private async System.Threading.Tasks.Task buttonAppConsent_ClickAsync(object sender, EventArgs e)
        {
            // Obtain admin consent for application (which will return an id token that we use to get other tokens)
            OAuthContext oAuthContext = InitOAuthContextFromFormValues();

            oAuthContext.appConsent   = true;
            oAuthContext.adminConsent = true; // This is implicit in app consent, but we'll set it anyway

            if (oAuthContext.cert == null)
            {
                // We MUST use certificate auth for application consent, so we fail here as we don't have one
                System.Windows.Forms.MessageBox.Show(this, "Certificate authentication is required for application authentication.", "Invalid Configuration", MessageBoxButtons.OK, MessageBoxIcon.Error);
                return;
            }

            FormGetUserPermission formGetPermission = new FormGetUserPermission(oAuthContext);

            if (formGetPermission.ShowDialog() == System.Windows.Forms.DialogResult.OK)
            {
                string code = formGetPermission.Token;
                // When we get our token, it will be cached in the TokenCache, so next time the silent calls will work

                ClientAssertionCertificate clientCert           = new ClientAssertionCertificate(oAuthContext.clientId, oAuthContext.cert);
                AuthenticationResult       authenticationResult = await _oAuthHelper.AuthenticationContext.AcquireTokenByAuthorizationCodeAsync(code, new Uri(oAuthContext.redirectUrl), clientCert);
            }
            return;
        }
Exemple #2
0
        public static async Task <AuthenticationResult> GetToken(OAuthContext oAuthContext)
        {
            // Get OAuth token using client credentials
            string tenantName = oAuthContext.tenantName;

            if (_authenticationContext == null)
            {
                _authenticationContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(oAuthContext.authUrl + "/" + tenantName, _tokenCache);
            }

            AuthenticationResult authenticationResult = null;

            if (oAuthContext.ObtainUserConsent)
            {
                // We need to get user consent

                FormGetUserPermission formGetPermission = new FormGetUserPermission(oAuthContext);
                if (formGetPermission.ShowDialog() == System.Windows.Forms.DialogResult.OK)
                {
                    string code = formGetPermission.Code;
                    // When we get our token, it will be cached in the TokenCache, so next time the silent calls will work
                    if (oAuthContext.cert == null)
                    {
                        ClientCredential clientCred = new ClientCredential(oAuthContext.clientId, oAuthContext.secretKey);
                        authenticationResult = await _authenticationContext.AcquireTokenByAuthorizationCodeAsync(code, new Uri(oAuthContext.redirectUrl), clientCred);
                    }
                    else
                    {
                        ClientAssertionCertificate clientCert = new ClientAssertionCertificate(oAuthContext.clientId, oAuthContext.cert);
                        authenticationResult = await _authenticationContext.AcquireTokenByAuthorizationCodeAsync(code, new Uri(oAuthContext.redirectUrl), clientCert);
                    }
                }
                return(authenticationResult);
            }

            if (oAuthContext.isNativeApplication)
            {
                if (oAuthContext.adminConsent)
                {
                    authenticationResult = await _authenticationContext.AcquireTokenAsync(oAuthContext.resource,
                                                                                          oAuthContext.clientId,
                                                                                          new Uri(oAuthContext.redirectUrl),
                                                                                          new PlatformParameters(PromptBehavior.Always),
                                                                                          UserIdentifier.AnyUser,
                                                                                          "prompt=admin_consent");
                }
                else
                {
                    authenticationResult = await _authenticationContext.AcquireTokenAsync(oAuthContext.resource, oAuthContext.clientId, new Uri(oAuthContext.redirectUrl), new PlatformParameters(PromptBehavior.Always));
                }
            }
            else
            {
                if (!String.IsNullOrEmpty(oAuthContext.userId))
                {
                    // We have the UserId for the mailbox we want to access, so we'll try to get a token silently (we should have a cached token)
                    try
                    {
                        if (oAuthContext.cert == null)
                        {
                            ClientCredential clientCred = new ClientCredential(oAuthContext.clientId, oAuthContext.secretKey);
                            authenticationResult = await _authenticationContext.AcquireTokenSilentAsync(oAuthContext.resource, clientCred, new UserIdentifier(oAuthContext.userId, UserIdentifierType.UniqueId));
                        }
                        else
                        {
                            ClientAssertionCertificate clientCert = new ClientAssertionCertificate(oAuthContext.clientId, oAuthContext.cert);
                            authenticationResult = await _authenticationContext.AcquireTokenSilentAsync(oAuthContext.resource, clientCert, new UserIdentifier(oAuthContext.userId, UserIdentifierType.UniqueId));
                        }
                        return(authenticationResult);
                    }
                    catch (Exception ex)
                    {
                        _lastError = ex;
                    }
                }
            }
            return(authenticationResult);
        }