public static async Task InstanceDiscoveryTestAsync(Sts sts)
{
SetCredential(sts);
var context = new AuthenticationContextProxy(sts.Authority, sts.ValidateAuthority);
AuthenticationResultProxy result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId);
VerifySuccessResult(sts, result);
AuthenticationContextProxy.SetEnvironmentVariable("ExtraQueryParameter", string.Empty);
// PROD discovery endpoint knows about PPE as well, so this passes discovery and fails later as refresh token is invalid for PPE.
context = new AuthenticationContextProxy(sts.Authority.Replace("windows.net", "windows-ppe.net"), sts.ValidateAuthority);
result = await context.AcquireTokenByRefreshTokenAsync(result.RefreshToken, sts.ValidClientId, sts.ValidResource);
VerifyErrorResult(result, "invalid_grant", "Refresh Token");
try
{
context = new AuthenticationContextProxy(sts.Authority.Replace("windows.net", "windows.unknown"), sts.ValidateAuthority);
result = context.AcquireToken(sts.ValidResource, sts.ValidClientId, sts.ValidDefaultRedirectUri, PromptBehaviorProxy.Auto, sts.ValidUserId);
VerifyErrorResult(result, "authority_not_in_valid_list", "authority");
}
#if TEST_ADAL_WINPHONE_UNIT
catch (AdalServiceException ex)
{
Verify.AreNotEqual(sts.Type, StsType.ADFS);
Verify.AreEqual(ex.ErrorCode, Sts.AuthorityNotInValidList);
Verify.IsTrue(ex.Message.Contains("authority"));
}
#endif
finally
{
}
}
