private async System.Threading.Tasks.Task AcquireAccessTokenAsync(string ClientId)
{
Cursor = Cursors.WaitCursor;
Enabled = false;
string[] scopes = Util.MailboxViewerScopes();
_pca = PublicClientApplicationBuilder.Create(ClientId).Build();
StringBuilder stringBuilder = new StringBuilder();
try
{
stringBuilder.AppendLine("MSAL - AcquireTokenAsync");
stringBuilder.AppendLine("Application ID : " + ClientId);
stringBuilder.AppendLine("Scope : " + string.Join(",", scopes));
_ar = await _pca.AcquireTokenInteractive(scopes).WithPrompt(Prompt.ForceLogin).ExecuteAsync();
stringBuilder.AppendLine("Result : Success");
stringBuilder.AppendLine("AccessToken : " + (_ar.AccessToken ?? ""));
stringBuilder.AppendLine("ExpiresOn : " + _ar.ExpiresOn.ToString());
stringBuilder.AppendLine("IdToken : " + (_ar.IdToken ?? ""));
stringBuilder.AppendLine("Scope : " + string.Join(",", _ar.Scopes));
stringBuilder.AppendLine("UniqueId : " + (_ar.UniqueId ?? ""));
stringBuilder.AppendLine("Username : "******""));
stringBuilder.AppendLine("Identifier : " + (_ar.Account.HomeAccountId.Identifier ?? ""));
stringBuilder.AppendLine("Name : " + (_ar.Account.Username ?? ""));
Properties.Settings.Default.Save();
DialogResult = DialogResult.OK;
Close();
}
catch (Exception ex)
{
stringBuilder.AppendLine("Result : Fail");
stringBuilder.AppendLine("Message : " + ex.Message);
if (ex.Message != "User canceled authentication")
{
MessageBox.Show(ex.Message, "Office365APIEditor");
}
}
finally
{
Cursor = Cursors.Default;
Enabled = true;
}
Util.WriteSystemLog("AcquireViewerTokenForm", stringBuilder.ToString());
}
public Connector()
{
// Create Client Application and Authentication Provider
_clientApp = InteractiveAuthenticationProvider.CreateClientApplication(
_clientId,
FileBasedTokenStorageProvider.Instance);
_clientApp.RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient";
var authProvider = new InteractiveAuthenticationProvider(_clientApp, _scopes);
// Create GraphServiceClient with middleware pipeline setup
_graph = new GraphServiceClient(authProvider);
}
private static async Task <AuthenticationResult> Login()
{
AuthenticationConfig config = AuthenticationConfig.ReadFromJsonFile("appsettings.json");
AuthenticationResult authResult = null;
string[] scopes = new string[] { "user.read", "Directory.Read.All", "Directory.ReadWrite.All" };
try
{
var _clientId = config.ClientId; // this is an app client that allows 'client app' authentication
var _instance = config.Instance.Replace("{0}", "");
var _tenant = config.Tenant;
_clientApp = PublicClientApplicationBuilder.Create(_clientId)
.WithAuthority($"{_instance}{_tenant}")
//.WithAuthority(new Uri(config.Authority))
.WithDefaultRedirectUri()
//.WithRedirectUri("msal2676c812-ca98-4688-ad5c-9dcb92096171://auth")
.Build();
authResult = await Program.PublicClientApp.AcquireTokenInteractive(scopes)
.ExecuteAsync();
}
//catch (MsalUiRequiredException ex)
//{
// // A MsalUiRequiredException happened on AcquireTokenSilent.
// // This indicates you need to call AcquireTokenInteractive to acquire a token
// System.Diagnostics.Debug.WriteLine($"MsalUiRequiredException: {ex.Message}");
// try
// {
// authResult = await Program.PublicClientApp.AcquireTokenInteractive(scopes)
// //.WithAccount(accounts.FirstOrDefault())
// //.WithPrompt(Prompt.SelectAccount)
// .ExecuteAsync();
// }
// catch (MsalException msalex)
// {
// Debug.WriteLine($"Error Acquiring Token:{System.Environment.NewLine}{msalex}");
// }
//}
catch (MsalException msalex)
{
Debug.WriteLine($"Error Acquiring Token:{System.Environment.NewLine}{msalex}");
}
catch (Exception ex)
{
Debug.WriteLine($"Error Acquiring Token:{System.Environment.NewLine}{ex}");
}
return(authResult);
}
private async Task CreateSSHCertTestAsync(LabResponse labResponse)
{
IPublicClientApplication pca = PublicClientApplicationBuilder
.Create(labResponse.App.AppId)
.WithRedirectUri(SeleniumWebUI.FindFreeLocalhostRedirectUri())
.WithTestLogging()
.Build();
TokenCacheAccessRecorder userCacheAccess = pca.UserTokenCache.RecordAccess();
Trace.WriteLine("Part 1 - Acquire an SSH cert interactively ");
string jwk = CreateJwk();
AuthenticationResult result = await pca
.AcquireTokenInteractive(s_scopes)
.WithCustomWebUi(CreateSeleniumCustomWebUI(labResponse.User, Prompt.ForceLogin))
.WithSSHCertificateAuthenticationScheme(jwk, "key1")
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(0, 1);
Assert.AreEqual("ssh-cert", result.TokenType);
IAccount account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(1, 1); // the assert calls GetAccounts
Trace.WriteLine("Part 2 - Acquire a token silent with the same keyID - should be served from the cache");
result = await pca
.AcquireTokenSilent(s_scopes, account)
.WithSSHCertificateAuthenticationScheme(jwk, "key1")
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(2, 1);
account = await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
userCacheAccess.AssertAccessCounts(3, 1);
Trace.WriteLine("Part 3 - Acquire a token silent with a different keyID - should not sbe served from the cache");
result = await pca
.AcquireTokenSilent(s_scopes, account)
.WithSSHCertificateAuthenticationScheme(jwk, "key2")
.ExecuteAsync(new CancellationTokenSource(_interactiveAuthTimeout).Token)
.ConfigureAwait(false);
Assert.AreEqual("ssh-cert", result.TokenType);
userCacheAccess.AssertAccessCounts(4, 2);
await MsalAssert.AssertSingleAccountAsync(labResponse, pca, result).ConfigureAwait(false);
}
private static async Task OAuthSSO()
{
string[] scopes = new string[] { "user.read" };
app = PublicClientApplicationBuilder.Create(configuration["Azure:ClientID"])
//.WithRedirectUri(configuration["Azure:Redirect"])
.WithAuthority(AzureCloudInstance.AzurePublic, configuration["Azure:TenantID"])
.Build();
var accounts = await app.GetAccountsAsync();
AuthenticationResult result = null;
if (accounts.Any())
{
result = await app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
.ExecuteAsync();
}
else
{
try
{
result = await app.AcquireTokenByIntegratedWindowsAuth(scopes)
.ExecuteAsync(CancellationToken.None);
}
catch (MsalUiRequiredException ex)
{
Console.WriteLine(string.Concat("AAD error: ", ex.Message, " Code: ", ex.ErrorCode));
}
catch (MsalServiceException ex)
{
Console.WriteLine(ex.Message);
}
catch (MsalClientException ex)
{
Console.WriteLine(ex.ErrorCode);
// ErrorCode kann hier nachgeschlagen werden : https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.msalerror?view=azure-dotnet
Console.WriteLine(ex.Message);
if (ex.InnerException != null && ex.InnerException is MsalServiceException)
{
Console.WriteLine(((MsalServiceException)ex.InnerException).Message);
Console.WriteLine(((MsalServiceException)ex.InnerException).ResponseBody);
}
}
}
}
internal static IAuthenticationProvider GetAuthProvider(IAuthContext authContext)
{
if (authContext is null)
{
throw new AuthenticationException(ErrorConstants.Message.MissingAuthContext);
}
IAuthenticationProvider authProvider = null;
switch (authContext.AuthType)
{
case AuthenticationType.Delegated:
{
IPublicClientApplication publicClientApp = PublicClientApplicationBuilder
.Create(authContext.ClientId)
.WithTenantId(authContext.TenantId)
.Build();
ConfigureTokenCache(publicClientApp.UserTokenCache, authContext);
authProvider = new DeviceCodeProvider(publicClientApp, authContext.Scopes, async(result) => {
await Console.Out.WriteLineAsync(result.Message);
});
break;
}
case AuthenticationType.AppOnly:
{
IConfidentialClientApplication confidentialClientApp = ConfidentialClientApplicationBuilder
.Create(authContext.ClientId)
.WithTenantId(authContext.TenantId)
.WithCertificate(string.IsNullOrEmpty(authContext.CertificateThumbprint) ? GetCertificateByName(authContext.CertificateName) : GetCertificateByThumbprint(authContext.CertificateThumbprint))
.Build();
ConfigureTokenCache(confidentialClientApp.AppTokenCache, authContext);
authProvider = new ClientCredentialProvider(confidentialClientApp);
break;
}
case AuthenticationType.UserProvidedAccessToken:
{
authProvider = new DelegateAuthenticationProvider((requestMessage) => {
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer",
new NetworkCredential(string.Empty, GraphSession.Instance.UserProvidedToken).Password);
return(Task.CompletedTask);
});
break;
}
}
return(authProvider);
}
public void Initialize()
{
if (clientApp == null)
{
IsAuthenticated = false;
clientApp = PublicClientApplicationBuilder.Create(param.AzureADClientId)
.WithAuthority(param.AuthorityAudience)
.WithRedirectUri(param.PublicClientRedirectUri)
.WithIosKeychainSecurityGroup(param.IosKeychainSecurityGroups)
.WithParentActivityOrWindow(() => MainActivity?.Invoke() ?? UIParent?.Invoke())
.Build();
}
}
public MainWindow()
{
InitializeComponent();
app = PublicClientApplicationBuilder.Create(ClientId)
.WithAuthority(Authority)
.WithDefaultRedirectUri()
.Build();
httpClient = new HttpClient(new HttpClientHandler
{
AllowAutoRedirect = false
});
}
private static async Task FetchTokenAndCallGraphAsync(IPublicClientApplication pca, Task <AuthenticationResult> authTask)
{
await authTask.ConfigureAwait(false);
Console.BackgroundColor = ConsoleColor.DarkGreen;
Console.WriteLine("Token is {0}", authTask.Result.AccessToken);
Console.ResetColor();
Console.BackgroundColor = ConsoleColor.DarkMagenta;
await DisplayAccountsAsync(pca).ConfigureAwait(false);
Console.ResetColor();
}
public MainPage()
{
this.InitializeComponent();
_app = PublicClientApplicationBuilder
.Create(CLIENT_ID)
.WithTenantId(TENANT_ID)
.WithRedirectUri(REDIRECT_URI)
.WithUnoHelpers()
#if __IOS__
.WithIosKeychainSecurityGroup("86AC3CZ5DN.com.microsoft.adalcache")
#endif
.Build();
}
//gavdcodeend 01
//gavdcodebegin 02
static GraphServiceClient GetGraphClientDel(string TenantId, string ClientId)
{
IPublicClientApplication clientApplication = PublicClientApplicationBuilder
.Create(ClientId)
.WithTenantId(TenantId)
//.WithRedirectUri("http://localhost") // Only if redirect in the App Reg.
.Build();
UsernamePasswordProvider authenticationProvider =
new UsernamePasswordProvider(clientApplication);
GraphServiceClient graphClient = new GraphServiceClient(authenticationProvider);
return(graphClient);
}
public DeviceFlowAzureCredential(IOptions <AzureConfiguration> configuration, IEnumerable <string> scopes)
{
var configuration1 = configuration?.Value ?? throw new ArgumentNullException(nameof(configuration));
_scopes = scopes ?? throw new ArgumentNullException(nameof(scopes));
// Create the public client application (desktop app), with a default redirect URI
// for these. Enable PoP
_application = PublicClientApplicationBuilder.Create(configuration1.AppId)
.WithAuthority(AzureCloudInstance.AzurePublic, configuration1.Tenant)
.WithRedirectUri($"msal{configuration1.AppId}://auth")
.WithExperimentalFeatures() // Needed for PoP
.Build();
}
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
/// <summary>
/// Log the user in to either Office 365 or OneDrive consumer
/// </summary>
/// <returns>A task to await on</returns>
public async Task <bool> SignInUser(object parentWindow = null)
{
logger.LogInformation("Sign in");
var result = false;
// Instantiate the app with AAD
AADAppContext = PublicClientApplicationBuilder.Create(AADClientId)
.WithRedirectUri("http://localhost:7111")
.Build();
string status;
try
{
try
{
var accounts = await AADAppContext.GetAccountsAsync();
UserCredentials = await AADAppContext.AcquireTokenSilent(AADScopes, accounts.FirstOrDefault())
.ExecuteAsync();
}
catch (MsalUiRequiredException)
{
UserCredentials = await AADAppContext.AcquireTokenInteractive(AADScopes)
.WithAuthority(AzureCloudInstance.AzurePublic, Tenant)
.ExecuteAsync();
}
if (UserCredentials != null)
{
status = "Signed in as " + UserCredentials.Account.Username;
logger.LogInformation($"{status}");
InitializeGraph();
result = true;
}
}
catch (MsalServiceException serviceEx)
{
status = $"Could not sign in, error code: " + serviceEx.ErrorCode;
logger.LogError($"{status}, {serviceEx.Message}");
}
catch (Exception ex)
{
status = $"Error Acquiring Token: {ex}";
logger.LogError($"{status}, {ex.Message}");
}
return(result);
}
public WebStorageService(IIdentityService identityService = null)
{
this.identityService = identityService;
string appId = null;
GetApplicationId(ref appId);
if (appId != null)
{
var builder = PublicClientApplicationBuilder.Create(appId);
builder.WithRedirectUri("wafe5b8cee6-8ba0-46c5-96ef-a3c8a1e2bb26://auth");
identityService?.Build(builder);
publicClient = builder.Build();
}
}
/// <summary>
/// Constructs a new <see cref="DeviceCodeProvider"/>
/// </summary>
/// <param name="publicClientApplication">A <see cref="IPublicClientApplication"/> to pass to <see cref="DeviceCodeProvider"/> for authentication.</param>
/// <param name="scopes">Scopes required to access Microsoft graph.</param>
/// <param name="deviceCodeResultCallback">Callback containing information to show the user about how to authenticate and enter the device code.</param>
public DeviceCodeProvider(
IPublicClientApplication publicClientApplication,
string[] scopes,
Func <DeviceCodeResult, Task> deviceCodeResultCallback = null)
: base(scopes)
{
ClientApplication = publicClientApplication ?? throw new AuthenticationException(
new Error
{
Code = ErrorConstants.Codes.InvalidRequest,
Message = string.Format(ErrorConstants.Message.NullValue, "publicClientApplication")
});
DeviceCodeResultCallback = deviceCodeResultCallback ?? DefaultDeviceCallback;
}
/// <summary>
/// Tworzy klasę autentykacji z domyślnym Managerem Poświadczeń (Microsoft)
/// </summary>
public MicrosoftAuthentication()
{
mClientId = mConfigurationReader.Setting <string>("MicrosoftClientId");
mTokencacheHelper = new TokenCacheHelper();
this.mCredentialsManager = new CredentialsManager(AuthenticationProvider.Microsoft);
mClientApp = PublicClientApplicationBuilder.Create(mClientId)
.WithAuthority($"{mInstance}{mTenant}")
.WithDefaultRedirectUri()
.Build();
// Odpowiada za szybkie logowanie za pomoca cache tokena
mTokencacheHelper.EnableSerialization(mClientApp.UserTokenCache);
}
static string[] clientCapabilities = { "ProtApp" }; // It is must to have these capabilities
// private constructor for singleton
private PCAWrapper()
{
// Create PCA once. Make sure that all the config parameters below are passed
// ClientCapabilities - must have ProtApp
var builder = PublicClientApplicationBuilder
.Create(_clientID)
.WithAuthority(_authority)
.WithBroker()
.WithClientCapabilities(clientCapabilities)
.WithTenantId(_tenantID)
.WithRedirectUri(_redirectURI);
PCA = builder.Build();
}
public async Task NullAccount_EmptyLoginHintAsync()
{
IPublicClientApplication app = PublicClientApplicationBuilder
.Create(MsalTestConstants.ClientId)
.Build();
await AssertException.TaskThrowsAsync <ArgumentNullException>(
() => app.AcquireTokenSilent(MsalTestConstants.Scope.ToArray(), (string)null).ExecuteAsync()).ConfigureAwait(false);
var ex = await AssertException.TaskThrowsAsync <MsalUiRequiredException>(
() => app.AcquireTokenSilent(MsalTestConstants.Scope.ToArray(), (IAccount)null).ExecuteAsync()).ConfigureAwait(false);
Assert.AreEqual(MsalError.UserNullError, ex.ErrorCode);
}
public GraphAuthProvider(string clientId, string tenantId, string[] scopes)
{
_scopes = scopes;
var authority = "https://login.microsoftonline.com/" + tenantId;
_app = PublicClientApplicationBuilder
.Create(clientId)
.WithAuthority(authority)
.WithDefaultRedirectUri()
.Build();
TokenCacheHelper.EnableSerialization(_app.UserTokenCache);
}
/// <summary>
/// Tries to acquire an application Microsoft Graph Access Token for the provided scopes interactively by allowing the user to log in
/// </summary>
/// <param name="clientId">ClientId to use to acquire the token. Required.</param>
/// <param name="scopes">Array with scopes that should be requested access to. Required.</param>
/// <returns><see cref="GraphToken"/> instance with the token</returns>
public static GenericToken AcquireApplicationTokenInteractive(string clientId, string[] scopes, AzureEnvironment azureEnvironment)
{
var endPoint = GetAzureADLoginEndPoint(azureEnvironment);
if (string.IsNullOrEmpty(clientId))
{
throw new ArgumentNullException(nameof(clientId));
}
if (scopes == null || scopes.Length == 0)
{
throw new ArgumentNullException(nameof(scopes));
}
if (publicClientApplication == null)
{
publicClientApplication = PublicClientApplicationBuilder.Create(clientId).WithRedirectUri($"{endPoint}/common/oauth2/nativeclient").Build();
}
AuthenticationResult tokenResult = null;
var account = publicClientApplication.GetAccountsAsync().GetAwaiter().GetResult();
try
{
tokenResult = publicClientApplication.AcquireTokenSilent(scopes, account.First()).ExecuteAsync().GetAwaiter().GetResult();
}
catch
{
try
{
tokenResult = publicClientApplication.AcquireTokenInteractive(scopes).WithExtraScopesToConsent(new[] { "https://graph.microsoft.com/.default" }).ExecuteAsync().GetAwaiter().GetResult();
}
catch (MsalUiRequiredException msalEx)
{
if (msalEx.Classification == UiRequiredExceptionClassification.ConsentRequired)
{
if (clientId == PnPConnection.PnPManagementShellClientId)
{
throw new PSInvalidOperationException("Please provide consent to the PnP Management Shell application with 'Register-PnPManagementShellAccess'");
}
else
{
throw msalEx;
}
}
}
}
return(new GenericToken(tokenResult.AccessToken));
}
public MsalLoginAndGraph()
{
this.InitializeComponent();
_app = PublicClientApplicationBuilder
.Create(CLIENT_ID)
.WithTenantId(TENANT_ID)
.WithRedirectUri(REDIRECT_URI)
.WithUnoHelpers()
#if __IOS__
.WithIosKeychainSecurityGroup("com.companyname.SamplesApp")
#endif
.Build();
}
/// <summary>
/// Creates a new SharedTokenCacheCredential with the specifeid options, which will authenticate users with the specified application.
/// </summary>
/// <param name="clientId">The client id of the application to which the users will authenticate</param>
/// <param name="username">The username of the user to authenticate</param>
/// TODO: need to link to info on how the application has to be created to authenticate users, for multiple applications
/// <param name="options">The client options for the newly created SharedTokenCacheCredential</param>
public SharedTokenCacheCredential(string clientId, string username, SharedTokenCacheCredentialOptions options)
{
_clientId = clientId ?? throw new ArgumentNullException(nameof(clientId));
options ??= new SharedTokenCacheCredentialOptions();
_username = username;
HttpPipeline pipeline = HttpPipelineBuilder.Build(options);
_pubApp = PublicClientApplicationBuilder.Create(_clientId).WithHttpClientFactory(new HttpPipelineClientFactory(pipeline)).Build();
_cacheReader = new MsalCacheReader(_pubApp.UserTokenCache, options.CacheFilePath, options.CacheAccessRetryCount, options.CacheAccessRetryDelay);
}
/// <summary>
/// Apply this authenticator to the given authentication parameters.
/// </summary>
/// <param name="parameters">The complex object containing authentication specific information.</param>
/// <param name="promptAction">The action used to prompt for interaction.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>
/// An instance of <see cref="AuthenticationResult" /> that represents the access token generated as result of a successful authenication.
/// </returns>
public override async Task <AuthenticationResult> AuthenticateAsync(AuthenticationParameters parameters, Action <string> promptAction = null, CancellationToken cancellationToken = default)
{
IPublicClientApplication app = GetClient(parameters.Account, parameters.Environment).AsPublicClient();
IEnumerable <IAccount> accounts = await app.GetAccountsAsync().ConfigureAwait(false);
AuthenticationResult authResult = await app.AcquireTokenSilent(
parameters.Scopes,
accounts.FirstOrDefault(a => a.HomeAccountId.ObjectId.Equals(((SilentParameters)parameters).UserId)))
.ExecuteAsync(cancellationToken)
.ConfigureAwait(false);
return(authResult);
}
public Connector()
{
// Create Client Application and Authentication Provider
_clientApp = InteractiveAuthenticationProvider.CreateClientApplication(
_clientId,
new FileBasedTokenStorageProvider());
_clientApp.RedirectUri = "urn:ietf:wg:oauth:2.0:oob:myappname";
var authProvider = new InteractiveAuthenticationProvider(_clientApp, _scopes);
// Create GraphServiceClient with middleware pipeline setup
_graph = new GraphServiceClient(authProvider);
}
public void CreatePublicClient(string authority = null)
{
PublicClientApp = PublicClientApplicationBuilder
.Create(ClientId)
.WithAuthority(authority ?? "https://login.microsoftonline.com/organizations")
.WithRedirectUri("http://localhost:8400")
.WithLogging((level, message, pii) =>
{
Console.WriteLine(string.Format("[MSAL] {0}: {1}", level, message));
})
.Build();
RegisterCache(PublicClientApp);
}
/// <summary>
/// Creates an instance of the UsernamePasswordCredential with the details needed to authenticate against Azure Active Directory with a simple username
/// and password.
/// </summary>
/// <param name="username"></param>
/// <param name="password">The user account's user name, UPN.</param>
/// <param name="clientId">The client (application) ID of an App Registration in the tenant.</param>
/// <param name="tenantId">The Azure Active Directory tenant (directory) ID or name.</param>
/// <param name="options">The client options for the newly created UsernamePasswordCredential</param>
public UsernamePasswordCredential(string username, string password, string clientId, string tenantId, AzureCredentialOptions options)
{
_username = username ?? throw new ArgumentNullException(nameof(username));
_password = (password != null) ? password.ToSecureString() : throw new ArgumentNullException(nameof(password));
_options = options ?? new AzureCredentialOptions();
_pipeline = HttpPipelineBuilder.Build(_options);
_clientDiagnostics = new ClientDiagnostics(options);
_pubApp = PublicClientApplicationBuilder.Create(clientId).WithHttpClientFactory(new HttpPipelineClientFactory(_pipeline)).WithTenantId(tenantId).Build();
}
public async void Run(IBackgroundTaskInstance taskInstance)
{
BackgroundTaskDeferral deferral = taskInstance.GetDeferral();
Debug.WriteLine("Sync Backup started.");
ExecutingPlatform.Current = AppPlatform.UWP;
var settingsFacade = new SettingsFacade(new SettingsAdapter());
if (!settingsFacade.IsBackupAutouploadEnabled || !settingsFacade.IsLoggedInToBackupService)
{
return;
}
try
{
IPublicClientApplication pca = PublicClientApplicationBuilder
.Create(ServiceConstants.MSAL_APPLICATION_ID)
.WithRedirectUri($"msal{ServiceConstants.MSAL_APPLICATION_ID}://auth")
.Build();
var backupManager = new BackupManager(
new OneDriveService(pca),
new WindowsFileStore(),
new ConnectivityAdapter());
var backupService = new BackupService(backupManager, settingsFacade);
DateTime backupDate = await backupService.GetBackupDateAsync();
if (settingsFacade.LastDatabaseUpdate > backupDate)
{
return;
}
await backupService.RestoreBackupAsync();
}
catch (Exception ex)
{
Debug.WriteLine(ex);
Debug.WriteLine("Sync Backup failed.");
}
finally
{
settingsFacade.LastExecutionTimeStampSyncBackup = DateTime.Now;
Debug.WriteLine("Sync Backup finished.");
deferral.Complete();
}
}
private async Task <AuthenticationResult> RunAtsAsync(IPublicClientApplication pca)
{
string reqAuthority = pca.Authority;
string loginHint = GetLoginHint();
if (!string.IsNullOrEmpty(loginHint) && cbxAccount.SelectedIndex > 0)
{
throw new InvalidOperationException("[TEST APP FAILURE] Please use either the login hint or the account");
}
if (!string.IsNullOrEmpty(loginHint))
{
if (IsMsaPassthroughConfigured())
{
throw new InvalidAsynchronousStateException(
"[TEST APP FAILURE] Do not use login hint on AcquireTokenSilent for MSA-Passthrough. Use the IAccount overload.");
}
Log($"ATS with login hint: " + loginHint);
return(await pca.AcquireTokenSilent(GetScopes(), loginHint)
.ExecuteAsync()
.ConfigureAwait(false));
}
if (cbxAccount.SelectedItem != null &&
cbxAccount.SelectedItem != s_nullAccount)
{
var acc = (cbxAccount.SelectedItem as AccountModel).Account;
// Today, apps using MSA-PT must manually target the correct tenant
if (IsMsaPassthroughConfigured() && acc.HomeAccountId.TenantId == "9188040d-6c67-4c5b-b112-36a304b66dad")
{
reqAuthority = "https://login.microsoftonline.com/f8cdef31-a31e-4b4a-93e4-5f571e91255a";
}
Log($"ATS with IAccount for {acc?.Username ?? acc.HomeAccountId.ToString() ?? "null"}");
return(await pca.AcquireTokenSilent(GetScopes(), acc)
.WithAuthority(reqAuthority)
.ExecuteAsync()
.ConfigureAwait(false));
}
Log($"ATS with no account or login hint ... will fail with UiRequiredEx");
return(await pca.AcquireTokenSilent(GetScopes(), (IAccount)null)
.ExecuteAsync()
.ConfigureAwait(false));
}
/// <summary>
/// Implements token acquisition logic via the Microsoft Authentication Library.
///
/// /// </summary>
/// <param name="identity"></param>
/// <param name="authority"></param>
/// <param name="resource"></param>
/// <param name="claims"></param>
/// <returns></returns>
public async Task <AuthenticationResult> AcquireTokenAsync(string authority, string resource, string claims, bool isMultiTenantApp = true)
{
AuthenticationResult result = null;
// Create an auth context using the provided authority and token cache
if (isMultitenantApp)
{
_app = PublicClientApplicationBuilder.Create(appInfo.ApplicationId)
.WithAuthority(authority)
.WithDefaultRedirectUri()
.Build();
}
else
{
if (authority.ToLower().Contains("common"))
{
var authorityUri = new Uri(authority);
authority = String.Format("https://{0}/{1}", authorityUri.Host, tenant);
}
_app = PublicClientApplicationBuilder.Create(appInfo.ApplicationId)
.WithAuthority(authority)
.WithDefaultRedirectUri()
.Build();
}
var accounts = (_app.GetAccountsAsync()).GetAwaiter().GetResult();
// Append .default to the resource passed in to AcquireToken().
string[] scopes = new string[] { resource[resource.Length - 1].Equals('/') ? $"{resource}.default" : $"{resource}/.default" };
try
{
result = await _app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
.ExecuteAsync();
}
catch (MsalUiRequiredException)
{
result = _app.AcquireTokenInteractive(scopes)
.WithAccount(accounts.FirstOrDefault())
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync()
.ConfigureAwait(false)
.GetAwaiter()
.GetResult();
}
// Return the token. The token is sent to the resource.
return(result);
}
/// <summary>
/// Initializes a new instance of the <see cref="MsalProvider"/> class.
/// </summary>
/// <param name="client">Existing <see cref="IPublicClientApplication"/> instance.</param>
/// <param name="provider">Existing <see cref="IAuthenticationProvider"/> instance.</param>
/// <returns>A <see cref="Task"/> returning a <see cref="MsalProvider"/> instance.</returns>
public static async Task <MsalProvider> CreateAsync(IPublicClientApplication client, IAuthenticationProvider provider)
{
//// TODO: Check all config provided
var msal = new MsalProvider
{
Client = client,
Provider = provider,
Graph = new GraphServiceClient(provider)
};
await msal.TrySilentSignInAsync();
return(msal);
}
