public static void ForcePromptTest(Sts sts)
{
SetCredential(sts);
var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority);
AuthenticationResultProxy result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId);
VerifySuccessResult(sts, result);
AuthenticationContextProxy.SetCredentials(null, null);
AuthenticationResultProxy result2 = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto,
(sts.Type == StsType.ADFS) ? null : sts.ValidUserId);
VerifySuccessResult(sts, result2);
Verify.AreEqual(result2.AccessToken, result.AccessToken);
AuthenticationContextProxy.SetCredentials(sts.ValidUserName, sts.ValidPassword);
result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Always);
VerifySuccessResult(sts, result);
Verify.AreNotEqual(result2.AccessToken, result.AccessToken);
}
internal static async Task AcquireTokenByAuthorizationCodeWithCacheTest(Sts sts)
{
var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority);
AuthenticationContextProxy.SetCredentials(sts.ValidUserName, sts.ValidPassword);
string authorizationCode = context.AcquireAccessCode(sts.ValidResource, sts.ValidConfidentialClientId, sts.ValidRedirectUriForConfidentialClient, sts.ValidUserId);
EndBrowserDialogSession();
AuthenticationContextProxy.SetCredentials(sts.ValidUserName2, sts.ValidPassword2);
string authorizationCode2 = context.AcquireAccessCode(sts.ValidResource, sts.ValidConfidentialClientId, sts.ValidRedirectUriForConfidentialClient, sts.ValidRequiredUserId2);
var credential = new ClientCredential(sts.ValidConfidentialClientId, sts.ValidConfidentialClientSecret);
AuthenticationResultProxy result = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode, sts.ValidRedirectUriForConfidentialClient, credential);
AuthenticationContextProxy.Delay(2000);
AuthenticationResultProxy result2 = await context.AcquireTokenByAuthorizationCodeAsync(authorizationCode2, sts.ValidRedirectUriForConfidentialClient, credential);
VerifySuccessResult(sts, result, true, false);
VerifySuccessResult(sts, result2, true, false);
VerifyExpiresOnAreNotEqual(result, result2);
AuthenticationResultProxy result3 = await context.AcquireTokenSilentAsync(sts.ValidResource, credential, UserIdentifier.AnyUser);
VerifyErrorResult(result3, "multiple_matching_tokens_detected", null);
AuthenticationResultProxy result4 = await context.AcquireTokenSilentAsync(sts.ValidResource, credential, sts.ValidUserId);
AuthenticationResultProxy result5 = await context.AcquireTokenSilentAsync(sts.ValidResource, credential, sts.ValidRequiredUserId2);
VerifySuccessResult(sts, result4, true, false);
VerifySuccessResult(sts, result5, true, false);
VerifyExpiresOnAreEqual(result4, result);
VerifyExpiresOnAreEqual(result5, result2);
VerifyExpiresOnAreNotEqual(result4, result5);
}
public static void TenantlessTest(Sts sts)
{
SetCredential(sts);
var context = new AuthenticationContextProxy(sts.TenantlessAuthority, sts.ValidateAuthority);
AuthenticationResultProxy result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId);
VerifySuccessResult(sts, result);
Verify.IsNotNullOrEmptyString(result.TenantId);
AuthenticationContextProxy.SetCredentials(null, null);
AuthenticationResultProxy result2 = context.AcquireToken(
sts.ValidResource,
sts.ValidClientId,
sts.ValidDefaultRedirectUri,
PromptBehaviorProxy.Auto,
sts.ValidUserId);
ValidateAuthenticationResultsAreEqual(result, result2);
SetCredential(sts);
context = new AuthenticationContextProxy(sts.TenantlessAuthority.Replace("Common", result.TenantId), sts.ValidateAuthority, TokenCacheType.Null);
result2 = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId);
VerifySuccessResult(sts, result2);
}
private static void SetCredential(Sts sts)
{
AuthenticationContextProxy.SetCredentials(sts.Type == StsType.ADFS ? sts.ValidUserName : null, sts.ValidPassword);
}