/// <inheritdoc/>
public async Task <AuthenticationResult> AcquireToken(TargetUri targetUri, string username, string password, AuthenticationResultType resultType, TokenScope scope)
{
if (resultType == AuthenticationResultType.TwoFactor)
{
// a previous attempt to aquire a token failed in a way that suggests the user has
// Bitbucket 2FA turned on. so attempt to run the OAuth dance...
OAuth.OAuthAuthenticator oauth = new OAuth.OAuthAuthenticator();
try
{
var result = await oauth.GetAuthAsync(targetUri, scope, CancellationToken.None);
if (!result.IsSuccess)
{
Trace.WriteLine($"oauth authentication failed");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
// we got a toke but lets check to see the usernames match
var restRootUri = new Uri(_restRootUrl);
var authHeader = GetBearerHeaderAuthHeader(result.Token.Value);
var userResult = await RestClient.TryGetUser(targetUri, RequestTimeout, restRootUri, authHeader);
if (!userResult.IsSuccess)
{
Trace.WriteLine($"oauth user check failed");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
if (!string.IsNullOrWhiteSpace(userResult.RemoteUsername) && !username.Equals(userResult.RemoteUsername))
{
Trace.WriteLine($"Remote username [{userResult.RemoteUsername}] != [{username}] supplied username");
// make sure the 'real' username is returned
return(new AuthenticationResult(AuthenticationResultType.Success, result.Token, result.RefreshToken, userResult.RemoteUsername));
}
// everything is hunky dory
return(result);
}
catch (Exception ex)
{
Trace.WriteLine($"oauth authentication failed [{ex.Message}]");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
}
else
{
BasicAuthAuthenticator basicauth = new BasicAuthAuthenticator();
try
{
var restRootUri = new Uri(_restRootUrl);
return(await basicauth.GetAuthAsync(targetUri, scope, RequestTimeout, restRootUri, username, password));
}
catch (Exception ex)
{
Trace.WriteLine($"basic auth authentication failed [{ex.Message}]");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
}
}
public UserPassViewModel(string hostUrl, ITrace trace, IHttpClientFactory httpClientFactory, ISettings settings) : base(hostUrl)
{
var authenticator = new BasicAuthAuthenticator(trace, httpClientFactory);
LoginCommand = ReactiveCommand.Create <object>(async param =>
{
var scopes = BitbucketConstants.BitbucketCredentialScopes;
// TODO validate credentials
var result = await authenticator.AcquireTokenAsync(
settings.RemoteUri, scopes,
new BaseAuthCredential(_username, _password));
if (result.Type == AuthenticationResultType.Success)
{
trace.WriteLine($"Token acquisition for '{settings.RemoteUri}' succeeded");
_output.Add("username", result.Token.UserName);
_output.Add("password", result.Token.Password);
_output.Add("scheme", result.Token.Scheme);
_output.Add("authentication", result.Token.Scheme);
Success = true;
}
else if (result.Type == AuthenticationResultType.TwoFactor)
{
trace.WriteLine($"Token acquisition for '{settings.RemoteUri}' failed");
_output.Add("authentication", "2fa");
Success = false;
}
else
{
trace.WriteLine($"Token acquisition for '{settings.RemoteUri}' failed");
Success = false;
}
Exit();
});
CancelCommand = ReactiveCommand.Create <object>(param =>
{
Success = false;
Exit();
});
}
/// <inheritdoc/>
public async Task <AuthenticationResult> AcquireToken(TargetUri targetUri, Credential credentials, AuthenticationResultType resultType, TokenScope scope)
{
if (targetUri is null)
{
throw new ArgumentNullException(nameof(targetUri));
}
if (credentials is null)
{
throw new ArgumentNullException(nameof(credentials));
}
if (resultType < AuthenticationResultType.None || resultType > AuthenticationResultType.TwoFactor)
{
throw new ArgumentOutOfRangeException(nameof(resultType));
}
if (scope is null)
{
throw new ArgumentNullException(nameof(scope));
}
if (resultType == AuthenticationResultType.TwoFactor)
{
// A previous attempt to acquire a token failed in a way that suggests the user has
// Bitbucket 2FA turned on. so attempt to run the OAuth dance...
var oauth = new OAuth.OAuthAuthenticator(Context);
try
{
var result = await oauth.GetAuthAsync(targetUri, scope, CancellationToken.None);
if (!result.IsSuccess)
{
Trace.WriteLine($"oauth authentication failed");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
// We got a toke but lets check to see the usernames match.
var restRootUri = new Uri(_restRootUrl);
var userResult = await(new RestClient(Context)).TryGetUser(targetUri, RequestTimeout, restRootUri, result.Token);
if (!userResult.IsSuccess)
{
Trace.WriteLine($"oauth user check failed");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
if (!string.IsNullOrWhiteSpace(userResult.RemoteUsername) && !credentials.Username.Equals(userResult.RemoteUsername))
{
Trace.WriteLine($"Remote username [{userResult.RemoteUsername}] != [{credentials.Username}] supplied username");
// Make sure the 'real' username is returned.
return(new AuthenticationResult(AuthenticationResultType.Success, result.Token, result.RefreshToken, userResult.RemoteUsername));
}
// Everything is hunky dory.
return(result);
}
catch (Exception ex)
{
Trace.WriteLine($"oauth authentication failed [{ex.Message}]");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
}
else
{
var basicauth = new BasicAuthAuthenticator(Context);
try
{
var restRootUri = new Uri(_restRootUrl);
return(await basicauth.GetAuthAsync(targetUri, scope, RequestTimeout, restRootUri, credentials));
}
catch (Exception ex)
{
Trace.WriteLine($"basic authentication failed [{ex.Message}]");
return(new AuthenticationResult(AuthenticationResultType.Failure));
}
}
}
