public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
AuthorityInfo authorityInfo,
string userPrincipalName,
RequestContext requestContext)
{
if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
{
requestContext.Logger.Info("Resolving authority endpoints... Already resolved? - TRUE");
return(endpoints);
}
requestContext.Logger.Info("Resolving authority endpoints... Already resolved? - FALSE");
var authorityUri = new Uri(authorityInfo.CanonicalAuthority);
string path = authorityUri.AbsolutePath.Substring(1);
string tenant = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
bool isTenantless = Authority.TenantlessTenantNames.Contains(tenant);
// TODO: where is the value in this log message? we have a bunch of code supporting printing just this out...
requestContext.Logger.Info("Is Authority tenantless? - " + isTenantless);
var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);
string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
authorityInfo,
userPrincipalName,
requestContext).ConfigureAwait(false);
// Discover endpoints via openid-configuration
var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);
if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
"Authorize endpoint was not found in the openid configuration");
}
if (string.IsNullOrEmpty(edr.TokenEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
"Token endpoint was not found in the openid configuration");
}
if (string.IsNullOrEmpty(edr.Issuer))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
"Issuer was not found in the openid configuration");
}
endpoints = new AuthorityEndpoints(
edr.AuthorizationEndpoint.Replace("{tenant}", tenant),
edr.TokenEndpoint.Replace("{tenant}", tenant),
edr.Issuer.Replace("{tenant}", tenant));
Add(authorityInfo, userPrincipalName, endpoints);
return(endpoints);
}
public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
AuthorityInfo authorityInfo,
string userPrincipalName,
RequestContext requestContext)
{
if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
{
requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsTrue);
return(endpoints);
}
requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsFalse);
var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);
string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
authorityInfo,
userPrincipalName,
requestContext).ConfigureAwait(false);
// Discover endpoints via openid-configuration
var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);
if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.AuthorizeEndpointWasNotFoundInTheOpenIdConfiguration);
}
if (string.IsNullOrEmpty(edr.TokenEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.TokenEndpointWasNotFoundInTheOpenIdConfiguration);
}
if (string.IsNullOrEmpty(edr.Issuer))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.IssuerWasNotFoundInTheOpenIdConfiguration);
}
var authority = Authority.CreateAuthority(authorityInfo);
var tenantId = authority.GetTenantId();
string authorizationEndpoint = ReplaceTenantToken(edr.AuthorizationEndpoint, tenantId);
string tokenEndpoint = ReplaceTenantToken(edr.TokenEndpoint, tenantId);
endpoints = new AuthorityEndpoints(
authorizationEndpoint,
tokenEndpoint,
GetSelfSignedJwtAudience(edr.Issuer, tokenEndpoint, tenantId, authorityInfo.AuthorityType));
Add(authorityInfo, userPrincipalName, endpoints);
return(endpoints);
}
public async Task <AuthorityEndpoints> ResolveEndpointsAsync(
AuthorityInfo authorityInfo,
string userPrincipalName,
RequestContext requestContext)
{
if (TryGetCacheValue(authorityInfo, userPrincipalName, out var endpoints))
{
requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsTrue);
return(endpoints);
}
requestContext.Logger.Info(LogMessages.ResolvingAuthorityEndpointsFalse);
var authorityUri = new Uri(authorityInfo.CanonicalAuthority);
string path = authorityUri.AbsolutePath.Substring(1);
string tenant = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
var endpointManager = OpenIdConfigurationEndpointManagerFactory.Create(authorityInfo, _serviceBundle);
string openIdConfigurationEndpoint = await endpointManager.ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
authorityInfo,
userPrincipalName,
requestContext).ConfigureAwait(false);
// Discover endpoints via openid-configuration
var edr = await DiscoverEndpointsAsync(openIdConfigurationEndpoint, requestContext).ConfigureAwait(false);
if (string.IsNullOrEmpty(edr.AuthorizationEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.AuthorizeEndpointWasNotFoundInTheOpenIdConfiguration);
}
if (string.IsNullOrEmpty(edr.TokenEndpoint))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.TokenEndpointWasNotFoundInTheOpenIdConfiguration);
}
if (string.IsNullOrEmpty(edr.Issuer))
{
throw new MsalClientException(
MsalError.TenantDiscoveryFailedError,
MsalErrorMessage.IssuerWasNotFoundInTheOpenIdConfiguration);
}
endpoints = new AuthorityEndpoints(
edr.AuthorizationEndpoint.Replace(Constants.Tenant, tenant),
edr.TokenEndpoint.Replace(Constants.Tenant, tenant),
ReplaceNonTenantSpecificValueWithTenant(edr, tenant));
Add(authorityInfo, userPrincipalName, endpoints);
return(endpoints);
}
