/// <summary>
/// Redeems the refresh token for the provided service info to retrieve an authentication result.
/// </summary>
/// <param name="refreshToken">The code for retrieving the authentication token.</param>
/// <returns>The <see cref="IAuthenticationResult"/> returned for the resource.</returns>
public async Task <IAuthenticationResult> RedeemRefreshToken(string refreshToken)
{
IAuthenticationResult authenticationResult = null;
try
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenByRefreshTokenAsync(
refreshToken,
this.serviceInfo.AppId,
this.serviceInfo.ServiceResource);
}
catch (Exception exception)
{
AuthenticationExceptionHelper.HandleAuthenticationException(exception);
}
if (authenticationResult.Status != AuthenticationStatus.Success)
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = authenticationResult == null
? "An error occurred during Azure Active Directory authentication."
: string.Format("An error occurred during Azure Active Directory authentication. Error: {0}. Description: {1}",
authenticationResult.Error,
authenticationResult.ErrorDescription),
});
}
return(authenticationResult);
}
/// <summary>
/// Retrieves an authentication result for the specified resource.
/// </summary>
/// <param name="resource">The resource to authenticate.</param>
/// <returns>The <see cref="IAuthenticationResult"/> returned for the resource.</returns>
protected override async Task <IAuthenticationResult> AuthenticateResourceAsync(string resource)
{
IAuthenticationResult authenticationResult = null;
try
{
var adalServiceInfo = this.ServiceInfo as AdalServiceInfo;
// If we have a client certificate authenticate using it. Use client secret authentication if not.
if (adalServiceInfo != null && adalServiceInfo.ClientCertificate != null)
{
authenticationResult = await this.AuthenticateUsingCertificate(adalServiceInfo, resource);
}
else
{
authenticationResult = await this.AuthenticateUsingClientSecret(resource);
}
}
catch (Exception exception)
{
AuthenticationExceptionHelper.HandleAuthenticationException(exception);
}
if (authenticationResult == null)
{
AuthenticationExceptionHelper.HandleAuthenticationException(null);
}
return(authenticationResult);
}
/// <summary>
/// Retrieves an authentication result for the specified resource.
/// </summary>
/// <param name="resource">The resource to authenticate.</param>
/// <returns>The <see cref="IAuthenticationResult"/> returned for the resource.</returns>
protected override async Task <IAuthenticationResult> AuthenticateResourceAsync(string resource)
{
IAuthenticationResult authenticationResult = null;
var adalServiceInfo = this.ServiceInfo as AdalServiceInfo;
if (adalServiceInfo == null)
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "AdalAppOnlyServiceInfoProvider requires an AdalServiceInfo."
});
}
if (adalServiceInfo.ClientCertificate == null)
{
throw new OneDriveException(
new Error
{
Code = OneDriveErrorCode.AuthenticationFailure.ToString(),
Message = "Client certificate is required for app-only authentication."
});
}
var clientAssertionCertificate = new ClientAssertionCertificate(adalServiceInfo.AppId, adalServiceInfo.ClientCertificate);
try
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenAsync(resource, clientAssertionCertificate);
}
catch (Exception exception)
{
AuthenticationExceptionHelper.HandleAuthenticationException(exception);
}
if (authenticationResult == null)
{
AuthenticationExceptionHelper.HandleAuthenticationException(null);
}
return(authenticationResult);
}
/// <summary>
/// Redeems the refresh token for the provided service info to retrieve an authentication result.
/// </summary>
/// <param name="refreshToken">The code for retrieving the authentication token.</param>
/// <returns>The <see cref="IAuthenticationResult"/> returned for the resource.</returns>
public async Task <IAuthenticationResult> RedeemRefreshToken(string refreshToken)
{
IAuthenticationResult authenticationResult = null;
var adalServiceInfo = this.serviceInfo as AdalServiceInfo;
try
{
// If we have a client certificate authenticate using it. Use client secret authentication if not.
if (adalServiceInfo != null && adalServiceInfo.ClientCertificate != null)
{
authenticationResult = await this.AuthenticateUsingCertificate(adalServiceInfo, refreshToken);
}
else if (!string.IsNullOrEmpty(serviceInfo.ClientSecret))
{
authenticationResult = await this.AuthenticateUsingClientSecret(refreshToken);
}
else
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenByRefreshTokenAsync(
refreshToken,
this.serviceInfo.AppId,
this.serviceInfo.ServiceResource);
}
}
catch (Exception exception)
{
AuthenticationExceptionHelper.HandleAuthenticationException(exception);
}
if (authenticationResult == null)
{
AuthenticationExceptionHelper.HandleAuthenticationException(null);
}
return(authenticationResult);
}
protected override async Task <IAuthenticationResult> AuthenticateResourceAsync(string resource)
{
IAuthenticationResult authenticationResult = null;
var adalServiceInfo = this.ServiceInfo as AdalServiceInfo;
ClientAssertionCertificate clientAssertionCertificate = null;
ClientCredential clientCredential = this.GetClientCredentialForAuthentication();
var userIdentifier = this.GetUserIdentifierForAuthentication();
try
{
if (adalServiceInfo != null && adalServiceInfo.ClientCertificate != null)
{
clientAssertionCertificate = new ClientAssertionCertificate(this.serviceInfo.AppId, adalServiceInfo.ClientCertificate);
authenticationResult = await this.authenticationContextWrapper.AcquireTokenSilentAsync(resource, clientAssertionCertificate, userIdentifier);
}
else if (clientCredential != null)
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenSilentAsync(resource, clientCredential, userIdentifier);
}
else
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenSilentAsync(resource, this.serviceInfo.AppId);
}
}
catch (Exception)
{
// If an exception happens during silent authentication try interactive authentication.
}
if (authenticationResult != null)
{
return(authenticationResult);
}
try
{
var redirectUri = new Uri(this.ServiceInfo.ReturnUrl);
if (clientAssertionCertificate != null || clientCredential != null)
{
var webAuthenticationUi = this.serviceInfo.WebAuthenticationUi ?? new FormsWebAuthenticationUi();
var requestUri = new Uri(this.OAuthRequestStringBuilder.GetAuthorizationCodeRequestUrl());
var authenticationResponseValues = await webAuthenticationUi.AuthenticateAsync(
requestUri,
redirectUri);
OAuthErrorHandler.ThrowIfError(authenticationResponseValues);
string code;
if (authenticationResponseValues != null && authenticationResponseValues.TryGetValue("code", out code))
{
if (clientAssertionCertificate != null)
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenByAuthorizationCodeAsync(
code,
redirectUri,
clientAssertionCertificate,
resource);
}
else
{
authenticationResult = await this.authenticationContextWrapper.AcquireTokenByAuthorizationCodeAsync(
code,
redirectUri,
clientCredential,
resource);
}
}
}
else
{
authenticationResult = this.authenticationContextWrapper.AcquireToken(
resource,
this.ServiceInfo.AppId,
redirectUri,
PromptBehavior.Auto,
userIdentifier);
}
}
catch (Exception exception)
{
AuthenticationExceptionHelper.HandleAuthenticationException(exception);
}
if (authenticationResult == null)
{
AuthenticationExceptionHelper.HandleAuthenticationException(null);
}
return(authenticationResult);
}
