operationArguments.UseModalUi) ? new GitHubAuthentication.AcquireAuthenticationCodeDelegate(GitHub.Authentication.AuthenticationPrompts.AuthenticationCodeModalPrompt) : new GitHubAuthentication.AcquireAuthenticationCodeDelegate(Program.GitHubAuthCodePrompt); NtlmSupport basicNtlmSupport = NtlmSupport.Auto; switch (operationArguments.Authority) { case AuthorityType.Auto: Git.Trace.WriteLine($"detecting authority type for '{operationArguments.TargetUri}'."); // detect the authority authority = BaseVstsAuthentication.GetAuthentication(operationArguments.TargetUri, VstsCredentialScope, secrets) ?? GitHubAuthentication.GetAuthentication(operationArguments.TargetUri, GitHubCredentialScope, secrets, githubCredentialCallback, githubAuthcodeCallback, null); if (authority != null) { // set the authority type based on the returned value if (authority is VstsMsaAuthentication) { operationArguments.Authority = AuthorityType.MicrosoftAccount; goto case AuthorityType.MicrosoftAccount; } else if (authority is VstsAadAuthentication) { operationArguments.Authority = AuthorityType.AzureDirectory; goto case AuthorityType.AzureDirectory; } else if (authority is GitHubAuthentication) { operationArguments.Authority = AuthorityType.GitHub; goto case AuthorityType.GitHub; } } operationArguments.Authority = AuthorityType.Basic; goto case AuthorityType.Basic; case AuthorityType.AzureDirectory: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Azure Directory."); Guid tenantId = Guid.Empty; // return the allocated authority or a generic AAD backed VSTS authentication object return authority ?? new VstsAadAuthentication(Guid.Empty, VstsCredentialScope, secrets); case AuthorityType.Basic: // enforce basic authentication only basicNtlmSupport = NtlmSupport.Never; goto default; case AuthorityType.GitHub: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is GitHub."); // return a GitHub authentication object return authority ?? new GitHubAuthentication(GitHubCredentialScope, secrets, githubCredentialCallback, githubAuthcodeCallback, null); case AuthorityType.MicrosoftAccount: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is Microsoft Live."); // return the allocated authority or a generic MSA backed VSTS authentication object return authority ?? new VstsMsaAuthentication(VstsCredentialScope, secrets); case AuthorityType.Ntlm: // enforce NTLM authentication only basicNtlmSupport = NtlmSupport.Always; goto default; default: Git.Trace.WriteLine($"authority for '{operationArguments.TargetUri}' is basic with NTLM={basicNtlmSupport}."); // return a generic username + password authentication object return authority ?? new BasicAuthentication(secrets, basicNtlmSupport, basicCredentialCallback, null); } }
/// <summary> /// Attempts to enumerate and delete any and all Azure Directory Authentication /// Refresh tokens caches by GCM asynchronously. /// </summary> /// <returns>A <see cref="Task"/> for the async action.</returns> private static Task SecurityPurgeAdaTokens(SecretStore adaStore) { // this can and should be done asynchronously to minimize user impact return Task.Run(() => { adaStore.PurgeCredentials(); }); }
private static BaseAuthentication CreateAuthentication(OperationArguments operationArguments) { Debug.Assert(operationArguments != null, "The operationArguments is null"); Debug.Assert(operationArguments.TargetUri != null, "The operationArgument.TargetUri is null"); Trace.WriteLine("Program::CreateAuthentication"); Secret.UriNameConversion getTargetName = Secret.UriToSimpleName; if (operationArguments.UseHttpPath) { getTargetName = Secret.UriToPathedName; } var secrets = new SecretStore(SecretsNamespace, null, null, getTargetName); BaseAuthentication authority = null; switch (operationArguments.Authority) { case AuthorityType.Auto: Trace.WriteLine(" detecting authority type"); // detect the authority if (BaseVstsAuthentication.GetAuthentication(operationArguments.TargetUri, VstsCredentialScope, secrets, null, out authority) || GithubAuthentication.GetAuthentication(operationArguments.TargetUri, GithubCredentialScope, secrets, operationArguments.UseModalUi ? new GithubAuthentication.AcquireCredentialsDelegate(GitHub.Authentication.AuthenticationPrompts.CredentialModalPrompt) : new GithubAuthentication.AcquireCredentialsDelegate(GithubCredentialPrompt), operationArguments.UseModalUi ? new GithubAuthentication.AcquireAuthenticationCodeDelegate(GitHub.Authentication.AuthenticationPrompts.AuthenticationCodeModalPrompt) : new GithubAuthentication.AcquireAuthenticationCodeDelegate(GithubAuthCodePrompt), null, out authority)) { // set the authority type based on the returned value if (authority is VstsMsaAuthentication) { operationArguments.Authority = AuthorityType.MicrosoftAccount; goto case AuthorityType.MicrosoftAccount; } else if (authority is VstsAadAuthentication) { operationArguments.Authority = AuthorityType.AzureDirectory; goto case AuthorityType.AzureDirectory; } else if (authority is GithubAuthentication) { operationArguments.Authority = AuthorityType.GitHub; goto case AuthorityType.GitHub; } } operationArguments.Authority = AuthorityType.Basic; goto case AuthorityType.Basic; case AuthorityType.AzureDirectory: Trace.WriteLine(" authority is Azure Directory"); Guid tenantId = Guid.Empty; // return the allocated authority or a generic AAD backed VSTS authentication object return authority ?? new VstsAadAuthentication(Guid.Empty, VstsCredentialScope, secrets); case AuthorityType.Basic: default: Trace.WriteLine(" authority is basic"); // return a generic username + password authentication object return authority ?? new BasicAuthentication(secrets); case AuthorityType.GitHub: Trace.WriteLine(" authority it GitHub"); // return a GitHub authenitcation object return authority ?? new GithubAuthentication(GithubCredentialScope, secrets, operationArguments.UseModalUi ? new GithubAuthentication.AcquireCredentialsDelegate(GitHub.Authentication.AuthenticationPrompts.CredentialModalPrompt) : new GithubAuthentication.AcquireCredentialsDelegate(GithubCredentialPrompt), operationArguments.UseModalUi ? new GithubAuthentication.AcquireAuthenticationCodeDelegate(GitHub.Authentication.AuthenticationPrompts.AuthenticationCodeModalPrompt) : new GithubAuthentication.AcquireAuthenticationCodeDelegate(GithubAuthCodePrompt), null); case AuthorityType.MicrosoftAccount: Trace.WriteLine(" authority is Microsoft Live"); // return the allocated authority or a generic MSA backed VSTS authentication object return authority ?? new VstsMsaAuthentication(VstsCredentialScope, secrets); } }